Skip to main content

GSoC 2015 - In a nutshell

GSoC 2015 - In a nutshell

I got the opportunity this summer(well it summer all year in Sri Lanka) to take part in Google Summer of Code. My project was to implement the User Managed Access 1.0 specification for WSO2 Identity Server. Though I wanted to blog about the project as the project went along, I did really make it a reality. They say it's never too late to share some experience.

First of all I need to thank my mentors Johann Nallathamby and Prabath Siriwardena for their absolute support to make this project a reality. Johann in particular has been helpful all the way bearing my late night calls and chats to clarify and provide feedback. The overall experience of participating in GSoC was simply "awesome".

Its my first considerable contribution to an open source project. And the experience gathered during the past three months have been priceless. There were sleepless nights where i could not get things to work missing out on trivial things, other days where i notched up hard things in no time. I learned to steer a project through all these phases effectively. Most importantly i learnt to improve myself each day.

Feedback is the key to doing something right. I was sincere in troubling my mentors for feedback and luckily for me they enjoyed it too. I was an intern at WSO2, therefore i did setting up and rolling on with the project. It took me sometime to get started with the final year starting to heat up at the uni. But once it kick started it really took off.

The most highlighting part of this whole thing was that i got to meet lot of people, offline... of course. But it was amazing to see how helpful people were(I know that feel bro...). I mean it was fun to discuss things with people who shared similar interests as you and of course with completely opposite views as well. Anyways I would say it was one of those awesome things you do without you actually realizing it.

As for the details of my project and it implementation, I hope to write some posts very soon(hopefully). Sorry for the typos - I really typed this up in a hurry to savour the moment.  

Comments

Post a Comment

Popular posts from this blog

Configuring WSO2 Identity Server to return Attribute Profile claims in SAML SSO Response

Configuring SAML SSO for an external Service Provider with WSO2 Identity Server is probably one of the most common use cases I heard from my day 1 at WSO2.

Setting up is quite easy, Just follow the docs here.

Now let me start from there, what if someone wants to retrieve certain claims of a user in the SAML Response. How easy is it to configure that?

Well, Let me show you :)

Step 1

Assuming that you have setup a Service Provider in Identity Server by following the docs, you should have a configuration like the one below,



The most important part of this config is the "Enable Attribute Profile" tick, that allows you to get a set of pre-configured claims in the SAML response. Be sure to have it ticked.

Step 2

Now your are done with Step 1, In Step 2 you simply configure the claims that you want to be returned in the SAML response. To do this,

Go to the "Claim Configuration" section of the service provider,


Now click on "Add Claim URI" and select the claims tha…

Trying out OAuth2 Authorization Code grant with WSO2 Identity Server without the PlayGround2 App

The first thing I did after joining the WSO2 Identity Server team was to test the WSO2 Identity Server 5.2.0-beta pack. I had some experience playing around with OAuth so I started testing OAuth scenarios. I was able to test most grant types with ease. Then came the authorization code grant type. The usual way to test it was to setup the playground2 app and test. I wanted to look for an alternate way to test the Authorization grant type without setting up the app (partly because I was lazy to download tomcat etc. :P )

So with the help of my team member Pushpalanka, I found an alternate way to get an access token by simply using a browser redirect and a curl command. So I wanted to make a note in case someone wanted to do the same :)


1. First, log in to the Identity Server management console.
       the defaults are,
                  username = admin                   password = admin

2. Go to the Service Provider configuration page and create a Service Provide, let's say SP_lazy…

JWT Bearer Grant - OAuth2

Previously I wrote a post on my first step towards understanding OAuth. This post continues builds on that. OAuth has different types of flows targeting various scenarios or use cases. The main feature that differentiates each of these flows is the grant type.

What exactly is an OAuth grant type? An OAuth grant is something that a client application could exchange for an access token from an Authorization Server. An access token typically represents a user's permission for the client application to access the resources on their behalf
OAuth Grant Types The OAuth 2.0 core specification defines four types of grants,
Authorization code grantImplicit grantResource owner credentials grantClient credentials grant In addition to these the core specification also defines a refresh grant type.
There are few new additions to these as well,
Message authentication code (MAC) tokensSAML 2.0 Bearer Assertion ProfilesJSON Web Token grant
I would like to focus on the JSON Web Token Grant in this po…