search

google-code-export / google-api-java-client

Automatically exported from code.google.com/p/google-api-java-client
1 stars 0 forks source link

Update to latest OpenID Connect specification #705

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
External references, such as a standards document, or specification?

https://developers.google.com/accounts/docs/OAuth2ServiceAccount

http://javadoc.google-oauth-java-client.googlecode.com/hg/1.13.1-beta/com/google
/api/client/auth/jsontoken/package-summary.html

http://javadoc.google-oauth-java-client.googlecode.com/hg/1.13.1-beta/com/google
/api/client/auth/openidconnect/package-summary.html

http://tools.ietf.org/html/draft-jones-json-web-token

http://tools.ietf.org/html/draft-ietf-jose-json-web-signature

http://openid.net/specs/openid-connect-session-1_0.html

http://javadoc.google-api-java-client.googlecode.com/hg/1.13.2-beta/com/google/a
pi/client/googleapis/auth/oauth2/GoogleCredential.html

http://javadoc.google-api-java-client.googlecode.com/hg/1.13.2-beta/com/google/a
pi/client/googleapis/auth/oauth2/GoogleIdToken.html

http://javadoc.google-api-java-client.googlecode.com/hg/1.13.2-beta/com/google/a
pi/client/googleapis/auth/oauth2/GoogleTokenResponse.html

Java environments (e.g. Java 6, Android 2.3, App Engine, or All)?

All

Please describe the feature requested.

These specifications based on JWT are in draft form.  However, we want Google 
Service Accounts support in the out-of-beta version 1 library.  We cannot use 
draft specs in an out-of-beta library.  Therefore, we will have to change the 
implementation to remove the dependence on the jsontoken package, probably by 
copying some of the current code from the OAuth project into the Google 
project.  Similarly for id_token in the GoogleTokenResponse.

Original issue reported on code.google.com by yan...@google.com on 12 Jan 2013 at 2:54

GoogleCodeExporter commented 9 years ago

Original comment by yan...@google.com on 18 Jan 2013 at 3:13

GoogleCodeExporter commented 9 years ago 
There have been some changes to the OpenId specs that the Google servers might 
adopt soon.  Now might be a good time to change our own implementation.

Original comment by yan...@google.com on 30 Jan 2013 at 1:00

GoogleCodeExporter commented 9 years ago 
Dropping the part about removing dependence since we will mark the Service 
Accounts suport "Experimental".  Keeping the part about updating to the latest 
specification.

Also, while we are at it: GoogleCredential needs to be updated to the latest 
way to do assertions, where we remove the assertion_type parameter and change 
the grant_type to "urn:ietf:params:oauth:grant-type:jwt-bearer".

Original comment by yan...@google.com on 13 Feb 2013 at 12:08

GoogleCodeExporter commented 9 years ago 
https://codereview.appspot.com/7322079/

Original comment by yan...@google.com on 15 Feb 2013 at 9:44

GoogleCodeExporter commented 9 years ago

Original comment by yan...@google.com on 19 Feb 2013 at 7:17

GoogleCodeExporter commented 9 years ago

Original comment by yan...@google.com on 18 Mar 2013 at 5:57