You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@shindig.apache.org by "Adam Clarke (JIRA)" <ji...@apache.org> on 2012/05/01 15:15:48 UTC

[jira] [Closed] (SHINDIG-1731) Shared OAuth2Client Option

     [ https://issues.apache.org/jira/browse/SHINDIG-1731?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Adam Clarke closed SHINDIG-1731.
--------------------------------

    
> Shared OAuth2Client Option
> --------------------------
>
>                 Key: SHINDIG-1731
>                 URL: https://issues.apache.org/jira/browse/SHINDIG-1731
>             Project: Shindig
>          Issue Type: Improvement
>          Components: Java
>    Affects Versions: 2.5.0-beta1
>            Reporter: Adam Clarke
>             Fix For: 2.5.0
>
>         Attachments: 1731_20120312.patch, 1731_20120409.patch
>
>
> Currently the OAuth2 Consumer stores access/refresh tokens per gadget, per user.
> I have received comments that it would be convenient to allow a set of Gadgets to share a tokens per user.  Improving the user experience for a group of OAuth2 dependent gadgets by not triggering additional opt-ins.
> Technically this is possible to implement with a custom OAuth2Store or OAuth2Persister but it would be nice to formalize it in shindig and the sample persistence plugin.
> When an administrator creates an OAuth2Client they can specify that the client is shared.
>       "shindig_client1" : {
>          "providerName"  : "shindigOAuth2Provider",
>          "type"          : "confidential",
>          "grant_type"    : "code",
>          "client_id"     : "shindigClient",
>          "client_secret" : "U78KJM98372AMGL87612993M",
>          "sharedToken" : "true"
>       },
> (If the value is not specified the default will be "false", keeping the current behavior.)
> In this case any gadget bound to the "shindig_client1" client will use the same access/refresh token for the user.
> Administrators should take extra care when binding sharedToken clients.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira