OAuth
When a request is received from the user, the gateway redirects the user to OAuth Authorization server to login and grant access to the protected facade operation.
When the OAuth authentication server sends the authorization code back to the policy callback endpoint after the user’s successful login and grant access to the facade operation, the gateway exchanges the authorization code for an access token from the authorization server. Because the protected facade operation does not access user’s resources, the access token is only used for authentication purposes.
AuthenticationbyOAuth Policy
<?xml version="1.0" encoding="UTF-8"?>
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<ns:AuthenticationByJaas xmlns:ns="http://xsd.tns.tibco.com/governance/policy/action/2009">
<ns:OAuthToken>
<ns:Provider>TIBCO</ns:Provider>
<ns:ClientID>security</ns:ClientID>
<ns:ClientSecret>ef6e7dca3d52973f73ec3dd0da7087d400f5a05a</ns:ClientSecret>
<ns:CallbackURI>http://localhost:9322/asg/oauth2/client/callback</ns:CallbackURI>
</ns:OAuthToken>
</ns:AuthenticationByJaas>
</wsp:Policy>
- Schema for OAuth Policies
The supported OAuth policies use the following OAuth assertion schema: - OAuth Policy File Fields
The OAuth 2.0 policy file contains the following fields:
Copyright © Cloud Software Group, Inc. All rights reserved.