Liferay Plugin for OAuth 2.0

OAuth 2.0 is an industry-standard authorization protocol. Users can seamlessly share select credentials from another website to log into yours. It works by authorizing password-less access to portions of user-owned resources (such as an email address, a user profile picture, or something else from your account) and other permissioned resources.

This app is released and patched through regular Fix Pack and Service Pack releases in DXP 7.1 FP17+ (SP4+) and DXP 7.2 FP5+ (SP2+) as of https://issues.liferay.com/browse/LPS-110306. Liferay Support's fix delivery method has changed from Hotfix LPKG to standard Hotfix.
  • DXP 7.1 FP17/SP4 includes v1.1.2
  • DXP 7.2 FP5/SP2 includes v2.0.3
Latest Changes
  • LPS-81706 Count* and related fetch* methods are returning inconsistent results when using null values in a null conve...
  • LPS-81723 Some categorizations of the configurations in System Settings are not matching user's expectations
  • LPS-81743 FileSystemStore > S3Store migration won't migrate previews and thumbnails
  • LPS-81770 Can't set AuthVerifierFilter properties in ServletContextHelpers created by whiteboard
  • LPS-81952 Gogo commands to show conflicts in JAX-RS whiteboard services
  • LPS-81999 Follow column order as specified in service.xml when setting attributes of object
  • LPS-82021 Rename configurations within Security that have redundant or too technical terms
  • LPS-82128 Remove unused entity references from generated services
  • LPS-82252 Current defaults make necessary to create too many config files to use verifier and OAuth2
  • LPS-82261 Improve Hibernate model property wiring performance
  • LPS-82343 Consolidate language keys
  • LPS-82460 Aries JAX-RS whiteboard doesn't log properly
  • LPS-82828 Simplify deprecation javadoc by using release code name instead of version
  • LPS-83494 Certain resource bundles cannot be overriden
  • LPS-84092 Apply Petra-String StringBundler to modules starting with H to O
  • LPS-84119 SourceFormatter improvements
  • LPS-85296 Clean up @Component annotation
  • LPS-85765 Create a jar that includes all "*-api" portal jars
  • LPS-85849 dynamicQuery methods should be annotated with @Transactional(readOnly=true)
  • LPS-86408 Set default Java version to 1.8 for OSGi projects
  • LPS-86412 Simplify setup process for connecting dxp to analytics cloud
  • LPS-86473 Startup error from incorrect dependency resolution
  • LPS-86667 Warning thrown when starting portal with DBStore
  • LPS-86779 NPE in DM metadata generation classes
  • LPS-86806 Create Java Parser
  • LPS-87825 ReleaseManager's autoUpgrade="false" config doesn't work
  • LPS-88170 Service Builder Generated Class possibility of Syntax Error
  • LPS-88171 Apply formatting for spring framework annotations
  • LPS-88181 Pull up fetchByPrimaryKeys() from generated PersistenceImpls to BasePersistenceImpl
  • LPS-88665 Create internal functional attribute getter and setter methods and to duplication in generated models
  • LPS-88871 Missing asterisks for required field when adding OAuth 2 Application
  • LPS-89445 Uuid column bitmasks are never used by ServiceBuilder
  • LPS-89456 Keyword "system" should be escaped for MySQL 8.0
  • LPS-89567 StagedAuditedModel is not found when using service builder
  • LPS-90032 Partial backport to 7.1.x to resolve com.liferay.oauth2.provider.client.test failures
  • LPS-90171 Change default authorization means for JAX-RS applications
  • LPS-90379 Always use javax.ws.rs-api 2.1 vs. 2.0.1
  • LPS-90778 Authentication error between Analytics Cloud and DXP instance
  • LPS-91343 Integrate portal-tools-java-parser with ServiceBuilder
  • LPS-91463 REST Builder generated files should not depend on OAuth at runtime
  • LPS-91970 Service Builder adds columns with db-column name as badColumnNames even if db-name is valid
  • LPS-92677 Redundant indexes are created where there are composite primary keys or it involves a table mapping
  • LPS-94202 Not able to expand various panels in Portal
  • LPS-96018 Optimize Proxy creation
  • LPS-96206 Remove all String.join() usage, replace it with StringUtil.merge()
  • LPS-96481 Turn on disabled Source Formatter checks and apply across private repos and subrepos
  • LPS-96830 Avoid initialization of _escapedModelProxyProviderFunction when not needed
  • LPS-97048 fragment-impl depends on oauth2-provider-api
  • LPS-97169 Deprecated CompanyProvider and remove its usages
  • LPS-97971 @Context for JAX-RS is slowing down boot up
  • LPS-99252 Change retrieveFromCache persistence variable to useFinderCache
  • LRDOCS-5069 COMMERCE-299 javadocs and other docs in liferay-portal master
  • LRDOCS-6300 Remove unnaccessible class references from Javadoc of generated classes
  • LRDOCS-8120 Javadoc: Don't tell API consumers to use the LocalServiceUtil
  • LRQA-51488 Clarifying strings
  • OAUTH2-116 SPI to extend the REST capabilities of the Liferay OAuth2 provider
  • OAUTH2-124 Merge REST module to master
  • OAUTH2-128 Move OAuth2 into whiteboard
  • OAUTH2-131 Merge tests modules into master
  • OAUTH2-143 Applications using both OAuth2 and basic can't check scopes in OAuth2
  • OAUTH2-150 NullPointerException in BaseScopeCheckerContainerRequestFilter
  • OAUTH2-157 JSONWS scope names matching must correlate to SAP entry relationships
  • OAUTH2-174 BundlePrefixHandlerFactory is not using the correct bundle sometimes
  • OAUTH2-175 If a set of scopes is mapped to multiple scope aliases, the UI only renders one at random
  • OAUTH2-177 Glitch in language key
  • OAUTH2-202 User must be Site Member to use OAuth2 Authorize portlet
  • OAUTH2-208 OAuth2 Applications is not translated to any other language
  • OAUTH2-209 Upgrade CXF OAuth2 modules to latest version
  • OAUTH2-210 Using wrong clientId with Authorization Code Flow Grant log and outputs an error message
  • OAUTH2-211 Getting token using authorization code flow results in a warn message being logged to the console
  • OAUTH2-214 OAuth2 applications sometimes do not pick up new application scopes for already assigned scope aliases
  • OAUTH2-215 NPE when navigating to OAuth 2 Administration
  • OAUTH2-216 Authorization prompt displays different scope to what will actually be granted
  • OAUTH2-218 As a portal administrator I want to display OAuth2 Scopes using Gogo console
  • OAUTH2-227 Refresh Token Recycling
  • OAUTH2-229 Authorization request fails if server is using a proxy to redirect from https -> http (WeDeploy)
  • OAUTH2-236 Authorization flow breaks if referring to portal by IP not in redirect.url.ips.allowed
  • OAUTH2-238 Support ability to create custom RequiresScope annotations
  • OAUTH2-239 Rename property oauth2.scopechecker.type to oauth2.scope.checker.type
  • OAUTH2-240 Support scope annotations on implemented interfaces
  • OAUTH2-241 Update default configurations for PrefixHandler and ScopeMapper
  • OAUTH2-242 OAuth2 Authorization Code is not working in cluster environment
  • OAUTH2-255 SAP Whitelisted JAX-RS resource cannot be accessed with no access token
  • OAUTH2-266 HttpMethodFeature does not collect scopes dynamically
  • OAUTH2-267 Javascript errors within Scopes tab
  • OAUTH2-274 Portal Services scopes don't show up on all nodes of cluster
  • OAUTH2-278 ScopeLocatorImpl throws NullPointerException if getLiferayOAuth2Scopes is invoked with a combination of par...
Show More

Customers Who Viewed This Also Bought