Liferay Plugin for OAuth 2.0

OAuth 2.0 is an industry-standard authorization protocol. Users can seamlessly share select credentials from another website to log into yours. It works by authorizing password-less access to portions of user-owned resources (such as an email address, a user profile picture, or something else from your account) and other permissioned resources.

This app is released and patched through regular Fix Pack and Service Pack releases in DXP 7.1 FP17+ (SP4+) and DXP 7.2 FP5+ (SP2+) as of https://issues.liferay.com/browse/LPS-110306. Liferay Support's fix delivery method has changed from Hotfix LPKG to standard Hotfix.
  • DXP 7.1 FP17/SP4 includes v1.1.2
  • DXP 7.2 FP5/SP2 includes v2.0.3
Latest Changes
  • OAUTH2-119 Merge Provider API and Service into master
  • OAUTH2-120 Merge JSONWS support into master
  • OAUTH2-121 Merge Scopes implementation into master
  • OAUTH2-122 Merge Web module into master
  • OAUTH2-124 Merge REST module to master
  • OAUTH2-126 OAuth2 scopes are not narrowed down when client requests
  • OAUTH2-127 CXF Configuration can be created multiple times
  • OAUTH2-128 Move OAuth2 into whiteboard
  • OAUTH2-129 NullPointerException in application descriptor when no ResourceBundleLoader is registered
  • OAUTH2-130 Merge missing ApplicationDescriptorLocator in oauth2-provider-scope-impl module
  • OAUTH2-131 Merge tests modules into master
  • OAUTH2-132 indexes are being created on LOB columns
  • OAUTH2-134 Broken service filter used for application descriptors
  • OAUTH2-135 OAuth2ApplicationScopeAliases scopeAliases column is too short for most usages
  • OAUTH2-137 OAuth2 modules don't log properly
  • OAUTH2-138 Must aggregate OAuth2 app authorizations in "connected applications" portlet
  • OAUTH2-139 APIO can't define scopes for OAuth2 without developing custom components
  • OAUTH2-141 NPE when going to add a new OAuth2 application
  • OAUTH2-143 Applications using both OAuth2 and basic can't check scopes in OAuth2
  • OAUTH2-144 CLOB is not supported on PGSQL
  • OAUTH2-146 Uploaded application icons should be resized before storing
  • OAUTH2-149 OAuth2 Application Description length is only 75 characters
  • OAUTH2-150 NullPointerException in BaseScopeCheckerContainerRequestFilter
  • OAUTH2-152 Occasionally missing fields for OAuth2 Administration edit Client ID/Secret modals
  • OAUTH2-154 OAuth2 Administration edit Client ID/Secret modals off-center
  • OAUTH2-157 JSONWS scope names matching must correlate to SAP entry relationships
  • OAUTH2-158 Disabled SAP scopes are published
  • OAUTH2-161 Server error when multiple redirect URIs are specified but none provided
  • OAUTH2-162 The assign scopes modal does not allow scrolling if taller than viewport
  • OAUTH2-165 Pencil icon should be on the right side of input box, not below
  • OAUTH2-168 Make sure no page needs to be created for Authorization Code grant flow
  • OAUTH2-169 Make portlet title end-user friendly
  • OAUTH2-170 "OAuth2" should not be present in ConfigurableScopeCheckerFeatureConfiguration localization
  • OAUTH2-172 Authorization Code grant flow is not honoring scope narrow down
  • OAUTH2-174 BundlePrefixHandlerFactory is not using the correct bundle sometimes
  • OAUTH2-175 If a set of scopes is mapped to multiple scope aliases, the UI only renders one at random
  • OAUTH2-177 Glitch in language key
  • OAUTH2-202 User must be Site Member to use OAuth2 Authorize portlet
  • OAUTH2-208 OAuth2 Applications is not translated to any other language
  • OAUTH2-209 Upgrade CXF OAuth2 modules to latest version
  • OAUTH2-210 Using wrong clientId with Authorization Code Flow Grant log and outputs an error message
  • OAUTH2-211 Getting token using authorization code flow results in a warn message being logged to the console
  • OAUTH2-214 OAuth2 applications sometimes do not pick up new application scopes for already assigned scope aliases
  • OAUTH2-215 NPE when navigating to OAuth 2 Administration
  • OAUTH2-216 Authorization prompt displays different scope to what will actually be granted
  • OAUTH2-218 As a portal administrator I want to display OAuth2 Scopes using Gogo console
  • OAUTH2-227 Refresh Token Recycling
  • OAUTH2-228 Editing Client ID immediately after saving Scope results in UI issues
  • OAUTH2-229 Authorization request fails if server is using a proxy to redirect from https -> http (WeDeploy)
  • OAUTH2-231 Client ID generation is not guaranteed to be unique
  • OAUTH2-236 Authorization flow breaks if referring to portal by IP not in redirect.url.ips.allowed
  • OAUTH2-238 Support ability to create custom RequiresScope annotations
  • OAUTH2-239 Rename property oauth2.scopechecker.type to oauth2.scope.checker.type
  • OAUTH2-240 Support scope annotations on implemented interfaces
  • OAUTH2-241 Update default configurations for PrefixHandler and ScopeMapper
  • OAUTH2-242 OAuth2 Authorization Code is not working in cluster environment
  • OAUTH2-243 ScopeMatcher should be applied before and after ScopeMapper and PrefixHandler
  • OAUTH2-248 Blank screen seen after clicking Authorize on Authorization Request portlet
  • OAUTH2-251 Scope aliases to application permissions table loses information
  • OAUTH2-252 ScopeDescriptorLocator must support companyId
  • OAUTH2-255 SAP Whitelisted JAX-RS resource cannot be accessed with no access token
  • OAUTH2-257 Persistent input values within OAuth2 Administration edit Client ID/Secret modals
  • OAUTH2-258 Data too long for column 'RemoteIPInfo'
  • OAUTH2-259 Allow Client Credentials grant flow to specify the user that the token will be granted as
  • OAUTH2-260 Scope aliases containing reserved CSS characters break UI
  • OAUTH2-261 Assigning scopes with multiple aliases causes backend to receive a single concatenated "alias"
  • OAUTH2-262 "OAuth 2 connected applications" means nothing to end-users
  • OAUTH2-263 Analytics Cloud OAuth2 application created without any OAuth2ScopeGrant records
  • OAUTH2-264 Link to show related "global scopes" shows unrelated too
  • OAUTH2-265 Bundled REST applications are missing application name and scope translations
  • OAUTH2-266 HttpMethodFeature does not collect scopes dynamically
  • OAUTH2-267 Javascript errors within Scopes tab
  • OAUTH2-268 Resource scope unchecked despite being covered by a checked global scope
  • OAUTH2-269 Missing count total in OAuth 2 Administration management bar
  • OAUTH2-271 Authorization code flow using a redirect uri with custom protocol doesn't work
  • OAUTH2-272 Incorrect scope count when assigning global scopes
  • OAUTH2-273 Checkboxes for scopes that must be configured via global scopes look clickable
  • OAUTH2-274 Portal Services scopes don't show up on all nodes of cluster
  • OAUTH2-275 User should easily see assigned scopes
  • OAUTH2-278 ScopeLocatorImpl throws NullPointerException if getLiferayOAuth2Scopes is invoked with a combination of par...
  • OAUTH2-279 Missing language keys in Roles > OAuth 2 Administration
  • OAUTH2-280 Unclear error when attempting to impersonate OAuth2 application creator
  • OAUTH2-282 Scope translation missing after disabling or deleting corresponding SAP entry
  • OAUTH2-286 API to support programmatic registration of OAuth 2 applications
  • OAUTH2-289 Fail to grant authorizations
  • OAUTH2-292 Fail to check new scope when removed scope showing
  • OAUTH2-293 Add default permissions to "Analytics Cloud" OAuth2 Application
Show More

Customers Who Viewed This Also Bought