Improve OpenId Connect provider and authenticator

Last modified by Thomas Mortagne on 2022/02/25 09:25

Mentor(s)
Details

It's possible to use XWiki as OpenId Connect provider and also make XWiki authenticate on OpenId Connect provider. See OpenId Connect project page.

It work well but has various limitation that it would be nice to fix. You can find various ideas on Jira but here are the main ones:

  • both
    • setup integration tests
  • provider:
    • UI to manage authorizations
    • salt the stored token
    • allow accessing any resource using access token
    • add support for registering clients (only allow a set a clients with generated authorization key) and provide corresponding UI to manage them
    • improve the UI (very basic right now)
  • authenticator:
    • support automatically authenticating a user who is coming back
Developer profile
  • Java
  • HTTP/Networking
Year

2019

Status

Proposed

Tags:
   

Get Connected