Э
humanoid
Не видел по конкретной версии. Но есть просто https://projects.spring.io/spring-security-oauth/docs/oauth2.html
Надеюсь тебе это нужно для легаси?
Надеюсь тебе это нужно для легаси?
спасибо, хотел почитать
Size: a a a
2020 July 07
h
спасибо, хотел почитать
На случай если не легаси, то вот таблица сравнения с новым функционалом https://github.com/spring-projects/spring-security/wiki/OAuth-2.0-Features-Matrix
AG
Вообще есть документация по spring-security-oauth2 2.4.0?
Похоже, что 2.4.0 не существует https://docs.spring.io/spring-security-oauth2-boot/docs/
Э
humanoid
На случай если не легаси, то вот таблица сравнения с новым функционалом https://github.com/spring-projects/spring-security/wiki/OAuth-2.0-Features-Matrix
ок, сказали на проекте убрать deprecated классы, я понял, что единственный путь - мигрировать на Spring Security. Я пытаюсь понять, как вообще сейчас работает проект с spring-security-oauth2, до этого не имел с этим дело
Э
https://tools.ietf.org/html/draft-ietf-oauth-v2-22#section-3.3 этот документ? Сори, промахнулся, изменил линк
h
https://tools.ietf.org/html/draft-ietf-oauth-v2-22#section-3.3 этот документ? Сори, промахнулся, изменил линк
h
https://tools.ietf.org/html/draft-ietf-oauth-v2-22#section-3.3 этот документ? Сори, промахнулся, изменил линк
h
Сейчас в Spring Security нету Authorization Server, правильно?
No Authorization Server Support
In October 2012, RFC 6749, the OAuth 2.0 Authorization Framework, was published. Subsequently in May 2014, Spring Security OAuth released its 2.0.0 version with support for Authorization Server, Resource Server, and Client. This made a great deal of sense in the absence of OAuth 2.0 libraries and products.
Spring Security’s Authorization Server support was never a good fit. An Authorization Server requires a library to build a product. Spring Security, being a framework, is not in the business of building libraries or products. For example, we don’t have a JWT library, but instead we make Nimbus easy to use. And we don’t maintain our own SAML IdP, CAS or LDAP products.
In 2019, there are plenty of both commercial and open-source authorization servers available. Thus, the Spring Security team has decided to no longer provide support for authorization servers.
UPDATE: We’d like to thank everyone for your feedback on the decision to not support Authorization Server. Due to this feedback and some internal discussions, we are taking another look at this decision. We’ll notify the community on any progress.
https://spring.io/blog/2019/11/14/spring-security-oauth-2-0-roadmap-update
In October 2012, RFC 6749, the OAuth 2.0 Authorization Framework, was published. Subsequently in May 2014, Spring Security OAuth released its 2.0.0 version with support for Authorization Server, Resource Server, and Client. This made a great deal of sense in the absence of OAuth 2.0 libraries and products.
Spring Security’s Authorization Server support was never a good fit. An Authorization Server requires a library to build a product. Spring Security, being a framework, is not in the business of building libraries or products. For example, we don’t have a JWT library, but instead we make Nimbus easy to use. And we don’t maintain our own SAML IdP, CAS or LDAP products.
In 2019, there are plenty of both commercial and open-source authorization servers available. Thus, the Spring Security team has decided to no longer provide support for authorization servers.
UPDATE: We’d like to thank everyone for your feedback on the decision to not support Authorization Server. Due to this feedback and some internal discussions, we are taking another look at this decision. We’ll notify the community on any progress.
https://spring.io/blog/2019/11/14/spring-security-oauth-2-0-roadmap-update
h
Звучит здраво, не нужон он просто)
AE
Keycloak вроде берут в качестве AS
h
Еще https://github.com/ory/hydra неплохой
Э
humanoid
Звучит здраво, не нужон он просто)
C
humanoid
Еще https://github.com/ory/hydra неплохой
+
h
Лол, но еще не скоро будет видимо