-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add ability to register custom Grant Flows #1418
Conversation
Based on #733 - adds the possibility of adding strategy registration to Doorkeeper
2863e34
to
a0473f9
Compare
Generated by 🚫 Danger |
81720a4
to
25e3e80
Compare
19f80a7
to
9621845
Compare
c32eb15
to
4c37438
Compare
@nbulaj this is pretty neat. I had missed that this was a new thing when I fixed a bug in the openid connect lib (a bug that I think exists here in the main repo as well). The bug consists of when a response type that requires (by spec) that the fragment response mode is used but throws an error in the controller layer will use the default (query) mode instead of the fragment for the error redirect. This is due to no checking of the response type at the controller level raise / rescue handling. Looking at this I think it might make sense to let the grant flow strategy own the information about which response modes are available / default or MUST be used. Would you be open to such a patch? Or are there alternative ideas on how response modes should be handled going forward? My fix is here doorkeeper-gem/doorkeeper-openid_connect#118 but that is just fixing the already brittle monkey patching. |
@nbulaj We're about to use this feature in prod - would be nice to have this released in |
@nbulaj thank you so much for the job. What's the preferred place to put |
Allow flexible extending of Doorkeeper with a new OAuth Grant Flows without adding them to the gem itself.
A new flow is registered like so:
Based on #733 with additions & retro-compatibility for next extensions:
This changes allows to fix / implement:
TODO:
grant_flows
(like in openid_connect)