Skip to content

Client Authentication via Basic Authorization, not body #126

Open
wants to merge 1 commit into from

2 participants

@gologo13

Hello.

The basic authorization is necessary to be supported when we do a client authentication.
It is written this rfc 2.3.1 Client password.

Some OAuth2.0 implementation doesn't allow to include a client ID and client secret in the both of the body and the Authorization header.
So, I did this pull request.

@Lewuathe

+1
It is useful in the case that BASIC authorization id and password cannot be written in POST body.
(e.g I tried on http://developer.yahoo.co.jp/yconnect/)
So, custom header interface is necessary, I think.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.