Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authorization server does not support this response type #579

Closed
pepicrft opened this issue Feb 12, 2015 · 5 comments
Closed

Authorization server does not support this response type #579

pepicrft opened this issue Feb 12, 2015 · 5 comments

Comments

@pepicrft
Copy link

Hello
I'm trying to setup Doorkeeper in my project but I get the following message when I'm trying to authenticate with a given app:

image

The authorization server does not support this response type.

I'm using Doorkeeper grants assertion, https://github.com/doorkeeper-gem/doorkeeper-grants_assertion and my doorkeeper.rb file is the following one:

Doorkeeper.configure do
  # Configuration
  orm :mongoid4
  default_scopes :public
  access_token_expires_in 2.hours
  client_credentials :from_basic, :from_params
  access_token_methods :from_bearer_authorization, :from_access_token_param, :from_bearer_param

  # Assertions
  resource_owner_from_assertion do
    User.find_or_create_with_github_token(params[:assertion])
  end

  # Returns the admin
  admin_authenticator do |routes|
    redirect_to(root_path) if (!current_user or !current_user.has_role?(:admin)) 
  end


  # Grant flow
  # # "authorization_code" => Authorization Code Grant Flow
  # "implicit"           => Implicit Grant Flow
  # "password"           => Resource Owner Password Credentials Grant Flow
  # "client_credentials" => Client Credentials Grant Flow
  #
  # If not specified, Doorkeeper enables authorization_code and
  # client_credentials.
  #
  # implicit and password grant flows have risks that you should understand
  # before enabling:
  #   http://tools.ietf.org/html/rfc6819#section-4.4.2
  #   http://tools.ietf.org/html/rfc6819#section-4.4.3
  #
  # grant_flows %w(authorization_code client_credentials)

  grant_flows %w(assertion)
end

Any ideas? Thanks!

BTW: I want to enable only the login using assertions, is it enough only with grant_flows %w(assertion) ?
@tute
Copy link
Contributor

tute commented Feb 12, 2015

Hi @pepibumur. doorkeeper-grants_assertion has no maintainer. I would be surprised if it works. I wonder if @christopherhein can share any insights on this.

Only the four flows defined in that code comment are understood (and not assertions, unless doorkeeper is extended). I'll close this issue as it doesn't belong in doorkeeper, you might reopen it in doorkeeper-grants_assertion.

Thanks for your input.

@tute tute closed this as completed Feb 12, 2015
@tute
Copy link
Contributor

tute commented Feb 12, 2015

BTW, it seems like some forks have fixed this issue (but didn't send back PRs): https://github.com/doorkeeper-gem/doorkeeper-grants_assertion/network

@tute
Copy link
Contributor

tute commented Feb 12, 2015

I just merged a commit that fixes it: doorkeeper-gem/doorkeeper-grants_assertion@1b3acee

@pepicrft
Copy link
Author

Hello @tute , totally agree.
I've tried your last commit merge but still suffering the same problem. Do you know any way to handle that? How would you do it? I want to override the access_token generation and pass a Github token to authorize the user using its Github token. I saw the assertions concept and that was exactly what I was looking for. Thanks for your help.

@tute
Copy link
Contributor

tute commented Feb 13, 2015

No idea exactly. Whatever you find, please post it in the wiki or a PR! :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tute @pepicrft