Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add oauth authorizationCode security to sensible endpoints #163

Merged
merged 1 commit into from
Jun 15, 2023
Merged

Add oauth authorizationCode security to sensible endpoints #163

merged 1 commit into from
Jun 15, 2023

Conversation

jlurien
Copy link
Collaborator

@jlurien jlurien commented Jun 9, 2023
edited
Loading

What type of PR is this?

  • enhancement/feature

What this PR does / why we need it:

  • Adds the option to use security oauth2 authorizationCode flow to the endpoints dealing with QoD sessions, as in some cases they may require user consent, and define scopes for those endpoints.

  • The new endpoints for QoS Profiles discovery are left with previous security (clientCredentials)

Which issue(s) this PR fixes:

Fixes #161

Special notes for reviewers:

For the short term, I followed the same approach that is used in other WGs with client credentials and 3-legged coexistence, but we will probably need to review the topic in Commonalities or Identity WG, as there is a lack of coherence among different WGs. For example, currently scopes are not defined for OAuth2 Client credentials, in some WGs openidconnect is used instead of oauth2, etc

Changelog input

- Scopes specified and OAuth2 authorizationCode flow added as security mechanism, for operations dealing with QoD sessions

Additional documentation

shilpa-padgaonkar
shilpa-padgaonkar approved these changes Jun 14, 2023
View reviewed changes
Copy link
Collaborator

@shilpa-padgaonkar shilpa-padgaonkar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/LGTM.

hdamker
hdamker approved these changes Jun 15, 2023
View reviewed changes
Copy link
Collaborator

@hdamker hdamker left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/LGTM to me as well. Will merge after noon if there are no further review comments.

@hdamker hdamker merged commit 9d41fb7 into camaraproject:main Jun 15, 2023
@hdamker hdamker mentioned this pull request Jun 17, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hdamker hdamker hdamker approved these changes

@shilpa-padgaonkar shilpa-padgaonkar shilpa-padgaonkar approved these changes

@patrice-conil patrice-conil Awaiting requested review from patrice-conil

@bigludo7 bigludo7 Awaiting requested review from bigludo7

@akoshunyadi akoshunyadi Awaiting requested review from akoshunyadi

@eric-murray eric-murray Awaiting requested review from eric-murray eric-murray is a code owner

@sfnuser sfnuser Awaiting requested review from sfnuser

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add three_legged to securitySchemes
3 participants
@jlurien @hdamker @shilpa-padgaonkar