Capture access token from IdP #54

shawnhankim · 2022-11-09T22:11:34Z

Background:

Current NJS implementation disregard the access_token that is being sent by the IdP and only uses the id_token to get stored in the NGINX Plus K/V store.

Token Recommandation

When Using	Do	Don't
ID Token	- Assume the user is authenticated	- Call an API
	- Get user profile data	- Check if the client is allowed to access something.
Access Token	- Call an API	- Inspect its content on the client
	- Check if the client is allowed to access something
	- Inspect its content on the server side

Acceptance Criteria:

Enhance the NJS Code to capture the access_token sent by the IdP.
Store the access_token in the k/v store as same as we store id_token and refresh_token

Compatibility:

This issue will not block the existing features as there would be no change of variables, and this is just to add features.

The text was updated successfully, but these errors were encountered:

shawnhankim · 2022-11-15T19:56:11Z

@route443 : You can use this PR if you want to test the access token.

shawnhankim · 2022-11-17T22:25:40Z

Per discussion with @route443 : I close this PR because I have consolidated this PR into #55. Thanks @route443 for your time. 👍

shawnhankim changed the title ~~feat: capture access token from IdP~~ Capture access token from IdP Nov 9, 2022

shawnhankim mentioned this issue Nov 9, 2022

feat: capture access token from IdP #56

Closed

shawnhankim closed this as completed Nov 17, 2022

Provide feedback