...
- Authorization Code Flow (done)
- Implicit Grant Flow (in progress)
- Client Credential Flow (in progressdone)
How-Tos
How to Register a Client
...
| Code Block |
|---|
// Registry of OAuth 2.0 clients with Shindig's service provider.
"oauth2" : {
"advancedOpenSocialClient" : {
"registration" : {
"id" : "advancedOpenSocialClient",
"secret": "advancedOpenSocialClient_secret",
"title": "Most Advanced OpenSocial Client Ever!",
"redirectUri" : "http://localhost:8080/oauthclients/OpenSocialClient",
"type" : "confidential",
"flow" : "authentication_code"
},
"authorizationCodes" : {
"advancedClient_authcode_1" : {
// Authentication code has been consumed since associatedSignature exists
"redirectUri" : "http://localhost:8080/oauthclients/OpenSocialClient",
"associatedSignature" : "advancedClientOS_accesstoken_1"
},
"advancedClient_authcode_2" : {
"redirectUri" : "http://localhost:8080/oauthclients/OpenSocialClient"
}
},
"accessTokens" : {
"advancedClient_accesstoken_1" : {
"redirectUri" : "http://localhost:8080/oauthclients/OpenSocialClient"
}
}
},
"testClient" : {
"registration" : {
"id" : "testClient",
"redirectUri" : "http://localhost:8080/oauthclients/OpenSocialClient",
"type" : "public"
}
}
}
|
How to Add a Custom Grant
...
Validator
Per the OAuth 2.0 specification, grant types are extensible beyond the 4 pre-defined types (authorization_code, client_credentials, refresh_token, and password). To accommodate, validation of new grant types, grant handlers are registered with the OAuth2Service. The appropriate grant handler is identified by its registered "grant_type" and invoked within OAuth2Service.validateRequestForAccessToken(...) to validate requests.
...