Provide support for SAML 2.0 and JWT Profile

[tnwang]

Client-side support would enable app developers to begin consuming these flows, which UAA already supports from the Authorization Server side for Cloud Foundry. We've seen growing interest in enabling this use case as a way to integrate with legacy applications and with applications using a different OAuth2 identity provider.

[jgrandja]

Related specs:

JSON Web Token (JWT) Profile
Security Assertion Markup Language (SAML) 2.0 Profile

-- This is a priority feature for UAA --

[lukas-stadler]

Are there any plans to implement this in the near future?

[jgrandja]

@lukas-stadler We'll look at getting this in for the 5.2 release.

[wagnerluis1982]

I'm interested in work at this issue, can someone guide me on what files/classes should be touched?

[jgrandja]

Thanks for the offer @wagnerluis1982. This issue is made up of 2 separate features - JWT and SAML Profile. Which one are you interested in?

[wagnerluis1982]

@jgrandja I have some experience with JWT, but for now I prefer SAML for the opportunity to learn.

[jgrandja]

@wagnerluis1982 I'm not entirely convinced if we need to provide support for SAML 2.0 Profile. I just logged #7581 so we can track the upvotes for this feature. Let's hold off for now until we see there is a demand for this feature.

Is there any other issue/task you would be interested in?

[jgrandja]

Closing as duplicate of #6053 and #7581

[wagnerluis1982]

@wagnerluis1982 I'm not entirely convinced if we need to provide support for SAML 2.0 Profile. I just logged #7581 so we can track the upvotes for this feature. Let's hold ofhf for now until we see there is a demand for this feature.

Is there any other issue/task you would be interested in?

@jgrandja understood, IMO is a good move, about another issue, not now, but I'll stick around.