[NXP-23825] User should not be asked for grant authorization if already done - Nuxeo Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 9.10
Component/s: OAuth

Tags:
- dev-2017-sprints-h2-910
- nxfit
Backlog priority:
1,000
Upgrade notes:

Hide

Users need to authorize an application to access Nuxeo through OAuth2 only once.
Moreover, if the OAuth2 client is configured on the server with "Auto-grant", users never need to authorize this client, thus bypassing completely the OAuth2 grant page.

Show
Users need to authorize an application to access Nuxeo through OAuth2 only once. Moreover, if the OAuth2 client is configured on the server with "Auto-grant", users never need to authorize this client, thus bypassing completely the OAuth2 grant page.
Sprint:
nxfit 9.10.1, nxfit 9.10.2
Story Points:
5

Description

Each time a user uses the OAuth2 authorization for the same application, Nuxeo always asks him for grant authorization. If the user already grants the authorization, Nuxeo should not ask him again while there is a valid token Nuxeo side.

Moreover, the administrator should be able to set an "auto-grant" flag when registering an OAuth2 client to completely avoid the grant access process: this makes sense for the Nuxeo Mobile application for instance.

Attachments

Issue Links

depends on

NXP-23879 Cannot edit an OAuth2 client through the Admin Center

Resolved

Activity

People

Assignee:

Antoine Taillefer

Reporter:

Thomas Roger

Participants:

Anahide Tchertchian, Antoine Taillefer, Jenkins, Thomas Roger

Votes:

0 Vote for this issue

Watchers:

3 Start watching this issue

Dates

Created:

2017-12-04 10:04

Updated:

2018-11-26 11:27

Resolved:

2017-12-08 09:04

Time Tracking

Estimated:

Remaining:

Logged:

2d 2h