oltu-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lumus Sensus <lumus.sen...@gmail.com>
Subject Oltu - getting started
Date Mon, 18 Nov 2013 12:25:32 GMT

I am very interested in using this project for oauth, intially using the
authorization code grant and client credentials flows.

However, I'm a bit stuck on what exactly this project can do and am hoping
that someone can help.

I have some specific queries if anyone can answer any of them please:

1) Does the code provide an authorization server that authenticates the
resource owner? From what I can tell, there is an assumption that the RO
has already been authenticated and has an active session. Is there is also
an assumption that the AS is the same server as the resource server? If
this is the case, does the project provide any means to validate the access
token either on the RS or the RS making a call to the AS with the token (as
many oauth2 solutions are doing with a userinfo endpoint from OIDC)?

2) How is this project deployed? Is the parent project exported as a
library containing the sub-projects or does one build and deploy each
separate project depending on their needs? Any detail would be appreciated.

3) What in the project is stub code that needs to be completed and is there
guidance on how this might be done in the context of the API?

4) General guidance on what is provided and what is missing or intended to
be provided by the consumer of this project.

5) How does this project differ to the Spring OAuth2 framework?

I appreciate there are a lot of questions here, I can only offer that I
would be willing to update the documentation in way of thanks if I make
some progress.


View raw message