Posts

Showing posts from January, 2016

OAuth - Extension Points Part 2 - WSO2 Identity Server

OAuth2 is widely used in the enterprise today for authorization aspects of APIs. This is the second post on the extension points available in WSO2 Identity Server after WSO2 Identity Server - Extension Points - Part 1 - SAML


All the implementation using following extension point needs to be configured at <IS_HOME>/repository/conf/identity/identity.xml file under the element OAuth.
Custom OAuth grant handlerUsage:When we need to support an OAuth flow that is different from standard grant types. Validates the grant, scopes, and access delegation. Sample:https://docs.wso2.com/display/IS510/Writing+a+Custom+OAuth+2.0+Grant+Type

org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler
Client Auth HandlerUsage:
When the client credential authentication needs to be customized. By default we validate the client id and secret.
Interface:
org.wso2.carbon.identity.oauth2.token.handlers.clientauth.ClientAuthenticationHandler OAuth Callback HandlerAn extension point provide…