Improve OpenId Connect provider and authenticator

Last modified by Thomas Mortagne on 2018/01/22 10:02


It's possible to use XWiki as OpenId Connect provider and also make XWiki authenticate on OpenId Connect provider. See OpenId Connect project page.

It work well but has various limitation that it would be nice to fix. You can find various ideas on Jira but here are the main ones:

  • both
    • setup integration tests
  • provider:
    • UI to manage authorizations
    • salt the stored token
    • allow accessing any resource using access token
    • add support for registering clients (only allow a set a clients with generated authorization key) and provide corresponding UI to manage them
    • improve the UI (very basic right now)
  • authenticator:
    • support automatically authenticating a user who is coming back
    • support client authentication (for provider who allow only registered clients)


Developer profile
  • Java
  • HTTP/Networking


Created by Thomas Mortagne on 2018/01/22 10:00

Get Connected