Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Support the auth_url method called with scope & state params now #353

Merged
merged 2 commits into from Jul 13, 2022
Merged

fix: Support the auth_url method called with scope & state params now #353

merged 2 commits into from Jul 13, 2022

Conversation

Zerek-Cheng
Copy link
Contributor

We need the standard Oauth 2.0 Protocols 's scope & state params to allow the most import function!
the oauth 2.0 docs:

https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint

scope
REQUIRED. OpenID Connect requests MUST contain the openid scope value. If the openid scope value is not present, the behavior is entirely unspecified. Other scope values MAY be present. Scope values used that are not understood by an implementation SHOULD be ignored. See Sections [5.4](https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims) and [11](https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess) for additional scope values defined by this specification.
state
RECOMMENDED. Opaque value used to maintain state between the request and the callback. Typically, Cross-Site Request Forgery (CSRF, XSRF) mitigation is done by cryptographically binding the value of this parameter with a browser cookie.

that's important

This was referenced Jul 12, 2022
Closed
Open
ryshoooo
ryshoooo reviewed Jul 12, 2022
View reviewed changes
Copy link
Collaborator

@ryshoooo ryshoooo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall looks good :) Just a single comment left. Also if I can ask you to rename the feat: commit into fix: instead, no need to bump the major version for this change.

src/keycloak/keycloak_openid.py Show resolved Hide resolved
@ryshoooo ryshoooo linked an issue Jul 12, 2022 that may be closed by this pull request
where is the api endpoint for authentication #206
Closed
@Zerek-Cheng
Copy link
Contributor Author

Zerek-Cheng commented Jul 12, 2022
edited

@ryshoooo @marcospereirampj
commit record rebase done
thks,this is my first time to PR
i am learning

and...why didn't I see auth_url in the old document

@Zerek-Cheng Zerek-Cheng changed the title feat: Support the auth_url method called with scope & state params now fix: Support the auth_url method called with scope & state params now Jul 12, 2022
ryshoooo
ryshoooo approved these changes Jul 13, 2022
View reviewed changes
Copy link
Collaborator

@ryshoooo ryshoooo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM :) Thanks a lot for your contribution!

@ryshoooo ryshoooo merged commit bd2dd07 into marcospereirampj:master Jul 13, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ryshoooo ryshoooo ryshoooo approved these changes

@marcospereirampj marcospereirampj Awaiting requested review from marcospereirampj marcospereirampj is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

where is the api endpoint for authentication
2 participants
@Zerek-Cheng @ryshoooo