Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.5.0-beta1
    • Fix Version/s: 2.5.0-beta2
    • Component/s: Java
    • Labels:
      None

      Description

      Currently the OAuth2 Consumer stores access/refresh tokens per gadget, per user.

      I have received comments that it would be convenient to allow a set of Gadgets to share a tokens per user. Improving the user experience for a group of OAuth2 dependent gadgets by not triggering additional opt-ins.

      Technically this is possible to implement with a custom OAuth2Store or OAuth2Persister but it would be nice to formalize it in shindig and the sample persistence plugin.

      When an administrator creates an OAuth2Client they can specify that the client is shared.

      "shindig_client1" :

      { "providerName" : "shindigOAuth2Provider", "type" : "confidential", "grant_type" : "code", "client_id" : "shindigClient", "client_secret" : "U78KJM98372AMGL87612993M", "sharedToken" : "true" }

      ,

      (If the value is not specified the default will be "false", keeping the current behavior.)

      In this case any gadget bound to the "shindig_client1" client will use the same access/refresh token for the user.

      Administrators should take extra care when binding sharedToken clients.

      1. 1731_20120312.patch
        9 kB
        Adam Clarke
      2. 1731_20120409.patch
        9 kB
        Adam Clarke

        Activity

        No work has yet been logged on this issue.

          People

          • Assignee:
            Unassigned
            Reporter:
            Adam Clarke
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development