[jira] [Commented] (CXF-8121) Improve STS REST interface

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

[jira] [Commented] (CXF-8121) Improve STS REST interface

jagadeesh (Jira)

    [ https://issues.apache.org/jira/browse/CXF-8121?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17143070#comment-17143070 ]

Colm O hEigeartaigh commented on CXF-8121:

I added some feedback on the PR.

> Improve STS REST interface
> --------------------------
>                 Key: CXF-8121
>                 URL: https://issues.apache.org/jira/browse/CXF-8121
>             Project: CXF
>          Issue Type: Improvement
>          Components: STS
>    Affects Versions: 3.2.4
>            Reporter: Dmitry
>            Assignee: Colm O hEigeartaigh
>            Priority: Major
>          Time Spent: 10m
>  Remaining Estimate: 0h
> I propose to improve STS REST interface in following points:
> 1. It is not possible to change path of the REST interface and could be issue with defining realm name
> In current implementation realm name is not defined implicitly as path parameter in @Path annotation, but usually calculated from URI in implementation of RealmParser. In our situation implementation of RealmParser work good for SOAP STS interface, but did not work for current REST implementation.
> Of course, it could be addapted again for REST case, but it looks more like workaround then a clean solution. It is more relaible to define all necessary path and query parameters in the interface then relay that somewhere inside STS it will be parsed properly.
> 2. There is no any flexibility with custom functionality
> We decided to provide endpoint that provide public key for verification "/jwk/keys", similar as Fediz OIDC provides. With current implementation I would need to create new jaxrs server, define similar configuration, etc.
> 3. There is no OpenAPI documentation
> It is necessary to add the documentation to new interface.
> I propose to provide the improvements as new module 'sts-rest' that will use 'sts-core' as dependency.

This message was sent by Atlassian Jira