Comments (4)
Right now the password grant flow is better than client credential grant flow for me. So I will try to implement this later...
from doorkeeper-openid_connect.
No plans, Doorkeeper supports it but it says "The main difference from the others is that this flow is not associated with a resource owner." so I'm not sure if it even makes sense to use this flow with OIC.
from doorkeeper-openid_connect.
I think it make sense with microservice architectures.
I'm trying to use doorkeeper-openid_connect to create a central "account management and authentication service" like keycloak, or you can think it as an open source version auth0.
And it need to integrate other microservices. The client credential way is the main method to make the other microservices themserlves authenticated as a resource owner.
And if the Doorkeeper supports it, does it mean it is easy to make it support for doorkeeper openid connect? I have little knowledge to develop a gem like this but I do have some rails working experience. So if you can give me some hint I think I can do some contribution if you like it.
from doorkeeper-openid_connect.
A PR would be welcome if you can get this working 👍
If you look at lib/doorkeeper/openid_connect/oauth/authorization_code_request.rb
you can see how we extend Doorkeeper to add the ID token to the response, basically you need to do something similar for lib/doorkeeper/oauth/client_credentials_request.rb
but since there doesn't seem to be a resource owner in that context I'm not sure how to proceed.
Unfortunately I don't have time to look into this, but can suggest maybe doing more research if/how other OIC providers implement this.
from doorkeeper-openid_connect.
Related Issues (20)
- `/.well-known/openid-configuration` crashes when `Doorkeeper.config.allow_token_introspection` is false HOT 1
- Shouldn't controllers inherit `Doorkeeper::ApplicationMetalController`? HOT 1
- Using `root_url` in `#webfinger_response` can violate specification
- `access_grant_class` is broken. HOT 7
- Possible to disable `client_secret_basic` for `token_endpoint_auth_methods_supported`?
- RP-initiated logout post_logout_redirect_uri is not validatable
- Broken with Doorkeeper v5.6.3
- uninitialized constant Doorkeeper::JWT::JWK in 1.8.4 HOT 8
- OpenID working with rails app HOT 5
- Support for sessions and session_state HOT 1
- Support multiple devise models
- `kid` value in headers in different format after upgrading from 1.8.3 to 1.8.5 HOT 2
- Missing v1.8.5 tag HOT 2
- NameError: uninitialized constant Doorkeeper::JWT::JWK HOT 6
- kid is different for different versions of doorkeeper-openid_connect HOT 1
- Certificate verify failed from SSL
- Doorkeeper patch v5.6.8 modified exception handling to require objects instead of symbols HOT 2
- some combinations of prompt causes double rendering/redirection
- Support dynamic signing_key
- Customize webfinger responses
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from doorkeeper-openid_connect.