syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dima Ayash <dima.ay...@tirasa.net>
Subject Re: SYNCOPE-1270 : OpenID Connect client feature
Date Tue, 03 Apr 2018 11:01:33 GMT
Dear, 

Thank you for your interest.
The work has been done until now regarding this feature is:
•The authorization code flow is the flow that is used for and "Google" as an example for
the OpenID Provider.
•To configure the OpenID Provider metadata to apply this flow, there are two ways depends
on what the OpenID Provider supports, in case of supporting the Discovery  Document, requesting
this document and process the response and stored the required values otherwise the user needs
to insert these values. 
•The work used CXF OIDC dependency, and took benefits from the structure of SAML2.0 feature.
•The work is still under progress, the core and the logic of the flow is done and tested,
the user can have a session by logging successfully to his account in "Google" and by having
a user in Apache Syncope.

I would really appreciate questions for more details and also more suggestions to enhance
this work.

Thank you in advance and best regards,
Dima Ayash.  


----- Original Message -----
From: "Dima Ayash" <dima.ayash@tirasa.net>
To: dev@syncope.apache.org
Sent: Tuesday, April 3, 2018 12:56:02 PM
Subject: Re: SYNCOPE-1270 : OpenID Connect client feature

Dear, 

Thank you for your interest.
The work has been done until now regarding this feature is:
The authorization code flow is the flow that is used for and "Google" as an example for the
OpenID Provider.
To configure the OpenID Provider metadata to apply this flow, there are two ways depends on
what the OpenID Provider supports, in case of supporting the Discovery  Document, requesting
this document and process the response and stored the required values otherwise the user needs
to insert this value. 
The work used CXF OIDC dependency, and took benefits from the structure of SAML2.0 feature.
The work is still under progress, the core and the logic of the flow is done and tested, the
user can have a session by logging successfully to his account in Google and by having a user
in Apache Syncope.


----- Original Message -----
From: "Francesco Chicchiriccò" <ilgrosso@apache.org>
To: dev@syncope.apache.org
Sent: Tuesday, April 3, 2018 8:54:00 AM
Subject: Re: SYNCOPE-1270 : OpenID Connect client feature

On 03/04/2018 06:39, Isuranga Perera wrote:
> Hi All,
>
> I would like to contribute $subject. I have contributed to WSO2 Identity
> server and have worked with OpenID Connect and its profiles. Appreciate if
> someone can provide me guidance throughout this feature.
>
> Best Regards
> Isuranga Perera

Dear Isuranga,
thanks for your interest in Apache Syncope.

As far as we know, there is already someone at work on the topic: see

https://lists.apache.org/thread.html/d36e9354a4a638c7afc76a3e6d69aaf24d7c4e2c6a377e2ccfefcabe@%3Cdev.syncope.apache.org%3E

Maybe you can pick one of the other feature requests from JIRA, or 
propose a new one.

@Dima: could it be possible to provide a status update about your work 
there?

Regards.

-- 
Francesco Chicchiriccò

Tirasa - Open Source Excellence
http://www.tirasa.net/

Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/

Mime
View raw message