[prev in list] [next in list] [prev in thread] [next in thread] 

List:       wsf-java-dev
Subject:    Re: [Dev] Introspection Endpoint improvement to support Client Authentication
From:       Farasath Ahamed <farasatha () wso2 ! com>
Date:       2019-02-12 15:33:09
Message-ID: CAPqAaPoGx0MrLcdBhz0YWPH6P4fn2RAKK5Q0Xisb4oE_k_r-ew () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


The GitHub issue title is a bit confusing.

I think it should be to supporting client authentication based on
*client_id* and *client_secret* of the app for the introspection endpoint.

On Tue, Feb 12, 2019 at 7:55 AM Isuranga Perera <isuranga@wso2.com> wrote:

> Hi Abhishek
>
> In [1] you have mentioned that the client authentication is not enforced
> on oauth2 introspection endpoint. But sample requests given suggests
> otherwise. Can you please clarify what you meant by $subject.
>
> [1] https://github.com/wso2/product-is/issues/4314
>
> Best Regards
> --
> *Isuranga Perera* | Software Engineer | WSO2 Inc.
>  +94 71 735 7034 | isuranga@wso2.com <isuruw@wso2.com>
>
> _______________________________________________
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>


-- 
Farasath Ahamed
Senior Software Engineer, WSO2 Inc.; http://wso2.com
Mobile: +94777603866
Blog: blog.farazath.com
Twitter: @farazath619 <https://twitter.com/farazath619>
<http://wso2.com/signature>

[Attachment #5 (text/html)]

<div dir="ltr">The GitHub  issue title is a bit confusing.<div><br></div><div>I think \
it should be to supporting client authentication based on <b>client_id</b> and \
<b>client_secret</b> of the app for the introspection endpoint.</div></div><br><div \
class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Feb 12, 2019 at 7:55 AM \
Isuranga Perera &lt;<a href="mailto:isuranga@wso2.com">isuranga@wso2.com</a>&gt; \
wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div \
dir="ltr">Hi Abhishek<div><br></div><div>In [1] you have mentioned that the client \
authentication is not enforced on oauth2 introspection endpoint. But sample requests \
given  suggests otherwise. Can you please clarify what you meant by \
$subject.</div><div><br></div><div>[1]  <a \
href="https://github.com/wso2/product-is/issues/4314" \
target="_blank">https://github.com/wso2/product-is/issues/4314</a><br \
clear="all"><div><br></div><div>Best Regards</div>-- <br><div dir="ltr" \
class="gmail-m_-6175641400000914691gmail_signature"><div dir="ltr"><div \
dir="ltr"><span style="border-collapse:collapse"><font color="#888888" face="verdana, \
sans-serif"><b>Isuranga Perera</b></font><font face="arial, sans-serif" \
color="#888888"> | </font><font color="#888888" face="verdana, sans-serif">Software \
Engineer</font><font face="arial, sans-serif" color="#888888">  | WSO2 \
Inc.</font><br><span style="color:rgb(136,136,136);font-family:arial,sans-serif">  \
+94 71 735</span><span style="color:rgb(136,136,136);font-family:arial,sans-serif">  \
7034</span><font face="arial, sans-serif" color="#888888">  </font><font face="arial, \
sans-serif" color="#888888">|  <a href="mailto:isuruw@wso2.com" \
style="color:rgb(17,85,204)" \
target="_blank">isuranga@wso2.com</a></font></span></div><div><span \
style="border-collapse:collapse"><img><br></span></div></div></div></div></div></div> \
_______________________________________________<br> Dev mailing list<br>
<a href="mailto:Dev@wso2.org" target="_blank">Dev@wso2.org</a><br>
<a href="http://wso2.org/cgi-bin/mailman/listinfo/dev" rel="noreferrer" \
target="_blank">http://wso2.org/cgi-bin/mailman/listinfo/dev</a><br> \
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" \
class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div \
dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr" \
style="color:rgb(136,136,136);font-size:12.8px"><div><div><div>Farasath \
Ahamed<br></div>Senior Software Engineer,  <span style="font-size:12.8px">WSO2 Inc.;  \
</span><a href="http://wso2.com/" style="font-size:12.8px;color:rgb(17,85,204)" \
target="_blank">http://wso2.com</a></div><div><span style="font-size:12.8px">Mobile:  \
</span><a href="tel:%2B94777603866" value="+94713149860" \
style="font-size:12.8px;color:rgb(17,85,204)" \
target="_blank">+94777603866</a><br></div></div><div>Blog:  <a \
href="http://blog.farazath.com" \
target="_blank">blog.farazath.com</a></div></div><div><span \
style="color:rgb(136,136,136);font-size:12.8px">Twitter: <a \
href="https://twitter.com/farazath619" \
target="_blank">@farazath619</a></span></div><div><a href="http://wso2.com/signature" \
target="_blank"><img \
src="http://c.content.wso2.com/signatures/wso2-signature-general.png" \
style="font-size: 12.8px;"></a><br></div><div><br><br></div></div></div></div></div></div></div><a \
href="http:///" target="_blank"></a><span></span><span></span><br></div></div></div></div>




_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic