Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Support client authentication for authorization-code grant type #86
When using a confidential client it should be possible to obtain a token through authorization code grant type with a valid code.
In some cases you want to authenticate the client when using authorization code grant type. Though as it is implemented now you to have the client_id in the body. Which is not really required when a token was obtained with client_credentials... I'm not 100% sure on how this should be, but at least authorization_code is working with non-confidential clients also with this implementation.
Sorry for creating some stupid test... The test are now correct, but in order to have it working I had to add some code in
Hmm the last commit should probably have been split into two commits for the code in
I will clean up things after we agree on how it should be working. And please let me know if anything is unclear!