You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@fineract.apache.org by "Michael Vorburger (Jira)" <ji...@apache.org> on 2020/09/10 20:54:00 UTC
[jira] [Comment Edited] (FINERACT-1145) OAuth Support documentation
is missing
[ https://issues.apache.org/jira/browse/FINERACT-1145?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17193849#comment-17193849 ]
Michael Vorburger edited comment on FINERACT-1145 at 9/10/20, 8:53 PM:
-----------------------------------------------------------------------
So on [https://demo.fineract.dev/fineract-provider/api-docs/apiLive.htm] there is a link to [https://github.com/openMF/mifosx/wiki/Launching-platform-server-locally-from-the-command-line#choosing-authentication-mechanism] that mentions {{-Psecurity=oauth}}.
On [https://demo.fineract.dev/fineract-provider/api-docs/apiLive.htm#authentication_oauth] there's also a JavaScript example, and this actually seems to work:
{code:sh}
$ ./gradlew bootRun -Psecurity=oauth
$ curl --insecure --location --request POST 'https://localhost:8443/fineract-provider/api/oauth/token?username=mifos&password=password&client_id=community-app&grant_type=password&client_secret=123' --header 'Fineract-Platform-TenantId: default'{code}
returns:
{code:json}
{"access_token":"Pxb0mJ-u69NRqiu837biXqhZyx4","token_type":"bearer","refresh_token":"iNZEsSN8jvS-pBpk5zzU5akQHpo","expires_in":3410,"scope":"all"}{code}
What does one now do with this?
PS: Invoking {{/fineract-provider/api/oauth/token}} without {{{{-Psecurity=oauth}}}} causes FINERACT-1146.
was (Author: vorburger):
So on [https://demo.fineract.dev/fineract-provider/api-docs/apiLive.htm] there is a link to [https://github.com/openMF/mifosx/wiki/Launching-platform-server-locally-from-the-command-line#choosing-authentication-mechanism] that mentions {{-Psecurity=oauth}}.
On [https://demo.fineract.dev/fineract-provider/api-docs/apiLive.htm#authentication_oauth] there's also a JavaScript example, and this actually seems to work:
{code:sh}
$ ./gradlew bootRun -Psecurity=oauth}}
$ curl --insecure --location --request POST 'https://localhost:8443/fineract-provider/api/oauth/token?username=mifos&password=password&client_id=community-app&grant_type=password&client_secret=123' --header 'Fineract-Platform-TenantId: default'{code}
returns:
{code:json}
{"access_token":"Pxb0mJ-u69NRqiu837biXqhZyx4","token_type":"bearer","refresh_token":"iNZEsSN8jvS-pBpk5zzU5akQHpo","expires_in":3410,"scope":"all"}{code}
What does one now do with this?
PS: Invoking {{/fineract-provider/api/oauth/token}} without {{{{-Psecurity=oauth}}}} causes FINERACT-1146.
> OAuth Support documentation is missing
> ---------------------------------------
>
> Key: FINERACT-1145
> URL: https://issues.apache.org/jira/browse/FINERACT-1145
> Project: Apache Fineract
> Issue Type: Bug
> Components: Security
> Reporter: Michael Vorburger
> Priority: Major
> Fix For: 1.5.0
>
>
> We have a number of open issues related to apparent OAuth support in Fineract.
> There is 0 documentation available on the Apache Fineract project [Git repo|https://github.com/apache/fineract/search?q=oauth&unscoped_q=oauth] or [Wiki|https://cwiki.apache.org/confluence/dosearchsite.action?cql=siteSearch+~+%22oauth%22+and+space+%3D+%22FINERACT%22+and+type+in+(%22space%22%2C%22user%22%2C%22page%22%2C%22blogpost%22%2C%22attachment%22%2C%22com.atlassian.confluence.plugins.confluence-mail-archiving%3Amail%22)&queryString=oauth]. (One can "deduct" that it can be activated by {{{color:#222222}_-Psecurity=oauth_{color}}} at build - but then what?)
> IMHO it would be valuable both for end users deployment, integrators and new and old contributors to the project to have this feature documented.
> So the goal of this issue is to have comprehensive documentation about Fineract's OAuth support in [https://github.com/apache/fineract/tree/develop/docs/deployment/security.md].
> This feature may be (apparently?) actually currently be broken on the develop branch as of today (and in 1.4.0), see FINERACT-1144, but that shouldn't someone from contribution documentation of how it should work. That documentation should be able to be followed e.g. on 1.2.0 or 1.3.0 (but I think that's broken due to FINERACT-755, so build 1.3.1 from git).
> [~saransh] or [~aleks] or [~avikganguly010] or [~josenavarro] would any of you like to contribute such documentation to this wonderful project?
> PS: Once there is documentation, someone could then build an IT - that's unlocking FINERACT-1143.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)