Uniform authentication method for HttpSender #3045
Description
Describe the issue
Create a new uniform method of authenticating on the HttpSender. Depending on the auth-scheme you need to be able to specify a few URL's or attributes instead of <Param name="Authorization" xpathExpression="concat('Bearer', access_token)"/> see #2983. oauth1 vs oauth2 vs saml vs openid connect
https://www.okta.com/identity-101/whats-the-difference-between-oauth-openid-connect-and-saml/
Is this part of HttpComponents 5? Or is it more widely supported there? Then perhaps we should upgrade first (v4 to v5).
Grant Types
- Authorization Code Grant.
- Implicit Grant Type. (deprecated, rfc6749#section-1.3.2)
- Proof Key for Code Exchange (not used much I think)
- Device Code Grant. (rfc8628)
- Client Credentials Grant. (rfc6749#section-4.4)
Implemented:
- Refresh Token Grant. (rfc6749#section-1.5)
- Resource Owner Password Credentials. (deprecated)
- Basic auth (on resource server)
- Basic auth (on authorization server)
Related
- saml 2.0 support in httpsender #7683
- JWT support so params with a bearer token are not required anymore
- OpenId connect (rfc6750)
Metadata
Metadata
Assignees
Labels
No labels
Type
Projects
Status