spring-authorization-server icon indicating copy to clipboard operation
spring-authorization-server copied to clipboard

Published 20 hours ago verified publisher icon spring-projects

Implement OAuth 2.0 Device Authorization Grant

Open jgrandja opened this issue 4 years ago • 6 comments

This feature will deliver OAuth 2.0 Device Authorization Grant.

Related to Spring Security client support

jgrandja avatar Apr 21 '20 01:04 jgrandja

@jgrandja Support for OAuth 2.0 Device Authorization Grant was recently added to Keycloak (KEYCLOAK-7675).

pkostrzewa avatar Apr 22 '20 19:04 pkostrzewa

It looks like this has been "on-hold" for awhile now. Any chance that this will get prioritized for an upcoming release? Would really love to see Device Auth as a feature.

mikesaurus avatar Jun 14 '22 21:06 mikesaurus

@mikesaurus There are only 2 upvotes for this feature so it's still low priority. We will likely add a sample first before we add the feature to the core code. We have a few higher priority items that need to be completed first. I don't know when the sample will be ready.

jgrandja avatar Jun 15 '22 08:06 jgrandja

@jgrandja Hi! Recently we discovered an urgent need for Device Grant Type support in our project. Can you please add the consent of such grant type?

holyCowMp3 avatar Jun 27 '22 08:06 holyCowMp3

@sjohnr seems that you are working on solving this issue. Can you please share details about it? It is so important for us.

holyCowMp3 avatar Aug 05 '22 07:08 holyCowMp3

@markFieldman thanks for sharing, and I agree it's super fun and important! Feel free to follow along with the sample branch I'm working on. This is an attempt to build a POC of the device grant on top of SAS.

Unfortunately, we're juggling a number of priorities at the moment so I'm only working on this off and on. It's getting closer but not quite there yet. Hopefully, it will be finished in a couple of months. Official support for device grant is probably a ways out on the schedule though.

sjohnr avatar Aug 10 '22 19:08 sjohnr

Hey @sjohnr, I've cloned your branch and are trying to figure out how everything fits together. I'm finding it really hard to understand all of the stuff in device-grant-authorizationserver.src.main.java.sample.web.authentication though. Why do you need all of those providers & converters? Would it be possible to achieve the same thing using controllers to make it easier to follow?

Kvistian avatar Dec 20 '22 09:12 Kvistian

Hi @Kvistian.

Would it be possible to achieve the same thing using controllers to make it easier to follow?

Yes, it probably would. However, I was attempting to produce an example that would eventually be contributed back to this project as an official implementation, in which case I can't use controllers or Spring MVC directly.

A few things have changed since that branch so I will have to rebase on 1.0, which is not at the top of my to-do list yet. That could add additional difficulty for you, so sorry about that.

sjohnr avatar Jan 03 '23 17:01 sjohnr

Draft PR: #1106

sjohnr avatar Feb 27 '23 21:02 sjohnr