Details
-
Improvement
-
Status: Open
-
Major
-
Resolution: Unresolved
-
3.2.4
-
None
-
None
-
Unknown
Description
I propose to improve STS REST interface in following points:
1. It is not possible to change path of the REST interface and could be issue with defining realm name
In current implementation realm name is not defined implicitly as path parameter in @Path annotation, but usually calculated from URI in implementation of RealmParser. In our situation implementation of RealmParser work good for SOAP STS interface, but did not work for current REST implementation.
Of course, it could be addapted again for REST case, but it looks more like workaround then a clean solution. It is more relaible to define all necessary path and query parameters in the interface then relay that somewhere inside STS it will be parsed properly.
2. There is no any flexibility with custom functionality
We decided to provide endpoint that provide public key for verification "/jwk/keys", similar as Fediz OIDC provides. With current implementation I would need to create new jaxrs server, define similar configuration, etc.
3. There is no OpenAPI documentation
It is necessary to add the documentation to new interface.
I propose to provide the improvements as new module 'sts-rest' that will use 'sts-core' as dependency.
Attachments
Issue Links
- links to