OAuth2 Plugin for CloudFoundry UAA

Initial implementation  of a plugin that supports the
CloudFoundry UAA OAuth2 server protocol (see
https://github.com/cloudfoundry/uaa/blob/master/docs/UAA-APIs.rst)

UAA uses so-called JSON web tokens as access tokens,
which already contain the required user id and email
information. This makes an additional request for the
user detail information obsolete. JSON web tokens
have a signature that is verified by the service.
Both HMACSHA256 and SHA256withRSA signatures are
supported.

The plugin has been tested with UAA 2.4.0 but should work
also with older UAA versions.

Change-Id: I3a7c4a885b7dc7491c9092e9a340974b0a37748d
Signed-off-by: Michael Ochmann <michael.ochmann@sap.com>
22 files changed
tree: 18a2bf7eb94fdf57878980b3ed11e4835ae5b6bd
  1. .buckconfig
  2. .gitignore
  3. BUCK
  4. LICENSE
  5. LICENSE-scribe
  6. README.md
  7. VERSION
  8. lib/
  9. src/
README.md

Cloud Foundry UAA OAuth 2.0 Authentication Provider

With this plugin Gerrit can use OAuth2 protocol to authenticate users accessing Gerrit's Web UI with a CloudFoundry User Account and Authentication (UAA) server. The Sign In link will redirect the user to the UAA login screen.

For Git-over-HTTP communication users still need to generate and use an HTTP password.

License

Apache License 2.0