Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support OAuth2 authorization via PIN #48

Open
margaretha opened this issue Aug 8, 2019 · 1 comment
Open

Support OAuth2 authorization via PIN #48

margaretha opened this issue Aug 8, 2019 · 1 comment

Comments

@margaretha
Copy link
Contributor

margaretha commented Aug 8, 2019
edited
Loading

Kustvakt should support OAuth2 authorization via PIN (or other kind of code) activation, for instance to facilitate login in "IDS Wortraumstation" using virtual reality (VR) tools. The authorization process involves two KorAP front-end instances, e.g. VR app and Kalamar for the browser. The general flow is:

  1. VR app shows PIN and sends a poll request with username & PIN to Kustvakt.
  2. User login to Kalamar and activate PIN in Kalamar.
  3. Kustvakt matches username & PIN from VR app & Kalamar, and sends response with an access token to the VR app

To achieve this, two additional web-service are needed for:

  1. poll requesting oauth2 token using pin and username
  2. pin activation requiring user authentication in the authorization header

This issue is related to KorAP/Kalamar#101.
@Akron Akron mentioned this issue Aug 8, 2019
Open
@notesjor
Copy link

In my opinion, a better solution would be to use signed JWT (public/private key). This is safe and easy to implement.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@margaretha @notesjor