Uploaded image for project: 'PUBLIC - OAuth2'
  1. PUBLIC - OAuth2
  2. OAUTH2-166 OAuth2 Documentation for 7.1.0 Release
  3. OAUTH2-190

DOC: Integrate 3rd party OSGi module with OAuth2 Provider

    Details

    • Type: Sub-Task
    • Status: Closed
    • Priority: Minor
    • Resolution: Completed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      Developer

      API

      A new OAuth2 Application can be created by

      1. importing com.liferay.oauth2.provider.api module
      2. using one of
        1. com.liferay.oauth2.provider.service.OAuth2ApplicationService
        2. com.liferay.oauth2.provider.service.OAuth2ApplicationLocalService

      SPI 

      OSGi module can expose a resource scope by:

      1. importing com.liferay.oauth2.provider.scope.spi module
      2. registering com.liferay.oauth2.provider.scope.spi.scope.finder.ScopeFinder service into OSGi
      3. specifying osgi.jaxrs.name property to link the exported scopes to particular endpoint application.  It's also possible to limit it further only to specific JAX-RS application inside portal instance by adding another service property companyId. Both values are of java.lang.String type

       

      Localization for endpoint application and resource scopes can be done by:

      1. importing com.liferay.oauth2.provider.scope.spi module
      2. registering com.liferay.oauth2.provider.scope.spi.scope.descriptor.ScopeDescriptor service into OSGi to localize scopes
      3. registering com.liferay.oauth2.provider.scope.spi.application.descriptor.ApplicationDescriptor service into OSGi to localize endpoint application name
      4. specifying osgi.jaxrs.name property to link the localization to particular endpoint application

       

      Portal Admin

      Portal admin can customize how scopes appear and are assigned to OAuth2 Application using so-called "scope aliases".

      Default portal implementation allows Portal Admin to:

      1. apply prefix to resource scope using BundlePrefixHandlerFactoryConfiguration
      2. merge, split or add new resource scopes using ConfigurableScopeMapperConfiguration

      Scope alias is therefore a combination of one or more resource aliases exported by endpoint applications, including the transformations above applied.

      SPI

      If needed, it is possible for Portal Admin to change default implementation by deploying a custom module and registering OSGi services

      • com.liferay.oauth2.provider.scope.spi.prefix.handler.PrefixHandlerFactory
        • with service property osgi.jaxrs.name=Default and service.ranking:Integer=1 to exchange the default implementation
        • or with service property osgi.jaxrs.name to aim specific endpoint application
          • enhanced with companyId property to sub-select specific portal instance
      • com.liferay.oauth2.provider.scope.spi.scope.mapper.ScopeMapper
        • with service property osgi.jaxrs.name=Default and service.ranking:Integer=1 to exchange the default implementation
        • or with service property osgi.jaxrs.name to aim specific endpoint application
          • enhanced with companyId property to sub-select specific portal instance

       

      By default scope aliases are expanded using a "dot notation".

      This means that "everything" scope alias includes scopes from "everything.readonly" as well as from "everything.write" or "everything.whatever".

      This default behavior can be changed using OSGi configuration (for example by deploying OSGi config file) for:

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Packages

                  Version Package