Skip to content

Token Endpoint Auth Method #67

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
imanebosch opened this issue Jun 1, 2020 · 1 comment
Closed

Token Endpoint Auth Method #67

imanebosch opened this issue Jun 1, 2020 · 1 comment

Comments

@imanebosch
Copy link

imanebosch commented Jun 1, 2020
edited
Loading

When selecting Token Endpoint Auth Method="none" a client secret is still issued. According to the documentation nonemeans that the client is public and has no secret.

Once the issue is solved,

Endpoint

@bp.route('/oauth/token', methods=['POST']) def issue_token(): return authorization.create_token_response()

does not work with grant password. But If I pass within the body client_id it works. However, according to RFC6749 the body should only contain grant_type, username, password and scope

I might have missed something...
Btw, Should I public client have its own id?
lepture added a commit that referenced this issue Jun 1, 2020
@lepture
Fix creating token auth method "none" client
418c24f 
ref: #67
@lepture
Copy link
Member

lepture commented Jun 1, 2020

I've fixed the bug. Thanks for your feedback.

@lepture lepture closed this as completed Jun 1, 2020
Shudh pushed a commit to Shudh/oauth2-server that referenced this issue Mar 4, 2024
@lepture
Fix creating token auth method "none" client
f8e147f 
ref: authlib#67
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lepture @imanebosch