GSOC 2017 — OAuth 2.0 DCRM Protocol Support for WSO2 Identity Server

Introduction to OAuth 2.0 DCRM
OAuth 2.0 Dynamic Client Registration Management(DCRM) Protocol defines a set of rules to manage a registered OAuth 2.0 Client in an authorization server.
To understand the protocol: here
Specification: here
OAuth 2.0 DCRM Support for WSO2 IS
The ultimate goal of this GSOC project is to enable OAuth 2.0 DCRM protocol functionality in WSO2 IS.
Proposal: here
Let’s see how it works.
Before managing, the client should be registered in the Identity server with OAuth 2.0 configurations.
clientid — client ID returned from the server during the registration of the client
Read the client
Format of the HTTP request:
GET https://localhost:9443/identity/register/<clientid> HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=A valid request will read the client in the Identity Server and respond to the user with client meta data.
Update the client
Format of the HTTP request:
PUT https://localhost:9443/identity/register/<clientid> HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
{
"client_name": "app1",
"client_id": "7JccuZUyU1RJR9qgfFHcUi0PbY4a",
"client_secret": "8iiiJbCpT2fRdKOmShWNWI1_RFEa",
"grant_types": ["implicit"],
"redirect_uris": ["vakldsnvl"]
}client_name, client_id and client_secret should be same as the values returned from the server.
A valid request will update the client details in the Identity Server and respond to the user with the client meta date.
Delete the client
Format of the HTTP request:
DELETE https://localhost:9443/identity/register/<clientid> HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=A valid request will delete the client from the Identity Server and respond to the user with 204 No content status code.
Try out the sample to see how it works
Follow the steps
1. Deploy the sample app playground2 (<PRODUCT-IS-HOME>/ modules/samples/oaut h2/playground2/target/playground2.war) on a web container — Apache Tomcat server.
2. Update the hostname in etc/hosts to wso2is.local
3. Start the Apache Tomcat Server
4. Start the WSO2 Identity Server
5. Access http://wso2is.local:8080/playground2/
6. You will be directed to the landing page of sample application.
7. Click on ‘Manage’ to try OAuth2.0 DCRM in the WSO2 IS.
8. Select the method ‘Create’ to register a new service provider in the server.
9. Enter:
Client Name : Playground2
Grant Types : implicit,authorization_code
Redirect URIs : http://playground210. When you enter ‘Request’, you will be directed to a new page and shown up with the response of your request to create a new application.
11. Click on Manage on the top right to go back and try Read, Update and Delete requests.
12. To Read and Delete requests, use the client ID returned in the above response.
13. To update your client use the client name, client ID and client secret returned in the above response.
Finally, I would like to thank GSOC-2017 team for this great opportunity to contribute to open source during this summer and WSO2 for selecting my proposal. I am grateful to thank my mentors Maduranga Siriwardena and Ishara Karunarathna for their guidance and support throughout this project. Also my gratitude goes to the members of WSO2, who have shared their valuable feedback to improve my work.
