Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Have both a public and confidential client? #82

Closed
ghost opened this issue Mar 7, 2014 · 2 comments

Comments

@ghost
Copy link

commented Mar 7, 2014

The example server has an "either/or" setting for public/confidential clients (https://github.com/lepture/example-oauth2-server/blob/master/app.py#L37-39). Either a client is public or it's confidential. How can we set it up so clients can make public AND confidential requests?

@lepture

This comment has been minimized.

Copy link
Owner

commented Mar 7, 2014

The answer is simple. You can't.

A confidential client has more power, it can do anything that a public client does.

@lepture lepture closed this Mar 7, 2014

@ghost

This comment has been minimized.

Copy link
Author

commented Mar 7, 2014

That isn't true. When I try a confidential client on an "Authorization Code" type then I get an error: "Authenticate client failed, confidential client.".

@lepture lepture reopened this Mar 8, 2014

lepture added a commit that referenced this issue Mar 8, 2014

@lepture lepture closed this Mar 8, 2014

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
1 participant
You can’t perform that action at this time.