Skip to content

Comments

Added client_id parameter to AssertionClient#476

Open
vilmar-hillow wants to merge 1 commit intoauthlib:mainfrom
vilmar-hillow:fix/assertion_client_id
Open

Added client_id parameter to AssertionClient#476
vilmar-hillow wants to merge 1 commit intoauthlib:mainfrom
vilmar-hillow:fix/assertion_client_id

Conversation

@vilmar-hillow
Copy link

@vilmar-hillow vilmar-hillow commented Jul 29, 2022

Per https://datatracker.ietf.org/doc/html/rfc7521#section-4.1,
client_id parameter, although optional, can still be passed
when using assertions as authorization grants. Adding a way to pass
that id to refresh token body.

What kind of change does this PR introduce? (check at least one)

  • Bugfix
  • Feature
  • Code style update
  • Refactor
  • Other, please describe:

Does this PR introduce a breaking change? (check one)

  • Yes
  • No
  • You consent that the copyright of your pull request source code belongs to Authlib's author.

@lepture
Copy link
Member

lepture commented Aug 9, 2022

  1. I didn't see client_id is optional in the doc.
  2. You are always passing client_id=None

@vilmar-hillow vilmar-hillow force-pushed the fix/assertion_client_id branch from 3ea23ce to 22ef69a Compare August 9, 2022 03:07
@vilmar-hillow
Copy link
Author

vilmar-hillow commented Aug 9, 2022

  1. I didn't see client_id is optional in the doc.
  2. You are always passing client_id=None
  1. From linked section: "Authentication of the client is optional, as described in
    Section 3.2.1 of OAuth 2.0 [RFC6749], and consequently, the
    "client_id" is only needed when a form of client authentication that
    relies on the parameter is used."

One of the providers I'm working with uses the authorization grant routine with client id.

  1. Good catch, fixed

Added client_id parameter to AssertionClient
727ee0e 
Per https://datatracker.ietf.org/doc/html/rfc7521#section-4.1,
client_id parameter, although optional, can still be passed
when using assertions as authorization grants. Adding a way to pass
that id to refresh token body.
@vilmar-hillow vilmar-hillow force-pushed the fix/assertion_client_id branch from 22ef69a to 727ee0e Compare August 9, 2022 03:15
@azmeuk azmeuk added the role:client Concerns a client implementation label Feb 20, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

role:client Concerns a client implementation

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@vilmar-hillow @lepture @azmeuk