-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: use AuthURLParam to set client id and secret #204
Conversation
Some providers, like google, request a client secret for the device authentication. Make it optional, so that the admin can set it if required in the generic broker.
workaround to deal with #golang/oauth2/320
|
||
var opt oauth2.AuthCodeOption | ||
|
||
if secret := session.authCfg.oauth.ClientSecret; secret != "" { | ||
opt = oauth2.SetAuthURLParam("client_secret", secret) | ||
} | ||
|
||
response, err := session.authCfg.oauth.DeviceAuth(ctx, opt) | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a nit:
var opt oauth2.AuthCodeOption | |
if secret := session.authCfg.oauth.ClientSecret; secret != "" { | |
opt = oauth2.SetAuthURLParam("client_secret", secret) | |
} | |
response, err := session.authCfg.oauth.DeviceAuth(ctx, opt) | |
var authOpt oauth2.AuthCodeOption | |
if secret := session.authCfg.oauth.ClientSecret; secret != "" { | |
authOpt = oauth2.SetAuthURLParam("client_secret", secret) | |
} | |
response, err := session.authCfg.oauth.DeviceAuth(ctx, authOpt) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tests are crashing, so please check them.
Also please improve the commit message to make it clearer what's the error we're workarounding here without having to go the whole details of the linked issue.
I would also appreciate an actual link to the issue instead of #golang/oauth2/320. Thanks! |
ce2aced
to
9415c6a
Compare
Yeah, I wanted to mention that too for us old school |
Now that #178 is merged, do you mind rebasing on it and target the main branch directly? Also, a small comment explaining which providers needs this and the details would be great too! Thanks :) |
workaround to deal with golang/oauth2#320