Add Device Code authorization to the supported OAuth Flows #2964
Conversation
|
I see that schemas/v3.2 doesn't exist yet, but if this PR is accepted, some schema changes should be made as well. |
|
@karenetheridge Apologies for taking so long to respond, but are you suggesting I should create (and edit appropriately) the v3.2 schema folder? Or is that simply a note for whomever reviews this PR? |
|
Yes, I think the v3.2 schema folder (with schemas) should be created in the v3.2.0-dev branch (by the maintainers), so you can merge your changes on top. |
There was a problem hiding this comment.
Checked this change against https://datatracker.ietf.org/doc/html/rfc8628 and also a real world usage on GitHub REST Device Flow and it all looks good.
LikeLakers2
force-pushed
the
oauth-flows-device-code-320
branch
from
3d2193d to
045e0aa
Compare
|
@karenetheridge as the markdown is the source of truth and the schema a (mere) artifact (though a useful one), it's normal that the creation / update of the schema can lag the creation of a new dev branch and initial changes. |
Clone of PR #2401, resubmitted against the
v3.2.0-devbranch as requested by webron. Note that this is not submitted against themainbranch, but I will happily resubmit it against themainbranch upon request.Description of the original PR follows, with some extraneous details edited out:
Closes #2381.
This is a PR for the Device Authorization OAuth Flow, based on RFC8628. I suggested this over at #2381 and was asked to make a PR for it.
The URL used for this flow is named
deviceAuthorizationUrl, separate fromauthorizationUrlas the two have completely different semantics and usages, so I was concerned that usingauthorizationUrlfor both might be confusing. That said, I would be happy to merge this intoauthorizationUrlif requested.