oauth2-server
oauth2-server copied to clipboard
clouway
OAuth2 Server Library
The Jetty version in the example app is deployed on jetty.
Hi, Unless I'm missing something, it seems that not all the core spec grant types are supported. Are you interested in supporting these, and would you consider a pull request...
We've got this on email: ``` Hello! I would like to create a new oauth2 server, and I have found your oauth2-server library on gitlab. I was able to compile...
Web Apps should be able to authenticate their users directly in the identity provider directly instead of sending requests to the server. The flow is described in: https://tools.ietf.org/html/rfc6749#section-4.2.1
Currently refreshing of access token requires passing of Authorization header with base64(client:secret) and refresh_token parameter. As this is not a good idea secrets to be kept native they should be...
The oauth2 library should provide lifecycle logging of oauth2 for easy debugging using custom logger or via enabling of standard logger using the configuration. Possible options: 1. Configurable logger which...
Right now when the user is authenticated successfully, it's redirected to the root page of the client site. The better approach is to be redirected to the referrer page (e.g....
A session management need to be improved to be compatible with the specification of open id connect. http://openid.net/specs/openid-connect-frontchannel-1_0-ID1.html http://openid.net/specs/openid-connect-session-1_0-ID4.html http://openid.net/specs/openid-connect-backchannel-1_0-ID1.html Several changes need to be addressed: oauth2-server library need to...
Cross origin token revoke need to be added to support JSONP requests. https://tools.ietf.org/html/rfc7009#section-2.3