Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[info-request] change the default example oauth client and secret #6402

Open
metalshanked opened this issue Feb 6, 2025 · 1 comment
Open

[info-request] change the default example oauth client and secret #6402

metalshanked opened this issue Feb 6, 2025 · 1 comment
Labels
bug Something isn't working

Comments

@metalshanked
Copy link

metalshanked commented Feb 6, 2025
edited
Loading

Version

main branch

Describe what's wrong

Hi, is there a simple way to change the default client id test, secret test and scope test for gravitino example mentioned here
https://gravitino.apache.org/docs/0.8.0-incubating/security/how-to-authenticate#example

Set up an external OAuth 2.0 server

There is a sample-authorization-server based on [spring-authorization-server](https://github.com/spring-projects/spring-authorization-server/tree/1.0.3). The image has registered client information in the external OAuth 2.0 server and its clientId is test, secret is test, scope is test.

Error message and/or stacktrace

changing creds

How to reproduce

Open the URL of Gravitino server and login in with clientId test, clientSecret test, and scope test.

Additional context

No response
@metalshanked metalshanked added the bug Something isn't working label Feb 6, 2025
@metalshanked metalshanked changed the title change the default example oauth client and secret [info-request] change the default example oauth client and secret Feb 6, 2025
@jerqi
Copy link
Contributor

jerqi commented Feb 7, 2025

This authorization server is only used for examples. It's not for the production environment. You can see the authorization-server Docker f8b4287#diff-1dc3ec8f6d185763c073db64dcb6d17c34779d6d1de21d8aa88e7701812a81ca

INSERT INTO oauth2_registered_client (id,client_id,client_secret,client_name, client_authentication_methods, authorization_grant_types, redirect_uris, scopes, client_settings, token_settings)
VALUES ('1','test','{noop}test','test','client_secret_post', 'client_credentials', 'www.baidu.com', 'test', '{"@class":"java.util.Collections$UnmodifiableMap","settings.client.require-proof-key":false,"settings.client.require-authorization-consent":false}', '{"@class":"java.util.Collections$UnmodifiableMap","settings.token.reuse-refresh-tokens":true,"settings.token.id-token-signature-algorithm":["org.springframework.security.oauth2.jose.jws.SignatureAlgorithm","RS256"],"settings.token.access-token-time-to-live":["java.time.Duration",300.000000000],"settings.token.access-token-format":{"@class":"org.springframework.security.oauth2.server.authorization.settings.OAuth2TokenFormat","value":"self-contained"},"settings.token.refresh-token-time-to-live":["java.time.Duration",3600.000000000],"settings.token.authorization-code-time-to-live":["java.time.Duration",300.000000000]}');

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jerqi @metalshanked