New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Client Authentication via Basic Authorization, not body #126

Open
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
3 participants
@gologo13

gologo13 commented Feb 18, 2013

Hello.

The basic authorization is necessary to be supported when we do a client authentication.
It is written this rfc 2.3.1 Client password.

Some OAuth2.0 implementation doesn't allow to include a client ID and client secret in the both of the body and the Authorization header.
So, I did this pull request.

@Lewuathe

This comment has been minimized.

Lewuathe commented Feb 19, 2013

+1
It is useful in the case that BASIC authorization id and password cannot be written in POST body.
(e.g I tried on http://developer.yahoo.co.jp/yconnect/)
So, custom header interface is necessary, I think.

@sd65 sd65 referenced this pull request Aug 5, 2016

Merged

Allow custom headers #1

@sd65

This comment has been minimized.

sd65 commented Aug 5, 2016

Please merge this. It works and it's useful : )
Thanks !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment