Skip to content

Implement Authorization Model / Service #43

Closed
@jgrandja

Description

@jgrandja

An authorization server needs to maintain existing authorizations between a client and resource owner. For example, when a resource owner grants access to a client (to access its protected resources), the authorization server must persist certain data in order to validate the authorization grant flow until it completes.

For example, during an authorization_code grant flow, the authorization server must persist the following data:

  • Certain Authorization Request parameters - OAuth2AuthorizationRequest
  • The identifier of the client - client_id
  • The identifier of the resource owner - current Authentication.getName()
  • The authorization code parameter
  • The granted access token - OAuth2AccessToken

The initial implementation should provide an in-memory implementation of OAuth2AuthorizationService, similar to InMemoryOAuth2AuthorizedClientService in the spring-security-oauth2-client module.

Implementation Requirements

  • InMemoryOAuth2AuthorizationService should store in a Map
  • OAuth2Authorization should be immutable
  • OAuth2Authorization.attributes should be used for storing data that is specific to an authorization grant, eg. authorization code parameter, OAuth2AuthorizationRequest, etc.
  • javadoc class and public methods
  • Unit tests

Specification References

4.1. Authorization Code Grant

Metadata

Metadata

Labels

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions