Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: implement OAuth2 client credentials flow to access API #34

Closed
6 tasks done
getlarge opened this issue Apr 9, 2024 · 0 comments · Fixed by #35
Closed
6 tasks done

feat: implement OAuth2 client credentials flow to access API #34

getlarge opened this issue Apr 9, 2024 · 0 comments · Fixed by #35

Comments

@getlarge
Copy link
Owner

getlarge commented Apr 9, 2024
edited
Loading

To demonstrate usage of Ory Hydra, let's implement the following use case:

  • A user can create clients (used in applications) to act on their behalf
  • The client will be bound to the user with the owner property during the client creation
  • The client will be replicated into the application's database
  • When requesting an OAuth2 token extra information will be appended to the access_token (using the Ory Hydra webhook)
  • When sending requests authenticated with an access token (ory_at_xxx), a guard should validate the access token with the introspection method from OryOauth2Service (Consider using or-guard with OryAuthenticationGuard and OryOAuth2AuthenticationGuard)
  • Check authorization using the permissions of the client's owner (with Keto) the scopes contained in the access token which is a bit of an OAuth2 spec violation but we will survive it!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: implement oauth2 client credentials flow to access api getlarge/ticketing
1 participant
@getlarge