You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is this intentional? It means when configuring the lamba, we must deal with the differing types.
This is using the latest released version 5.3.1. (links above to the code in 5.3.1)
Thanks
The text was updated successfully, but these errors were encountered:
aclemons
changed the title
client yielded to allow_grant_flow_for_client config can either ba a client or an application objectclient yielded to allow_grant_flow_for_client config can either be a client or an application object
Apr 14, 2020
I've open a pull request to address the client credentials case. This is the one I found leading me to open this issue. Looking at the password_access_token_request.rb case, I'm not sure if it is correct or not. The spec passes an application as "client" here. I think this is incorrect after looking at the prod code here.
module Doorkeeper
module Request
class Password < Strategy
delegate :credentials, :resource_owner, :parameters, :client, to: :server
def request
@request ||= OAuth::PasswordAccessTokenRequest.new(
Doorkeeper.config,
client,
resource_owner,
parameters,
)
end
end
end
end
Client is what server.client returns, which is a client instance, not an application. Client delegates scopes to the application, so I guess that is why no one has noticed.
If we agree, I'll update the spec and change the code in password_access_token_request.rb to use client.application.
Steps to reproduce
When setting
allow_grant_flow_for_client
in the doorkeeper config, theclient
that is yielded can be of two different types.Is this intentional? It means when configuring the lamba, we must deal with the differing types.
This is using the latest released version 5.3.1. (links above to the code in 5.3.1)
Thanks
The text was updated successfully, but these errors were encountered: