Uploaded image for project: 'Identity Gateway'
  1. Identity Gateway
  2. OPENIG-4184

Request for OAuth2ClientFilter to include option for login prompt

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 6.5.1
    • Fix Version/s: None
    • Component/s: OAuth 2.0
    • Labels:
    • Support Ticket IDs:

      Description

      At the moment, OAuth2ClientFilter uses JwtSession object to store OAuth2 related information under session key "oauth2:<clientEndpoint>". Users with existing OAuth2Session or valid access token can access protected resource without re-authenticating again.

      For a special endpoint (route) in IG, it is nice to force the user to re-authenticate before users can continue.

      According to https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest there is a parameter "prompt" available which will achieve this when setting it to "login".

      It would be nice to have this option in IG as well by having config attribute such as "prompt" in OAuth2ClientFilter.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              sachiko Sachiko Wallace
            • Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: