From 006a58eb41877a648e476d28c68e9340321a32c3 Mon Sep 17 00:00:00 2001 From: pedroigor Date: Tue, 30 Jan 2018 17:25:41 -0200 Subject: [PATCH 1/2] [RHSSO-1225] - Informing deprecation of UMA 1.0 --- .../topics/auth-services-overview.adoc | 1 + .../authz-service-deprecated-features.adoc | 24 +++++++++++++++++++ 2 files changed, 25 insertions(+) create mode 100644 topics/templates/authz-service-deprecated-features.adoc diff --git a/authorization_services/topics/auth-services-overview.adoc b/authorization_services/topics/auth-services-overview.adoc index bb3a3e3bd0..f61440fb1c 100644 --- a/authorization_services/topics/auth-services-overview.adoc +++ b/authorization_services/topics/auth-services-overview.adoc @@ -3,6 +3,7 @@ :tech_feature_name: Authorization Services include::templates/techpreview.adoc[] +include::templates/authz-service-deprecated-features.adoc[] {project_name} supports fine-grained authorization policies and is able to combine different access control mechanisms such as: diff --git a/topics/templates/authz-service-deprecated-features.adoc b/topics/templates/authz-service-deprecated-features.adoc new file mode 100644 index 0000000000..b1f3ed0997 --- /dev/null +++ b/topics/templates/authz-service-deprecated-features.adoc @@ -0,0 +1,24 @@ +ifeval::[{project_product}==true] +[WARNING] +==== +In future releases we'll be updating User-Managed Access(UMA) implementation to conform +with the latest version of UMA specification, version 2.0. + +Due to differences between versions 1.0 (currently supported) and 2.0 of UMA, we are deprecating specific functionalities +in order to keep compliance with the new version. Here is a list of deprecated features: + +* *Entitlement API* + + This REST API will be removed in future releases in favor of a more OAuth2 based way to obtain permissions from the server using a specific grant type. This grant type + is based on UMA 2.0 with extensions to make it work without permission tickets. Same behavior as Entitlement API. + +* *Authorization API* + + This REST API was removed by UMA working group in version 2.0. As a consequence, we'll be removing it too. It will + be replaced by a specific OAuth2 grant type as defined by UMA 2.0 specification. + +Other changes are related with the Policy Enforcer, Authorization Client Java API and configuration. For these areas in particular changes are minimal, specially regarding policy enforcer configuration. + +We'll be updating docs accordingly, specially on how to migrate to the new version. +==== +endif::[] From 5487baebb75bbe9432981d8c372372281714ae14 Mon Sep 17 00:00:00 2001 From: pedroigor Date: Tue, 30 Jan 2018 17:39:48 -0200 Subject: [PATCH 2/2] [RHSSO-1225] - Review --- .../authz-service-deprecated-features.adoc | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/topics/templates/authz-service-deprecated-features.adoc b/topics/templates/authz-service-deprecated-features.adoc index b1f3ed0997..33a01663d9 100644 --- a/topics/templates/authz-service-deprecated-features.adoc +++ b/topics/templates/authz-service-deprecated-features.adoc @@ -1,23 +1,23 @@ ifeval::[{project_product}==true] [WARNING] ==== -In future releases we'll be updating User-Managed Access(UMA) implementation to conform -with the latest version of UMA specification, version 2.0. +In future releases we will update our User-Managed Access(UMA) implementation to conform +to the latest version of the UMA specification, version 2.0. -Due to differences between versions 1.0 (currently supported) and 2.0 of UMA, we are deprecating specific functionalities +Due to differences between versions 1.0 (currently supported) and 2.0 of UMA, we are deprecating specific functionalities, in order to keep compliance with the new version. Here is a list of deprecated features: * *Entitlement API* This REST API will be removed in future releases in favor of a more OAuth2 based way to obtain permissions from the server using a specific grant type. This grant type - is based on UMA 2.0 with extensions to make it work without permission tickets. Same behavior as Entitlement API. + is based on UMA 2.0 with extensions to make it work without permission tickets. This will have the same behavior as the Entitlement API. * *Authorization API* - This REST API was removed by UMA working group in version 2.0. As a consequence, we'll be removing it too. It will - be replaced by a specific OAuth2 grant type as defined by UMA 2.0 specification. + This REST API was removed by UMA working group in version 2.0. As a consequence, we will be removing it too. It will + be replaced by a specific OAuth2 grant type, as defined by UMA 2.0 specification. -Other changes are related with the Policy Enforcer, Authorization Client Java API and configuration. For these areas in particular changes are minimal, specially regarding policy enforcer configuration. +Other related changes will occur with the Policy Enforcer, Authorization Client Java API and configuration. Changes to these are minimal, specially regarding policy enforcer configuration. We'll be updating docs accordingly, specially on how to migrate to the new version. ====