Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure API Authentication and concrete5 External Authentication is Built on OIDC #6729

Closed
aembler opened this issue Jun 6, 2018 · 1 comment
Closed

Ensure API Authentication and concrete5 External Authentication is Built on OIDC #6729

aembler opened this issue Jun 6, 2018 · 1 comment
Labels
Status:Available Reviewed issue, it’s real, we’d review a pull request.
Milestone
9.0.0

Comments

@aembler
Copy link
Member

aembler commented Jun 6, 2018

https://security.stackexchange.com/questions/37818/why-use-openid-connect-instead-of-plain-oauth2

OpenID Connect is an identity layer on top of the OAuth 2.0 protocol. In the identity / authentication industry, it is now the standard allowing easy plug/play implementation.

https://openid.net/specs/openid-connect-core-1_0.html (specification)
http://openid.net/certification/ (test suite is on this site)

There appear to be existing OIDC libraries in packagist that we should try to use if possible.
@aembler aembler added Status:Available Reviewed issue, it’s real, we’d review a pull request. priority:must have labels Jun 6, 2018
@aembler aembler added this to the 9.0.0 milestone Jun 6, 2018
@aembler
Copy link
Member Author

aembler commented Oct 10, 2019

This is currently the case in 8.5.

@aembler aembler closed this as completed Oct 10, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Status:Available Reviewed issue, it’s real, we’d review a pull request.
Projects
None yet
Milestone
9.0.0
Development

No branches or pull requests
1 participant
@aembler