We're updating the issue view to help you get more done. 

Add authorization code grant_type to token generation in Auth microservice

Description

Background
Superset requires that we support authorization code grant types in order to support single sign on. When testing, we realized that the Auth microservice already has the ability to generate an authorization code when a user provides authorization to use the application. Superset takes that code and tries to generate a token based on that code, but the api/oauth/token endpoint doesn't support grant_type=code.

Supplemental documentation can be found at:

Work to be Completed
We need to extend the existing auth microservice to support authorization_code grant_types when generating a token. Spring security already has this ability, it's just not adopted in the OpenLMIS Auth microservice.

Acceptance criteria:

  • The Authorization code grant type is added to the token endpoint in the Auth service.

  • Testing is complete manually

  • (Stretch) Superset is successfully configured to work with this service.

Test workflow:

Status

Assignee

Chongsun Ahn

Reporter

Craig Appl

Labels

Story Points

3

Epic Link

Components

Sprint

None

Fix versions

Affects versions

3.5

Priority

Major