You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Sergey Beryozkin (JIRA)" <ji...@apache.org> on 2014/02/12 12:16:20 UTC
[jira] [Created] (CXF-5557) Convert MacAccessToken to
HawkAccessToken
Sergey Beryozkin created CXF-5557:
-------------------------------------
Summary: Convert MacAccessToken to HawkAccessToken
Key: CXF-5557
URL: https://issues.apache.org/jira/browse/CXF-5557
Project: CXF
Issue Type: Improvement
Components: JAX-RS, JAX-RS Security
Reporter: Sergey Beryozkin
Assignee: Sergey Beryozkin
Fix For: 3.0.0-milestone2
CXF OAuth2 module implements the following draft:
https://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token-05
which has been replaced, in scope of OAuth2, by
http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-05
which takes a different approach toward it; the CXF MacAccessToken is kind of suspended in the air - dropping it does seem like a good idea while the new OAuth2 effort is still under way.
https://github.com/hueniverse/hawk/blob/master/README.md
is the evolution of
https://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token-05
and as it happens CXF MacAuthorizationScheme implements Hawk one too one, except for it does not support new Hawk extensions, and the optional in/out payload validation.
Supporting Hawk is a better alternative to seeing CXF MacAccessToken getting out of use.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)