LinkedDataHub icon indicating copy to clipboard operation
LinkedDataHub copied to clipboard
verified publisher icon AtomGraph

Verify JWT token

Open namedgraph opened this issue 5 years ago • 4 comments

Implement OpenID Connect as an alternative authentication method to WebID, starting with support for Google.

namedgraph avatar Jan 05 '21 12:01 namedgraph

Support is now implemented in oauth.google.AuthorizeGoogle, oauth2.Login resources and the IDTokenFilter.

Requires GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET environmental variables in docker-compose.yml.

It can be accessed using the [Login with Google] button in the top right (next to [Sign up]).

namedgraph avatar Jan 05 '21 12:01 namedgraph

Needs more testing still, and probably a security evaluation. state parameter is currently not being validated: https://github.com/AtomGraph/LinkedDataHub/blob/master/src/main/java/com/atomgraph/linkeddatahub/resource/oauth2/Login.java#L147

namedgraph avatar Jan 05 '21 12:01 namedgraph

It should have a possibility of logout, too.

namedgraph avatar Jan 06 '21 11:01 namedgraph

The JWT token is also currently not verified in oauth2.Login.

namedgraph avatar Jan 12 '21 21:01 namedgraph