You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2019/09/28 07:24:00 UTC

[jira] [Work logged] (CXF-8121) Improve STS REST interface

     [ https://issues.apache.org/jira/browse/CXF-8121?focusedWorklogId=319974&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-319974 ]

ASF GitHub Bot logged work on CXF-8121:
---------------------------------------

                Author: ASF GitHub Bot
            Created on: 28/Sep/19 07:23
            Start Date: 28/Sep/19 07:23
    Worklog Time Spent: 10m 
      Work Description: dtsybulka commented on pull request #580: CXF-8121 Improve STS REST interface
URL: https://github.com/apache/cxf/pull/580
 
 
   
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


Issue Time Tracking
-------------------

            Worklog Id:     (was: 319974)
    Remaining Estimate: 0h
            Time Spent: 10m

> Improve STS REST interface
> --------------------------
>
>                 Key: CXF-8121
>                 URL: https://issues.apache.org/jira/browse/CXF-8121
>             Project: CXF
>          Issue Type: Improvement
>          Components: STS
>    Affects Versions: 3.2.4
>            Reporter: Dmitry
>            Priority: Major
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> I propose to improve STS REST interface in following points:
> 1. It is not possible to change path of the REST interface and could be issue with defining realm name 
> In current implementation realm name is not defined implicitly as path parameter in @Path annotation, but usually calculated from URI in implementation of RealmParser. In our situation implementation of RealmParser work good for SOAP STS interface, but did not work for current REST implementation. 
> Of course, it could be addapted again for REST case, but it looks more like workaround then a clean solution. It is more relaible to define all necessary path and query parameters in the interface then relay that somewhere inside STS it will be parsed properly.
> 2. There is no any flexibility with custom functionality
> We decided to provide endpoint that provide public key for verification "/jwk/keys", similar as Fediz OIDC provides. With current implementation I would need to create new jaxrs server, define similar configuration, etc.
> 3. There is no OpenAPI documentation
> It is necessary to add the documentation to new interface.
> I propose to provide the improvements as new module 'sts-rest' that will use 'sts-core' as dependency.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)