Announcement Announcement Module
Collapse
No announcement yet.
Client credentials flow and assertion flow Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Client credentials flow and assertion flow

    Are OAuth20 client credentials flow and assertion flow supported ? See section 3.9 and 3.10 http://tools.ietf.org/html/draft-iet...05#section-3.6.

    In the user guide - http://spring-security-oauth.codehaus.org/oauth2.html the new location link is broken.
    If it is supported, can you point me to documentation/sample code for the flows. If not, are there any plans of supporting these flows in the near future ?

    thanks

  • #2
    That's an old version of the spec, so "flow" is now "grant type" I think. Spring Security OAuth already supports client_credentials grants on the provider side and sparklr2 has an example client registered, which it uses in its integration tests. There is no consumer side support right now, but I'm not really sure what that would look like. if you have any ideas please discuss them here or raise tickets in JIRA.

    I assume that the old assertion flow has now become SAML assertions grant type (http://tools.ietf.org/html/draft-iet...h-saml2-bearer). There is no JIRA ticket open, but I imagine it will be on the roadmap at some point. If it is urgent for you, maybe you could write some code and send a pull request.

    The project no longer lives at codehaus. Check out the code and docs on http://github.com/SpringSource/spring-security-oauth
    Last edited by Dave Syer; Oct 25th, 2011, 09:12 AM. Reason: added githib link

    Comment

    Working...
    X