Open
Description
This library supports the "Password" flow, which has been deprecated:
The resource owner password credentials grant MUST NOT be used.
Sure, it might have its place (for legacy server side applications, or simpler test scenarios), but then using a dedicated Password flow library (or even handcrafting your own, since the flow is so trivial) might be easy enough. Or you could grab an old version of this library.
Keeping support has cost on many fronts:
- it adds size to this library
- it adds complexity to this library (internally as well as the public API surface)
- it causes questions and confusion that take up time from moderators and community members
- it might inadvertently introduce bugs or even security holes in the library, for the other flows too
I suggest we strip support for it in one of the upcoming major versions.