Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OAuth token exchange updates #2

Open
wants to merge 17 commits into
base: main
Choose a base branch
from
Open

OAuth token exchange updates #2

wants to merge 17 commits into from

Conversation

gary-archer
Copy link
Collaborator

@gary-archer gary-archer commented Jan 2, 2025
edited
Loading

PRIMARY CHANGES

  • The project did not build with newer versions of Node.js so I updated dependencies.
  • Update to the standards based token exchange that was added to the Curity Identity Server, which supports upscoping, which makes zero trust API events use case more interesting.

SECONDARY CHANGES

  • Add the exchanged access token to Kafka message headers rather than the event body.
  • Add a unique event ID to the message rather than a hash of the event message.
  • I updated the storyline to orders and invoicing which is more natural I think, since payments would involve user consent.

@gary-archer gary-archer changed the title (WIP) Code and token exchange updates Code and token exchange updates Jan 2, 2025
gary-archer
gary-archer commented Jan 3, 2025
View reviewed changes
deploy.sh
RESULT=$?
done

#
# Run local APIs if required
# If APIs are deployed there is nothing left to do
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor changes to run on macOS, Windows or Linux

gary-archer
gary-archer commented Jan 3, 2025
View reviewed changes
orders-api/src/infrastructure/authorizer.ts
/*
* Do a token exchange to get a reduced scope access token to include in the event published to the message broker
*/
export async function tokenExchange(accessToken: string, orderTransactionID: string, eventPayloadHash: string): Promise<string> {
export async function tokenExchange(accessToken: string, eventID: string, transactionID: string): Promise<string> {

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use the standards based token exchange

@gary-archer gary-archer changed the title Code and token exchange updates OAuth token exchange updates Jan 6, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@gary-archer