[prev in list] [next in list] [prev in thread] [next in thread]
List: wsas-java-dev
Subject: Re: [Dev] Please share the decision made on Access token generation
From: Prabath Siriwardena <prabath () wso2 ! com>
Date: 2013-01-31 7:43:32
Message-ID: CAJV9qO-huMw2QUxg3CJpRtzY6F-bEeC9ywGB4Gu26+ySON+JGg () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/related)]
[Attachment #4 (multipart/alternative)]
Hi Ragu,
Please talk to Senaka or Ajith.. They are aware of the plan..
Thanks & regards,
-Prabath
On Thu, Jan 31, 2013 at 12:33 PM, Sriragu Arudsothy <sriragu@wso2.com>wrote:
>
>
> Any update on this from Greg side..!
>
>
> On Wed, Jan 30, 2013 at 10:07 PM, Sriragu Arudsothy <sriragu@wso2.com>wrote:
>
>> Hai Nuwan..!
>>
>> Thanks for your help..!
>>
>> 1) Separate out the Identity OAuth component - the current OAuth is an
>> installable feature by any product. Do you mean that the complete
>> functionality from registering an application to generating the access
>> token of an OAuth must be separated?
>>
>> 2) Currently the Access token generation is done when user logs into the
>> jaggery app. Therefore it is not exposed to the user ..? isn't it?
>>
>> Note: The current implementation of the REST api = validation of OAuth
>> access token + REST calls to resources.
>>
>> I also have done some changes to the code. We will update the svn
>> location by tomorrow.
>>
>> Have you had any body from G-Reg on this meeting ? Just to get to know..!
>>
>> But Greg team had a discussion with prabath on monday or tuesday. I was
>> not there. But I heard that they were told to generate the access token
>> through the UI. I might misunderstood. I will clarify it tomorrow.!
>>
>> Thanks!
>> Ragu
>>
>>
>> On Wed, Jan 30, 2013 at 9:51 PM, Sriragu Arudsothy <sriragu@wso2.com>wrote:
>>
>>>
>>>
>>> On Wed, Jan 30, 2013 at 9:05 PM, Nuwan Bandara <nuwan@wso2.com> wrote:
>>>
>>>> Hi Ragu,
>>>>
>>>> We had few lengthy discussion with Prabath, on OAuth key issuing and
>>>> key validation process. Here is the summary, and I suggest we setup a
>>>> meeting tomorrow and review the current implementation and fix
>>>> if there's anything to be fixed, summary is as follows,
>>>>
>>>> 1. Separate out identity OAuth component and make it self contained
>>>> so any API development in future can use this component to provide OAuth
>>>> based security
>>>>
>>>>
>>>
>>>
>>>>
>>>> 1. In the Generic store usecase (image attached) we have the store
>>>> Jaggery App, which consumes the registry API.
>>>> 2. The carbon Mgt Console will have a UI to register applications
>>>> and create consumer-keys and secrets
>>>> 3. The store jaggery app will be registered as an application by
>>>> default and will have a consumer-key and a secret
>>>> 4. When users log-in to the store jaggery app, they will be issued
>>>> an access token after validating the credentials, (this will happen under
>>>> the hood)
>>>>
>>>>
>>>> [image: Inline image 1]
>>>>
>>>> This is the basic summary, @prabath please do add if I have missed or
>>>> have misunderstood any.
>>>>
>>>> Please do refer to the attached diagram. Lets have a review on this and
>>>> come to consensus.
>>>>
>>>> Regards,
>>>> /Nuwan
>>>>
>>>>
>>>> On Wed, Jan 30, 2013 at 6:21 PM, Sriragu Arudsothy <sriragu@wso2.com>wrote:
>>>>
>>>>> Hai All,
>>>>>
>>>>> please share the decisions made on the chat with prabath
>>>>> regarding the Access token generation. How to proceed from the current
>>>>> point.
>>>>>
>>>>> Thanks!
>>>>> Ragu
>>>>>
>>>>> _______________________________________________
>>>>> Dev mailing list
>>>>> Dev@wso2.org
>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> *Thanks & Regards,
>>>>
>>>> Nuwan Bandara
>>>> Associate Technical Lead & Member, MC, Development Technologies
>>>> WSO2 Inc. - lean . enterprise . middleware | http://wso2.com
>>>> blog : http://nuwanbando.com; email: nuwan@wso2.com; phone: +94 11 763
>>>> 9629
>>>> *
>>>> <http://www.nuwanbando.com/>
>>>>
>>>
>>>
>>
>
--
Thanks & Regards,
Prabath
Mobile : +94 71 809 6732
http://blog.facilelogin.com
http://RampartFAQ.com
[Attachment #7 (text/html)]
Hi Ragu,<div><br></div><div>Please talk to Senaka or Ajith.. They are aware of the \
plan..</div><div><br></div><div>Thanks & regards,</div><div>-Prabath<br><br><div \
class="gmail_quote">On Thu, Jan 31, 2013 at 12:33 PM, Sriragu Arudsothy <span \
dir="ltr"><<a href="mailto:sriragu@wso2.com" \
target="_blank">sriragu@wso2.com</a>></span> wrote:<br> <blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><br><div><br></div><div>Any update on this from Greg \
side..!<div><div class="h5"><br><br><div class="gmail_quote">On Wed, Jan 30, 2013 at \
10:07 PM, Sriragu Arudsothy <span dir="ltr"><<a href="mailto:sriragu@wso2.com" \
target="_blank">sriragu@wso2.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex">Hai Nuwan..!<div><br></div><div> Thanks for \
your help..! </div><div><br></div><div>1) Separate out the Identity OAuth component \
- the current OAuth is an installable feature by any product. Do you mean that the \
complete functionality from registering an application to generating the access token \
of an OAuth must be separated?</div>
<div><br></div><div>2) Currently the Access token generation is done when user logs \
into the jaggery app. Therefore it is not exposed to the user ..? isn't \
it?</div><div><br></div><div>Note: The current implementation of the REST api = \
validation of OAuth access token + REST calls to resources.</div>
<div><br></div><div>I also have done some changes to the code. We will update the svn \
location by tomorrow. </div><div><br></div><div>Have you had any body from G-Reg on \
this meeting ? Just to get to know..!</div><div><br>
</div><div>But Greg team had a discussion with prabath on monday or tuesday. I was \
not there. But I heard that they were told to generate the access token through the \
UI. I might misunderstood. I will clarify it tomorrow.!</div>
<div><br></div><div>Thanks!</div><div>Ragu</div><div><div><div><br><br><div \
class="gmail_quote">On Wed, Jan 30, 2013 at 9:51 PM, Sriragu Arudsothy <span \
dir="ltr"><<a href="mailto:sriragu@wso2.com" \
target="_blank">sriragu@wso2.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div><div><br><br><div class="gmail_quote">On Wed, Jan 30, \
2013 at 9:05 PM, Nuwan Bandara <span dir="ltr"><<a href="mailto:nuwan@wso2.com" \
target="_blank">nuwan@wso2.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"> <div dir="ltr">Hi Ragu,<div><br></div><div>We had few \
lengthy discussion with Prabath, on OAuth key issuing and key validation process. \
Here is the summary, and I suggest we setup a meeting tomorrow and review the current \
implementation and fix if there's anything to be fixed, summary is as \
follows,</div>
<div><ol><li>Separate out identity OAuth component and make it self contained so any \
API development in future can use this component to provide OAuth based \
security</li></ol></div></div></blockquote><div> </div>
<div>
</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="ltr"><div><ol><li>In the Generic store usecase \
(image attached) we have the store Jaggery App, which consumes the registry API. \
</li>
<li>The carbon Mgt Console will have a UI to register applications and create \
consumer-keys and secrets</li><li>The store jaggery app will be registered as an \
application by default and will have a consumer-key and a secret</li>
<li>When users log-in to the store jaggery app, they will be issued an access token \
after validating the credentials, (this will happen under the \
hood)</li></ol><div><br></div><div><img src="cid:ii_13c8c17ee0c3381e" alt="Inline \
image 1"><br>
</div><div><br></div><div>This is the basic summary, @prabath please do add if I have \
missed or have misunderstood any. </div><div><br></div><div>Please do refer to the \
attached diagram. Lets have a review on this and come to consensus.</div>
<div><br></div><div>Regards,</div><div>/Nuwan</div></div></div><div \
class="gmail_extra"><br><br><div class="gmail_quote"><div><div>On Wed, Jan 30, 2013 \
at 6:21 PM, Sriragu Arudsothy <span dir="ltr"><<a href="mailto:sriragu@wso2.com" \
target="_blank">sriragu@wso2.com</a>></span> wrote:<br>
</div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px \
#ccc solid;padding-left:1ex"><div><div>Hai All,<div><br></div><div> please \
share the decisions made on the chat with prabath regarding the Access token \
generation. How to proceed from the current point. </div>
<div><br></div><div>Thanks!</div><div>Ragu</div>
<br></div></div>_______________________________________________<br>
Dev mailing list<br>
<a href="mailto:Dev@wso2.org" target="_blank">Dev@wso2.org</a><br>
<a href="http://wso2.org/cgi-bin/mailman/listinfo/dev" \
target="_blank">http://wso2.org/cgi-bin/mailman/listinfo/dev</a><br> \
<br></blockquote></div><span><font color="#888888"><br><br \
clear="all"><div><br></div>-- <br><font face="'times new roman', \
serif"><i>Thanks & Regards,<br><br><b>Nuwan Bandara</b><br>Associate Technical \
Lead & Member, MC, Development Technologies<br>
WSO2 Inc. - lean . enterprise . middleware | <a href="http://wso2.com" \
target="_blank">http://wso2.com</a> <br>blog : <a href="http://nuwanbando.com" \
target="_blank">http://nuwanbando.com</a>; email: <a href="mailto:nuwan@wso2.com" \
target="_blank">nuwan@wso2.com</a>; phone: <a href="tel:%2B94%2011%20763%209629" \
value="+94117639629" target="_blank">+94 11 763 9629</a><br>
</i></font><br><a href="http://www.nuwanbando.com/" target="_blank"></a>
</font></span></div>
</blockquote></div><br>
</div></div></blockquote></div><br></div>
</div></div></blockquote></div><br></div></div></div>
</blockquote></div><br><br clear="all"><div><br></div>-- <br>Thanks & \
Regards,<br>Prabath<div><br></div><div>Mobile : +94 71 809 6732 <br><br><a \
href="http://blog.facilelogin.com" \
target="_blank">http://blog.facilelogin.com</a><br> <a href="http://RampartFAQ.com" \
target="_blank">http://RampartFAQ.com</a></div> </div>
--047d7b603bcead786404d4909dbe--
["oauth.png" (image/png)]
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic