OAuth2 | InterSystems Developer Community

Article

Dmitrii Kuznetsov · Oct 7, 2019 12m read

OAuth Authorization and InterSystems IRIS: Taming Trust Protocols

How can you allow computers to trust one another in your absence while maintaining security and privacy?

“A Dry Martini”, he said. “One. In a deep champagne goblet.”
“Oui, monsieur.”
“Just a moment. Three measures of Gordons, one of vodka, half a measure of Kina Lillet. Shake it very well until it’s ice-cold, then add a large thin slice of lemon peel. Got it?”
"Certainly, monsieur." The barman seemed pleased with the idea.
Casino Royale, Ian Fleming, 1953

OAuth helps to separate services with user credentials from “working” databases, both physically and geographically. It thereby strengthens the protection of identification data and, if necessary, helps you comply with the requirements of countries' data protection laws.

With OAuth, you can provide the user with the ability to work safely from multiple devices at once, while "exposing" personal data to various services and applications as little as possible. You can also avoid taking on "excess" data about users of your services (i.e. you can process data in a depersonalized form).

#JSON #OAuth2 #Security #Tutorial #InterSystems IRIS

Open Exchange app

7 1

5 1.2K

Question

Stephen Wilson · Sep 20, 2019

Is there an OAuth 2.0 "sliding expiration" for JWT access tokens to extend the expiry date?

In .NET Core you have an option to extend a session using a "sliding expiration". This means that if over half the time has passed and the user actively uses their session then the expiry timer gets reset and the user remains logged in. This can lead to the curious situation where you have an active authenticated user with an expired access token being used in data-access requests.

#.NET #OAuth2 #Frontend #Caché

0 1

0 3.4K

Question

Dmitrii Kuznetsov · Sep 1, 2019

How do I debug and test the IRIS OAuth server?

OAuth server to be deployed on the IRIS learning cloud platform. Clients - one on the other instance of the learning IRIS server, the other client locally on my computer in the container docker.

Both clients get a seemingly correct link (through ##class(%SYS.OAuth2.Authorization).GetAuthorizationCodeEndpoint()) to the login request form:

#Authentication #Access control #Debugging #Docker #OAuth2 #ObjectScript #Security #SSL #Testing #InterSystems IRIS #Learning Portal

1 3

1 763

Question

Stephen Wilson · Aug 13, 2019

Adding custom claims to in OAuth 2.0?

I have an OAuth 2.0 development environment where Caché is serving all three roles as the Authorization Server, Client and Resource Server based on a great 3-part series on OAuth 2.0 by @Daniel Kutac. I have a simple password grant type where an x-www-form-urlencoded body (as described in this post) is sent as a POST to the token endpoint at https://localhost:57773/oauth2/token and a response body with a HTTP Response 200 header is returned. The response body looks something like this.

#OAuth2 #ObjectScript #Caché

2 3

0 2.3K

Question

Stephen De Gabrielle · May 21, 2019

Hi,

Most of my development experience is with HL7v2 interfaces and I don't have a background in web development and I'm very weak with javascript.

I'm looking for suggestions of learning resources to learn FHIR and 'SMART on FHIR' (JavaScript, OpenID connect, OAuth2) for developers like myself who mostly do HL7v2 integrations - but see FHIR as the future - and want to develop their skills!

I've found these

#FHIR #OAuth2 #Other

1 1

1 1.6K