Comments (4)
I'd try myself on this one
from spring-authorization-server.
@jgrandja : My mind crossed a question while thinking of some details on this ticket and I'd like to here your opinion to that.
If a client receives authorization for several user resources in a single access token that are quite different in representation and type, would you still use a single resource-endpoint to retrieve all of these resources in one go with an explanation on a documentation on how to parse these resources or would you provide several endpoints?
If your preference is to create several endpoints:
How about if we provide information of the endpoints that can be accessed with the access token within the access token itself by using a JWT representation as access token?
I know this is still a thought for the future but I think its worth to keep in mind
from spring-authorization-server.
I'd try myself on this one
Issues with the Epic:
prefix are intended to group one or more other issues that compromise the bigger feature (epic). The 2 issues #40 and #43 are already taken. Please take a look at Feature Planning so you can see what is being working on currently and the feature roadmap (using ZenHub).
The features I planned out last week are all taken. But you're the first one on my list for the next set of issues, which I'll plan some time this week. Stay tuned.
As far as your other comment, I'm not sure I understood. Maybe log a new issue so we can discuss there. FYI, the JWT epic and associated issues is coming up soon.
from spring-authorization-server.
@Captain-P-Goldfish @jgrandja I believe #52 addresses your concern and implements OAuth 2.0 Token Introspection [RFC 7662]
from spring-authorization-server.
Related Issues (20)
- JPMS HOT 2
- Inconsistency in reading 'grant_type' values from request. HOT 1
- /oauth2/device_authorization not working HOT 1
- Session created by the OAuth flow should be short lived HOT 5
- RegisteredClient's idTokenSignatureAlgorithm only accepts SignatureAlgorithm HOT 1
- Update to Spring Security 6.3.0-SNAPSHOT
- Update to Spring Framework 6.0.19
- Update to Spring Security 6.1.9
- Update to Spring Framework 6.1.6
- Update to Spring Security 6.2.4
- Update to Spring Framework 6.1.6
- Update to Spring Security 6.3.0-RC1
- Update to org.bouncycastle 1.78
- Update to spring-security-release-plugin 1.0.3
- Update to spring-security-release-plugin 1.0.3
- Update to spring-security-release-plugin 1.0.3
- Multiple secrets per registered client HOT 6
- One-way storage of refresh tokens is better supported if the refresh token is reused HOT 4
- Enable refresh of JwkSet in X509SelfSignedCertificateVerifier
- docs: example of testing pkce against split resource server HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from spring-authorization-server.