commit	5a071f8a5e97e7be5d4fd49f9ef6c3aeac31b12c	[log] [tgz]
author	Michael Ochmann <michael.ochmann@sap.com>	Mon Jul 20 11:40:23 2015 +0200
committer	Michael Ochmann <michael.ochmann@sap.com>	Wed Jul 22 11:52:00 2015 +0200
tree	18a2bf7eb94fdf57878980b3ed11e4835ae5b6bd

OAuth2 Plugin for CloudFoundry UAA

Initial implementation  of a plugin that supports the
CloudFoundry UAA OAuth2 server protocol (see
https://github.com/cloudfoundry/uaa/blob/master/docs/UAA-APIs.rst)

UAA uses so-called JSON web tokens as access tokens,
which already contain the required user id and email
information. This makes an additional request for the
user detail information obsolete. JSON web tokens
have a signature that is verified by the service.
Both HMACSHA256 and SHA256withRSA signatures are
supported.

The plugin has been tested with UAA 2.4.0 but should work
also with older UAA versions.

Change-Id: I3a7c4a885b7dc7491c9092e9a340974b0a37748d
Signed-off-by: Michael Ochmann <michael.ochmann@sap.com>

.buckconfig[Added - diff]
.gitignore[Added - diff]
BUCK[Added - diff]
LICENSE[Added - diff]
LICENSE-scribe[Added - diff]
README.md[Added - diff]
VERSION[Added - diff]
lib/BUCK[Added - diff]
lib/commons/BUCK[Added - diff]
lib/gerrit/BUCK[Added - diff]
src/main/java/com/googlesource/gerrit/plugins/cfoauth/AccessToken.java[Added - diff]
src/main/java/com/googlesource/gerrit/plugins/cfoauth/CFOAuthService.java[Added - diff]
src/main/java/com/googlesource/gerrit/plugins/cfoauth/HMACSHA256SignatureVerifier.java[Added - diff]
src/main/java/com/googlesource/gerrit/plugins/cfoauth/HttpModule.java[Added - diff]
src/main/java/com/googlesource/gerrit/plugins/cfoauth/InitOAuthConfig.java[Added - diff]
src/main/java/com/googlesource/gerrit/plugins/cfoauth/SHA265WithRSASignatureVerifier.java[Added - diff]
src/main/java/com/googlesource/gerrit/plugins/cfoauth/SignatureVerifier.java[Added - diff]
src/main/java/com/googlesource/gerrit/plugins/cfoauth/UAAClient.java[Added - diff]
src/main/java/com/googlesource/gerrit/plugins/cfoauth/UAAClientException.java[Added - diff]
src/main/resources/Documentation/build.md[Added - diff]
src/main/resources/Documentation/config.md[Added - diff]
src/test/java/com/googlesource/gerrit/plugins/cfoauth/UAAClientTest.java[Added - diff]

22 files changed

tree: 18a2bf7eb94fdf57878980b3ed11e4835ae5b6bd

README.md

Cloud Foundry UAA OAuth 2.0 Authentication Provider

With this plugin Gerrit can use OAuth2 protocol to authenticate users accessing Gerrit's Web UI with a CloudFoundry User Account and Authentication (UAA) server. The Sign In link will redirect the user to the UAA login screen.

For Git-over-HTTP communication users still need to generate and use an HTTP password.

License

Apache License 2.0