oltu-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tiburtius, Ashwanth [IWD]" <Ashwanth.Tiburt...@iwd.iowa.gov>
Subject Force re-authentication
Date Tue, 21 Apr 2015 21:07:16 GMT
Hi all,

I m using Apache Oltu as OAuth library to authenticate users against Google, Yahoo and Microsoft.
It has worked great. Within my application I need to ask the user to re-authenticate themselves
before accessing certain pages. This is what I have found so far on this topic.

Google - lets you revoke access token using "https://accounts.google.com/o/oauth2/revoke?token=".
But this doesn't force re-authentication by password entry but displays only the consent screen
again.
Yahoo - has no support for this. We have to log the user out using something like https://login.yahoo.com/config/login?logout=1.
Microsoft - has url "https://login.live.com/oauth20_logout.srf?client_id=CLIENT_ID&redirect_url=REDIRECT_URL"
to support this behavior. I am in the process of testing it.

Does Oltu have any apis related to this functionality? Has any open tried to implement this?
Any help is much appreciated. Thank you.

Regards,
Jude.


Mime
View raw message