Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ability to override preferred token auth methods #289

Closed
paulswartz opened this issue Nov 21, 2023 · 2 comments · Fixed by #291
Closed

ability to override preferred token auth methods #289

paulswartz opened this issue Nov 21, 2023 · 2 comments · Fixed by #291
Assignees
@paulswartz
Labels
enhancement
Milestone
v3.1.0

Comments

@paulswartz
Copy link
Collaborator

Description

Currently, the order is hard-coded here: https://github.com/erlef/oidcc/blob/main/src/oidcc_token.erl#L879-L886

However, some Identity Providers (Keycloak, at least), by default won't accept any authentication type, even ones which it nominaly supports. Instead, each client is configured with a particular authorization type. If I set the authorization type in Keycloak to client_secret_jwt then everything is fine. The default is client_secret_post, which fails out of the box.

Ideally, it would be possible to override the preferred authentication type, at least with the retrieve_token call.
@maennchen
Copy link
Member

@paulswartz Sure, this would be a welcome addition.

It would probably make sense to add preferred_auth_methods to retrieve_opts. (As an ordered list of methods to try.)

A PR would be welcome for that.

paulswartz added a commit to paulswartz/oidcc that referenced this issue Nov 21, 2023
@paulswartz
feat: preferred_auth_methods argument for request_token
78455e4 
Fixes erlef#289
@paulswartz paulswartz mentioned this issue Nov 21, 2023
Merged
paulswartz added a commit to paulswartz/oidcc that referenced this issue Nov 21, 2023
@paulswartz
feat: preferred_auth_methods argument for request_token
5697106 
Fixes erlef#289
@maennchen
Copy link
Member

Closing in favor of PR

@maennchen maennchen added this to the v3.1.0 milestone Nov 21, 2023
maennchen pushed a commit that referenced this issue Nov 21, 2023
@paulswartz
feat: preferred_auth_methods argument for request_token (#291)
77e4c0d 
Fixes #289
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@paulswartz paulswartz

Labels
enhancement
Projects
None yet
Milestone
v3.1.0
Development

Successfully merging a pull request may close this issue.

feat: preferred_auth_methods argument for request_token paulswartz/oidcc
2 participants
@paulswartz @maennchen