You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@shindig.apache.org by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org> on 2012/04/09 22:03:19 UTC
[jira] [Commented] (SHINDIG-1731) Shared OAuth2Client Option
[ https://issues.apache.org/jira/browse/SHINDIG-1731?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13250117#comment-13250117 ]
jiraposter@reviews.apache.org commented on SHINDIG-1731:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/4291/
-----------------------------------------------------------
(Updated 2012-04-09 20:02:38.850154)
Review request for shindig, Ryan Baxter and li xu.
Changes
-------
Fixes problem with '*' being too generic.
Summary
-------
Allows multiple gadgets to share a token by binding to an OAuth2Client with sharedToken=true
This addresses bug SHINDIG-1731.
https://issues.apache.org/jira/browse/SHINDIG-1731
Diffs (updated)
-----
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2Store.java 1311391
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2Message.java 1311391
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/persistence/OAuth2Client.java 1311391
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/persistence/sample/JSONOAuth2Persister.java 1311391
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/persistence/OAuth2ClientTest.java 1311391
Diff: https://reviews.apache.org/r/4291/diff
Testing
-------
All test cases pass.
Thanks,
Adam
> Shared OAuth2Client Option
> --------------------------
>
> Key: SHINDIG-1731
> URL: https://issues.apache.org/jira/browse/SHINDIG-1731
> Project: Shindig
> Issue Type: Improvement
> Components: Java
> Affects Versions: 2.5.0-beta1
> Reporter: Adam Clarke
> Attachments: 1731_20120312.patch, 1731_20120409.patch
>
>
> Currently the OAuth2 Consumer stores access/refresh tokens per gadget, per user.
> I have received comments that it would be convenient to allow a set of Gadgets to share a tokens per user. Improving the user experience for a group of OAuth2 dependent gadgets by not triggering additional opt-ins.
> Technically this is possible to implement with a custom OAuth2Store or OAuth2Persister but it would be nice to formalize it in shindig and the sample persistence plugin.
> When an administrator creates an OAuth2Client they can specify that the client is shared.
> "shindig_client1" : {
> "providerName" : "shindigOAuth2Provider",
> "type" : "confidential",
> "grant_type" : "code",
> "client_id" : "shindigClient",
> "client_secret" : "U78KJM98372AMGL87612993M",
> "sharedToken" : "true"
> },
> (If the value is not specified the default will be "false", keeping the current behavior.)
> In this case any gadget bound to the "shindig_client1" client will use the same access/refresh token for the user.
> Administrators should take extra care when binding sharedToken clients.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira