Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create a ClientCredentialsFlow class #93

Open
wonderfly opened this issue Jan 9, 2015 · 2 comments
Open

Create a ClientCredentialsFlow class #93

wonderfly opened this issue Jan 9, 2015 · 2 comments
Labels
type: feature request ‘Nice-to-have’ improvement, new feature or different behavior or design.

Comments

@wonderfly
Copy link
Contributor

From sh...@knewton.com on May 06, 2014 13:07:20

I have created a class ClientCredentialsFlow, which functions like AuthorizationCodeFlow, but for client credentials. Although the steps needed with authorization code are much more complicated, it is still useful to have a Flow class for client credentials authentication:

  • Support for credentialStore and/or credentialDataStore
  • A single authorize() call which checks the store, gets the token request, and generates a Credential
  • Setting refresh listeners (although most client credentials implementations don't support a refresh token)

I copied much of the code from AuthorizationCodeFlow, as well as a few bits from AuthorizationCodeInstalledApp.authorize()

I have a clone shawn-google-oauth-java-client which contains the code. The commit is at https://code.google.com/r/shawn-google-oauth-java-client/source/detail?r=638eeedd237134ab1665c54992bbbbfb938791fc

Original issue: http://code.google.com/p/google-oauth-java-client/issues/detail?id=93
@wonderfly wonderfly added type: feature request ‘Nice-to-have’ improvement, new feature or different behavior or design. imported priority: p1 Important issue which blocks shipping the next release. Will be fixed prior to next release. labels Jan 9, 2015
@wonderfly wonderfly self-assigned this Jan 9, 2015
@wonderfly wonderfly removed their assignment May 20, 2016
@mattwhisenhunt mattwhisenhunt removed the priority: p1 Important issue which blocks shipping the next release. Will be fixed prior to next release. label Jan 8, 2018
@JustinBeckwith JustinBeckwith added 🚨 This issue needs some love. and removed 2–5 stars labels Jun 8, 2018
@JustinBeckwith JustinBeckwith removed the 🚨 This issue needs some love. label Jun 25, 2018
@ghost
Copy link

ghost commented Jul 19, 2018
edited by ghost
Loading

Hello,

Is there still a way to get our hands on the changes? Was it working fine enough for production use even if it had not made it’s way in the repo? I have not found the changes in Wonderfly repo clone but maybe I’m not looking at the right place?

I have been tasked to in integrate a oauth2 protected rest service in another Spring MVC proxy service and it does look more complex than I tought at first.

I have done some testing with google client and Spring oauth security and it looks like the handling of concurrency and token refresh has some problems on Spring side (or not implemented?).

Google client looked fine until I realised that client credential flow was not offered. I tought that it could be implemented but I’m missing experience / perspective to be able to evaluate the work that need to be done even if I have a better feeling and understanding after reading alot of docs and samples and trying to connect things together.

Would gladly use any exemple of an implementation or any pointer of other viable alternatives.

Eric

@ghost
Copy link

ghost commented Jul 23, 2018

I was able to figure it out...

The simplest solution for me was to duplicate 2 existing classes and adjust them (mostly removing code).

I have created ClientCredentialFlow.java from existing flow and AuthorisationCodeService.java from AuthorizationCodeInstalledApp.java.

There would be a need to think it again to preserve compatibility while preventing uneeded duplication.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type: feature request ‘Nice-to-have’ improvement, new feature or different behavior or design.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@JustinBeckwith @mattwhisenhunt @wonderfly