Skip to content
/ gravitee-resource-oauth2-provider-generic Public

Gravitee.io - API Management - Resource - OAuth2 Generic

License

Apache-2.0 license
0 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

gravitee-io/gravitee-resource-oauth2-provider-generic

BranchesTags

Repository files navigation

Generic OAuth2 Authorization Server Resource

Gravitee.io License Releases CircleCI Join the community forum

Description

Generic OAuth2 Authorization Server resource is defined to introspect an access_token generated by a generic OAuth2 authorization server.

This resource should be able to handle common authorization server from the market by providing a complete configuration about the way to apply token introspection.

Compatibility with APIM

Plugin version APIM version

2.x and upper

3.18.x to latest

1.16.x and upper

3.10.x to 3.17.x

Up to 1.15.x

Up to 3.9.x

Configuration

You can configure the resource with the following options :

Property Required Description Type Default

introspectionEndpoint

X

The URL which is used by the resource to introspect an incoming access token.

string

-

useSystemProxy

X

TUse system proxy.

boolean

false

introspectionEndpointMethod

X

HTTP method used to introspect the access token.

HTTP Method

GET

clientId

X

The client identifier.

string

-

clientSecret

X

The client secret.

string

-

useClientAuthorizationHeader

-

To prevent token scanning attacks, the endpoint MUST also require some form of authorization to access this endpoint. In this case we are using an HTTP header for client authentication.

boolean

true

clientAuthorizationHeaderName

-

Authorization header.

string

Authorization

clientAuthorizationHeaderScheme

-

Authorization scheme.

string

Basic

tokenIsSuppliedByQueryParam

-

Access token is passed to the introspection endpoint using a query parameter.

boolean

true

tokenQueryParamName

-

Query parameter used to supply access token.

string

token

tokenIsSuppliedByHttpHeader

-

Access token is passed to the introspection endpoint using an HTTP header.

boolean

false

tokenHeaderName

-

HTTP header used to supply access token.

string

-
Configuration example
{
    "configuration": {
        "introspectionEndpoint": "https://my_authorization_server/oauth/check_token",
        "introspectionEndpointMethod": "POST",
        "clientAuthorizationHeaderName": "Authorization",
        "clientAuthorizationHeaderScheme": "Basic",
        "clientId": "my-client",
        "clientSecret": "f2ddb55e-30b5-4a45-9db5-5e30b52a4574",
        "tokenIsSuppliedByHttpHeader": false,
        "tokenIsSuppliedByQueryParam": true,
        "tokenQueryParamName": "token",
        "useClientAuthorizationHeader": true
    }
}

About

Gravitee.io - API Management - Resource - OAuth2 Generic

Topics

security-scan product-apim

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

29 watching

Forks

4 forks
Report repository

Releases 5

2.1.0 Latest
Jul 11, 2024
+ 4 releases

Packages

No packages published

Contributors 13

Languages