Implement OAuth2 server, link oauth:Client and auth::Oauth2Client, implement permission checks

2020-05-16 23:55:08 -05:00
parent 6f621f5891
commit d558f21375
51 changed files with 2808 additions and 159 deletions
--- a/config/auth.config.js
+++ b/config/auth.config.js
@@ -10,7 +10,7 @@ const auth_config = {
    servers: {
        // OAuth2 authorization server
        oauth2: {
-            enable: env('OAUTH2_SERVER_ENABLE', false),
+            enable: env('OAUTH2_SERVER_ENABLE', true),

            // Grants that are available to clients. Supported types are authorization_code, password
            grants: ['authorization_code'],
@@ -20,7 +20,8 @@ const auth_config = {

                // Get the token user's data
                user: {
-                    enable: env('OAUTH2_SERVER_ENABLE', true),
+                    // enable: env('OAUTH2_SERVER_ENABLE', false),
+                    enable: false,

                    // Fields to return to the endpoint
                    // The keys are the keys in the request. The values are the keys in the user.
@@ -177,6 +178,20 @@ const auth_config = {
        coreid_base: ['my:profile'],
        saml_admin: ['v1:saml', 'saml'],

+        base_user: [
+            // Message Service
+            'v1:message:banners',
+
+            // Permission Checks
+            'v1:reflect:check_permissions',
+
+            // Profile
+            'v1:profile',
+
+            // Password API
+            'v1:password',
+        ],
+
    },

 }