I would like to use the xWiki default REST API to be able to authenticate users via a REST API and perform operations on the Wiki (using OIDC and Oauth2 and JWT tokens).
I have read all the documentation but whenever I try to make requests to the Wiki through the API with Tokens, it always says: “401: User needs to be authenticated”. It only works with Basic authentication.
So I would like to develop a new Plug In to enable this functionality in the Wiki.
Is this already possible? Any information about this?
Yes, that’s also my understanding, but maybe @tmortagne could confirm this. My understanding is that, nevertheless, you could still generate such tokens for users that would normally authenticate using OIDC.
Yes. The point of this module is to use XWiki as an OIDC provider, being able to reuse the generated access tokens to access any resource (and not just access the userinfo endpoint during the authentication) is more of a bonus feature. It’s technically possible to use it just for this feature, but there is no UI to manage the tokens right now, so you will have to use some scripting.
It’s not really related to who generated the token (it’s a pretty standard JWT OIDC token), but to who holds the token. There is simply no feature right now in the XWiki OIDC Authenticator to validate tokens with the configured provider, as I said it’s an XWiki OIDC Provider feature so it’s obviously not going to ask another provider to validate the token.
I understand that this is an OIDC Provider feature, but it would be very useful to be able to access the REST API using oidc tokens. Maybe this could be implemented in a future version?