-
Notifications
You must be signed in to change notification settings - Fork 47
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enhance Secret Service Authorization Capabilities #1213
Comments
Additionally while looking at Amazon's OAuth2 authentication https://github.com/amzn/selling-partner-api-docs/blob/main/guides/en-US/developer-guide/SellingPartnerApiDeveloperGuide.md#step-3-amazon-sends-you-the-authorization-information it looks like it varies slightly from what's currently available. To make it work there are some slight adjustments to be made configurable.
|
@winklerj It's always fun when every application decides to deviate from the standards, even when they are officially just proposed... The spec says that only I think the first bullet point would be fairly easy to implement. Regarding the second, I'm not sure what we are then expected to do with unrecognized parameters. Where would we save them, and how would we work with them afterwards? Based on the names, I am guessing that the |
@weberjm I agree what Amazon has isn't standard, but I guess you can throw your weight around when you own a large chunk of the market. For the second one solution I had was appending the additional parameters to the success url. I realize this could open an application to all kinds of additional parameters being sent on the success URL. So, maybe as part of the auth client config you would specify which parameters are allowed to be forwarded to the successUrl? I'm not as concerned about the Shopify values being stored and having the secret service validate the HMAC. Those are temporary values whereas the Amazon parameters are meant to be reused later. If they are forwarded on to the successUrl the external application can handle validation or storing of additional parameters. It would be a nice to have to store the additional parameters (which were specified as allowed by the auth client config) instead of just appending them to the successUrl |
I noticed the secret service README.md and unit tests reference a mappings object, but there is nothing that implements logic for handling mappings. Possibly this was intended to serve my first bullet above. Readme section: https://github.com/openintegrationhub/openintegrationhub/tree/master/services/secret-service#auth-clients |
I see that in the secret service when we handle the callback, it would be useful if we could configure the properties that we get from the authorize endpoint. For example, in case of slack, See the alternate response , the access token comes in a wrap object inside "authed_user" property. In our framework, we just try to get the token from the access_token root level property. |
we will divide this issue in sub-issues (@russojrv) |
The open topics from this "epic" all have their own issues which will now be worked separately. This issue will now be closed in favor of the separate issues. |
As an integration user or component developer, I want to be able to handle standard authorization flows without requiring custom code development. To enable this, the Secret Service should be expanded to handle more flows, in addition to its already available OAuth flows.
Tasks (including maintenance):
The text was updated successfully, but these errors were encountered: