[NXP-27446] Improve openId provider descriptor to handle user info request authentication per bearer - Nuxeo Issue Tracker

XML

Word

Printable

Details

Type: Improvement
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: 10.10
Fix Version/s: 10.10-HF08, 11.1, 2021.0
Component/s: Open Id

Release Notes Summary:
OenId provider descriptor handles user info request authentication per bearer.
Tags:
- SupCom
- psRequest
Backlog priority:
400

Description

Context

While doing an OpenId authentication we fetch the user information from provider at some point.
This call is performed by giving the access token as a query parameter, but all providers don't accept this kind of authentication.

We want to improve OpenID provider in order to be able to choose between authentication though query parameters or through Authentication header.

Technical solution

This setting should be present on open id descriptor and retrieved while doing get user info request.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

accessToken
13 kB
2019-05-29 09:38

Issue Links

causes

NXP-29178 Disabled OpenID Providers are still registered

Resolved

NXDOC-1922 Update Open Id documentation about get user info settings

Resolved

is related to

NXP-28740 OpenID auth via Github will stop working on July 1 2020

Resolved

Activity

People

Assignee:

Julien Marchal

Reporter:

Julien Marchal

Participants:

Jenkins, Julien Marchal

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

2019-05-29 08:11

Updated:

2020-12-17 16:33

Resolved:

2019-06-17 14:53

Time Tracking

Estimated:

Not Specified

Remaining:

Logged: