Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for configuring token endpoint authentication method #38

Open
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

haakonst
Copy link

Support for configuring token endpoint authentication method with the setting :token_endpoint_auth_method per provider. This defaults to "client_secret_post" which was originally supported. Another method "client_secret_basic" is now also supported, which uses HTTP Basic authentication.

I needed this to support Vipps Login as OIDC provider, which unfortunately doesn't support the "client_secret_post" authentication method.

with the setting `:token_endpoint_auth_method` per provider.
This defaults to `"client_secret_post"` which was originally
supported. Another method `"client_secret_basic"` is now also
supported, which uses HTTP Basic authentication.
@andrefau
Copy link

andrefau commented Dec 6, 2020

+1 for this. I'm in a similar situation, and would rather not fork this repo just for this functionality.

@bcardarella
Copy link
Member

This requires test support

For this it's necessary to add another provider in the test config
and adapt the mock worker and some of the other tests to handle
multiple providers
@haakonst
Copy link
Author

I made an attempt to add a test. For this I had to add a new provider in the config and adapt the mock worker and some of the other tests to handle multiple providers/configs.

@andrefau
Copy link

I needed this to support Vipps Login as OIDC provider, which unfortunately doesn't support the "client_secret_post" authentication method.

For what it's worth, I contacted Vipps support and they enabled the "client_secret_post" method for us. I still think it would be nice if this repo supported both methods though.

@larshesel
Copy link

Hi @bcardarella is this something you'd consider adding or can I help this along in some way? I'm having the same issue that the IdP I'm using currently only supports the client_id/client_secret as basic auth for the token endpoint.

@bcardarella
Copy link
Member

@larshesel There is another effort underway to develop a spec compliant openidconnect. I think that's where the focus for development will be and I've offered up this namespace to them. So for the time being there won't be an additional development on this specific implementation

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants