authentication
authentication copied to clipboard
WP-API
The home for design & development of a core WordPress REST API authentication solution
👋 Hi everyone! I thought it might be useful to outline what is in WooCommerce now so that any new system developed in WordPress core can consider this use case,...
Repo: https://github.com/wordpress/application-passwords @TimothyBJacobs asked me to write up an issue about the work already done on Application Passwords, so here we go: ### User Flow : New App The flow...
We should ask for design review to make sure our UI is as understandable as possible. This is the basic connection screen.  This is shown when you are connecting...
There are two main places where we compare URLs against each other to ensure they match in someway. 1. [Dynamic Clients](https://github.com/WP-API/authentication/blob/ea4e11ca28dd01955830ba97d13bd5d6d155c041/inc/class-dynamicclient.php#L105). We make sure that the `client_uri` ( which is...
First pass at a basic form of verified software statements. This checks the JWT for an "iss" header. If one is present, we fetch a public key at that host...
To use a dynamic client, make the same OAuth connection request but substitute a JWT [Software Statement](https://tools.ietf.org/html/rfc7591#section-2.3) for the `client_id` parameter. At the moment, the JWT should be signed with...
Right now, the plugin looks for an existing client for the dynamic client by using it's `software_id`. We should think through the possible ramifications for this, and if it is...
We should make sure we are following core coding styles. From the top of my head... - [ ] Switch from short arrays - [ ] Hook names - [...
The dynamic client auth spec recommends JWTs be signed using public/private key auth. > When presented to the authorization server as part of a client registration request, the software statement...
The way WordPress is designed, permissions are mapped to users and their roles. OAuth maps permissions to scopes. Unless we want to give applications the same permissions as the users...
