Skip to content
Snippets Groups Projects
Commit d7c2d65f authored by Jacopo Gasparetto's avatar Jacopo Gasparetto
Browse files

Add OAuth2/OpenID Connect login 

Implements basic OAuth2/OpenID client for the INDIGO-IAM v1.8.0 Authorization server.
This is a custom implementation since it relies on the provided service backend to
request an access token.

In an ideal situation, the Authorization Code w/PKCE flow will be used to securely
exchange the access token without storing the client secret key inside the public
frontend code.

Since the current version of INDIGO-IAM appears to have the PKCE functionality broken,
this implentation relies on the backend service to inject the client secret to the
POST, which is then forwarded to IAM. At this point, the access token is returned to
the backend service and eventually back to the front end client.

When IAM will support the Authorization Code w/PKCE flow functionality, the usage of
a better library is recommended.
parent d1a46b65
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 446 additions and 33 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment