-
Notifications
You must be signed in to change notification settings - Fork 951
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
JWT bearer tokens client authentication #27
Comments
Before I start on this, what do you think about implementing the plugin architecture as mentioned earlier before doing this? |
I don't think it will be happening any time soon. Code away! |
One thing I wouldn't mind seeing is an interface for the |
@bshaffer Just revisiting this (its been a while!). Latest spec for JWT is here. For JWT client authentication, it is basically piggy backing on the I personally favour a more modular approach, but am unsure how this can be done. Any ideas 😄 ? |
Well, I DO like the word "modular" :) As long as it implements a common interface I am cool with either approach... extending a base class or duplicating the code. Our "built in" JWT client assertion could just extend the AuthorizationCode grant type wholesale. Honestly, I'd have to wrap my brain around the problem a little more. I will definitely look into it, and offer feedback to any code you submit! |
I may be missing something, but I believe this is already done. There is still the issue that there is no way to pass this in to the |
@bshaffer I will have a look at it over the next few days (pretty busy atm) and get back to you 😄 |
Thanks to @bshaffer, |
In PR #25, we have support for JWT as Authorization Grants
Now, we need support for JWT as Client Authentication
The text was updated successfully, but these errors were encountered: