-
Notifications
You must be signed in to change notification settings - Fork 225
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for OpenID Connect authorisation #250
Comments
Thanks for the explainer. It's very helpful. |
Unless you want to help :) |
I'll pull down the source and have a look - given it is generally extending OAuth2 behaviour I should be able to work it out without too much grief (he says hopefully...) You okay if I email you direct with any questions? Or do you have a prefered chat handle? |
Okay, it's in Node, not Java - a bit more effort required... |
You can contact me at my github username @gmail.com. I'll be happy to help. |
Sorry for the long time waiting to take care of this but it was rather complex change. |
Signed-off-by: Pawel Psztyc <jarrodek@gmail.com>
Is your feature request related to a problem? Please describe.
ARC has no built in mechanism to automatically authorise via an OpenID Connect id token. OpenID Connect is a layer on top of OAuth2.0 implemented by a number of common public auth providers. In addition to the standard OAuth2 access and renew tokens it also returns an id token. In some situations it is desirable to use the id token rather than the access token as the subsequent request bearer token.
Describe the solution you'd like
Add the following to the AUTHORIZATION tab:
<<issuer-uri>>/.well-known/openid-configuration
(as most providers implement Discovery) and where possible pre-populate the other URIs from the retrieved JSON config.<<when>>
where<<when>>
is derived from the response stated issue and expiry info. [Optionally] change the label to Expired tokens when the time has lapsed.Additional context
This feature request stems from #245.
The text was updated successfully, but these errors were encountered: