- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Fri, 2 Sep 2016 13:20:36 +0200
- To: Markus.Staud@bmw.de
- Cc: Hydra <public-hydra@w3.org>
- Message-ID: <CAKaEYhJ_RNE_s1unww6tvWaBLODc8vdszbW6pVCNLqFuMucBSg@mail.gmail.com>
On 2 September 2016 at 13:14, <Markus.Staud@bmw.de> wrote: > Hi everyone, > > > > as I am new to this community I want to shortly introduce myself. My name > is Markus Staud and I am currently doing my master’s thesis at BMW in > Munich, which got me into JSON-LD and Hydra. > > > > When I was going deeper into Hydra and its specification, I was wondering > if there is any ongoing discussion regarding how to model authentication > flows like OAuth? > > I was playing around with some ideas myself and came to a couple of > conclusions I wanted to share for an open discussion: > > > > - An Authentication class would be useful, maybe also derived > classes for authorization schemes specifying OAuth 1, OAuth 2 or simple API > key? > > - Properties for OAuth2 I identified so far would be grant_type, > authorization_endpoint, token_endpoint > > - Should an authentication property in the ApiDocumentation > provide a model of the authorization flow? > > - As operations then usually need a token or credentials, there > would need to be some property indicating this > > - This token can either be in the URI as a query parameter, in a > Header or within the body > > > > While I am continuing to work on something like an extension to hydra to > model these relations/processes I would welcome any input! > > Thank you in advance! > The Solid spec has a few methods for authentication which I have found to work very well https://github.com/solid/solid-spec#authentication > > > Markus >
Received on Friday, 2 September 2016 11:21:07 UTC