OAuth 2.0 Authentication

[paraschivionut]

Why

To have an easy way of adding authentication and authorization to REST APIs

What

• [ ] Add support for oauthentication

Notes

We would like to see if we can find an out of the box oauth server that implements the oauth2 standard that also enabled some UI screens to create auth clients, add authorization rules etc

[paraschivionut]

Oauth 2.0

oauth client => consumer of the application's APIs => each consumer has clientId clientSecret => will gain access to a list of grants

• password: application can authenticate w/ username/password
• refresh_token: application has a limited available accessToken that gets renewed using the refreshToken

The RoR app will have client (should use the same values as here https://github.com/3angleTech/nodeApi/blob/master/web-api/config/default.json).