...
- Ability to manage users and groups
- Login, forgot password, password reset
- Signup and approval workflow
- Oauth support
Prototype
- Implement Oauth in API server or other Oauth sample SP
- Implement WSO2 IdP with custom login (InfoRecoverySample)
- Federated authenticator with Github?
Oauth 2.0 overview
https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2
- Register service with Oauth identity provider
- Authorization flow
The Oauth identity provider is the service you will rely on to store user credentials, in our case Github.com. When the user selects to "sign up" with Github.com, the authorization flow begins and the user is prompted to "authorize" our application to access their profile information. In this case, the user is authorizing NDS Labs. In a later step, NDS Labs will need to authorized the user to access our resources.
Here, NDS Labs is a service provider and Github is an identity provider (in SAML terms).
Running our own WSO2 IdP, NDS Labs becomes both service and identity provider and can serve as an Oauth IdP for other applications.
Candidate SSO Implementations
...