Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve oauth2 authorization #9339

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Conversation

mortbauer
Copy link

  • fixed a small bug regarding the redirect_uri for the token_endpoint
  • add option oauthPrompt with default value true to disable it
    the prompt parameter for the authorization_endpoint optionally, ory
    hydra doesn't support that option and the oauth2 flow would fail
  • add option oauthBasicAuth with default value true to disable sending
    of the Authorization header for the token_endpoint, ory hydra only
    allows either client_secret_basic or client_secret_post not a mix of
    both

* the serverPort was accessed after the server close
* add option oauthPrompt with default value true to disable it
  the prompt parameter for the authorization_endpoint optionally, ory
  hydra doesn't support that option and the oauth2 flow would fail
* add option oauthBasicAuth with default value true to disable sending
  of the Authorization header for the token_endpoint, ory hydra only
  allows either client_secret_basic or client_secret_post not a mix of
  both
@CLAassistant
Copy link

CLAassistant commented Jan 7, 2022

CLA assistant check
All committers have signed the CLA.

@TheOneRing
Copy link
Member

Hi thx for you contribution.
c05733e
Was fixed last week, however it wasn't merged to master until today.
The rest is more complex and needs discussion on our side at the moment we only support custom idps with branded builds, but I'm pretty sure we are going to support it with unbranded clients.

@TheOneRing TheOneRing added this to the 2.11 milestone Jan 10, 2022
@TheOneRing TheOneRing modified the milestones: 2.11, 2.12 May 11, 2022
@TheOneRing TheOneRing removed this from the Desktop Client 4.0 milestone Apr 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants