Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement Authorization Model / Service #43

Closed
jgrandja opened this issue Apr 20, 2020 · 2 comments · Fixed by #71
Closed

Implement Authorization Model / Service #43

jgrandja opened this issue Apr 20, 2020 · 2 comments · Fixed by #71
Assignees
@krisztian-toth
Labels
type: enhancement A general enhancement
Milestone
0.0.1

Comments

@jgrandja
Copy link
Collaborator

jgrandja commented Apr 20, 2020
edited

An authorization server needs to maintain existing authorizations between a client and resource owner. For example, when a resource owner grants access to a client (to access its protected resources), the authorization server must persist certain data in order to validate the authorization grant flow until it completes.

For example, during an authorization_code grant flow, the authorization server must persist the following data:

  • Certain Authorization Request parameters - OAuth2AuthorizationRequest
  • The identifier of the client - client_id
  • The identifier of the resource owner - current Authentication.getName()
  • The authorization code parameter
  • The granted access token - OAuth2AccessToken

The initial implementation should provide an in-memory implementation of OAuth2AuthorizationService, similar to InMemoryOAuth2AuthorizedClientService in the spring-security-oauth2-client module.

Implementation Requirements

  • InMemoryOAuth2AuthorizationService should store in a Map
  • OAuth2Authorization should be immutable
  • OAuth2Authorization.attributes should be used for storing data that is specific to an authorization grant, eg. authorization code parameter, OAuth2AuthorizationRequest, etc.
  • javadoc class and public methods
  • Unit tests

Specification References

4.1. Authorization Code Grant
@jgrandja jgrandja changed the title Token Service Epic: Token Service Apr 20, 2020
@jgrandja jgrandja added the status: on-hold We can't start working on this issue yet label Apr 23, 2020
@jgrandja jgrandja changed the title Epic: Token Service Implement Authorization Model / Service Apr 24, 2020
@jgrandja jgrandja added this to the 0.0.1 milestone Apr 24, 2020
@jgrandja jgrandja added status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement and removed status: on-hold We can't start working on this issue yet labels Apr 24, 2020
@krisztian-toth
Copy link
Contributor

krisztian-toth commented Apr 26, 2020
edited

Hi @jgrandja, I would be happy to work on this issue.

I have a question though. How would we derive a org.springframework.security.oauth2.server.authorization.TokenType from an org.springframework.security.oauth2.server.authorization.OAuth2Authorization object? Shouldn't the TokenType be a field in OAuth2Authorization? Or do we have to examine the OAuth2Authorization object to find out the type of the token?

@jgrandja
Copy link
Collaborator Author

jgrandja commented Apr 26, 2020
edited

Thank you @watsta. The issue is yours.

Or do we have to examine the OAuth2Authorization object to find out the type of the token?

Yes, this is correct. The OAuth2AccessToken is a field in OAuth2Authorization and the authorization_code should be in OAuth2Authorization.attributes (see #66)

@jgrandja jgrandja removed the status: ideal-for-contribution An issue that we actively are looking for someone to help us with label Apr 26, 2020
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue Apr 26, 2020
@krisztian-toth
Add in-memory implementation for OAuth2AuthorizationService
fd37d5a 
Fixes spring-projectsgh-43
@krisztian-toth krisztian-toth mentioned this issue Apr 26, 2020
Merged
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue Apr 27, 2020
@krisztian-toth
Change OAuth2Authorization implementation details
6e628ff 
Fixes spring-projectsgh-43
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue Apr 27, 2020
@krisztian-toth
Add in-memory implementation for OAuth2AuthorizationService
fea0565 
Fixes spring-projectsgh-43
This was referenced Apr 27, 2020
Closed
Closed
Closed
Closed
Closed
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue Apr 30, 2020
@krisztian-toth
Provide in-memory implementation for OAuth2AuthorizationService
7d7d6d6 
Fixes spring-projectsgh-43
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue Apr 30, 2020
@krisztian-toth
Provide in-memory implementation for OAuth2AuthorizationService
6d0b247 
Fixes spring-projectsgh-43
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue May 1, 2020
@krisztian-toth
Update InMemoryOAuth2AuthorizationService to use List as its in-memor…
fd7ab91 
…y store

Fixes spring-projectsgh-43
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue May 1, 2020
@krisztian-toth
Add builder to OAuth2Authorization
9b748c4 
Fixes spring-projectsgh-43
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue May 1, 2020
@krisztian-toth
Update tests in InMemoryOAuth2AuthorizationServiceTest to conform to …
48cc835 
…standards

Fixes spring-projectsgh-43
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue May 7, 2020
@krisztian-toth
Provide in-memory implementation for OAuth2AuthorizationService
7a1e0b6 
Fixes spring-projectsgh-43
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue May 7, 2020
@krisztian-toth
Provide in-memory implementation for OAuth2AuthorizationService
fb93463 
Fixes spring-projectsgh-43
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue May 7, 2020
@krisztian-toth
Provide in-memory implementation for OAuth2AuthorizationService
437ad78 
Fixes spring-projectsgh-43
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue May 7, 2020
@krisztian-toth
Provide in-memory implementation for OAuth2AuthorizationService
a0adc51 
Fixes spring-projectsgh-43
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue May 7, 2020
@krisztian-toth
Provide in-memory implementation for OAuth2AuthorizationService
b5edf35 
Fixes spring-projectsgh-43
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue May 7, 2020
@krisztian-toth
Update InMemoryOAuth2AuthorizationService to use List as its in-memor…
76e8db9 
…y store

Fixes spring-projectsgh-43
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue May 7, 2020
@krisztian-toth
Add builder to OAuth2Authorization
2a4644a 
Fixes spring-projectsgh-43
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue May 7, 2020
@krisztian-toth
Update tests in InMemoryOAuth2AuthorizationServiceTest to conform to …
ffc76e2 
…standards

Fixes spring-projectsgh-43
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue May 7, 2020
@krisztian-toth
Provide in-memory implementation for OAuth2AuthorizationService
20529dd 
Fixes spring-projectsgh-43
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue May 7, 2020
@krisztian-toth
Provide in-memory implementation for OAuth2AuthorizationService
aef346f 
Fixes spring-projectsgh-43
krisztian-toth added a commit to krisztian-toth/spring-authorization-server that referenced this issue May 7, 2020
@krisztian-toth
Provide in-memory implementation for OAuth2AuthorizationService
a243904 
Fixes spring-projectsgh-43
jgrandja added a commit that referenced this issue May 21, 2020
@jgrandja
Add OAuth2AuthorizationAttributeNames
cf70ddb 
Issue gh-43
jgrandja added a commit that referenced this issue Nov 4, 2020
@jgrandja
Update javadoc InMemoryOAuth2AuthorizationService
06bf391 
Issue gh-43
doba16 pushed a commit to doba16/spring-authorization-server that referenced this issue Apr 21, 2023
@krisztian-toth
Provide in-memory implementation for OAuth2AuthorizationService
000a1b4 
Fixes spring-projectsgh-43
doba16 pushed a commit to doba16/spring-authorization-server that referenced this issue Apr 21, 2023
@jgrandja
Add OAuth2AuthorizationAttributeNames
a865ae1 
Issue spring-projectsgh-43
doba16 pushed a commit to doba16/spring-authorization-server that referenced this issue Apr 21, 2023
@jgrandja
Update javadoc InMemoryOAuth2AuthorizationService
fe040af 
Issue spring-projectsgh-43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@krisztian-toth krisztian-toth

Labels
type: enhancement A general enhancement
Projects
None yet
Milestone
0.0.1
3 participants
@jgrandja @krisztian-toth @spring-contributor