Skip to content

Comments

Added client_id parameter to AssertionClient#476

Open
vilmar-hillow wants to merge 1 commit intoauthlib:mainfrom
vilmar-hillow:fix/assertion_client_id
Open

Added client_id parameter to AssertionClient#476
vilmar-hillow wants to merge 1 commit intoauthlib:mainfrom
vilmar-hillow:fix/assertion_client_id

Conversation

@vilmar-hillow
Copy link

Per https://datatracker.ietf.org/doc/html/rfc7521#section-4.1,
client_id parameter, although optional, can still be passed
when using assertions as authorization grants. Adding a way to pass
that id to refresh token body.

What kind of change does this PR introduce? (check at least one)

  • Bugfix
  • Feature
  • Code style update
  • Refactor
  • Other, please describe:

Does this PR introduce a breaking change? (check one)

  • Yes
  • No

  • You consent that the copyright of your pull request source code belongs to Authlib's author.

@lepture
Copy link
Member

lepture commented Aug 9, 2022

  1. I didn't see client_id is optional in the doc.
  2. You are always passing client_id=None

@vilmar-hillow vilmar-hillow force-pushed the fix/assertion_client_id branch from 3ea23ce to 22ef69a Compare August 9, 2022 03:07
@vilmar-hillow
Copy link
Author

  1. I didn't see client_id is optional in the doc.
  2. You are always passing client_id=None
  1. From linked section: "Authentication of the client is optional, as described in
    Section 3.2.1 of OAuth 2.0 [RFC6749], and consequently, the
    "client_id" is only needed when a form of client authentication that
    relies on the parameter is used."

One of the providers I'm working with uses the authorization grant routine with client id.

  1. Good catch, fixed

Per https://datatracker.ietf.org/doc/html/rfc7521#section-4.1,
client_id parameter, although optional, can still be passed
when using assertions as authorization grants. Adding a way to pass
that id to refresh token body.
@vilmar-hillow vilmar-hillow force-pushed the fix/assertion_client_id branch from 22ef69a to 727ee0e Compare August 9, 2022 03:15
@azmeuk azmeuk added the role:client Concerns a client implementation label Feb 20, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

role:client Concerns a client implementation

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants