Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rewrite the OAuth2 API to make GraphQL requests #54

Open
mike-marcacci opened this issue Aug 27, 2019 · 2 comments
Open

Rewrite the OAuth2 API to make GraphQL requests #54

mike-marcacci opened this issue Aug 27, 2019 · 2 comments
Labels
packages/authx type:enhancement

Comments

@mike-marcacci
Copy link
Member

After considering the extension mechanism described in #52, it's become clear that instead of providing an additional API that uses models directly, this should instead make GraphQL requests to the AuthX server. This way we avoid bypassing any registered extensions (which will be applied at the GraphQL layer).
@mike-marcacci
Copy link
Member Author

This will require us to add core support for an authorization header that contains client credentials and a refresh token...

@mike-marcacci
Copy link
Member Author

As I've continued to think through the relationship between OAuth and AuthX, I have grown more confident that this is a solid strategy. We will need to come up with an appropriate scheme according to RFC7235, and then select (or create) a "root" authorization for the grant like we currently do for the oauth2 flow.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
packages/authx type:enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mike-marcacci