Support for configuring token endpoint authentication method #38
Conversation
with the setting `:token_endpoint_auth_method` per provider. This defaults to `"client_secret_post"` which was originally supported. Another method `"client_secret_basic"` is now also supported, which uses HTTP Basic authentication.
|
+1 for this. I'm in a similar situation, and would rather not fork this repo just for this functionality. |
|
This requires test support |
For this it's necessary to add another provider in the test config and adapt the mock worker and some of the other tests to handle multiple providers
|
I made an attempt to add a test. For this I had to add a new provider in the config and adapt the mock worker and some of the other tests to handle multiple providers/configs. |
For what it's worth, I contacted Vipps support and they enabled the |
|
Hi @bcardarella is this something you'd consider adding or can I help this along in some way? I'm having the same issue that the IdP I'm using currently only supports the client_id/client_secret as basic auth for the token endpoint. |
|
@larshesel There is another effort underway to develop a spec compliant openidconnect. I think that's where the focus for development will be and I've offered up this namespace to them. So for the time being there won't be an additional development on this specific implementation |
Support for configuring token endpoint authentication method with the setting
:token_endpoint_auth_methodper provider. This defaults to"client_secret_post"which was originally supported. Another method"client_secret_basic"is now also supported, which uses HTTP Basic authentication.I needed this to support Vipps Login as OIDC provider, which unfortunately doesn't support the
"client_secret_post"authentication method.