Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[OAuth2] Secret unique check #1972

Closed
codebien opened this issue Jan 12, 2017 · 1 comment
Closed

[OAuth2] Secret unique check #1972

codebien opened this issue Jan 12, 2017 · 1 comment
Assignees
@p0pr0ck5
Labels
plugins/oauth2

Comments

@codebien
Copy link

Kong: 0.8.3

If I try to add an OAuth2 application with a client_secret that already exists it fails. What is the motivation for this behavior? IMHO, only client_id must be unique, not secrets.

I haven't tried with new versions but code seems not to be changed:
https://github.com/Mashape/kong/blob/master/kong/plugins/oauth2/daos.lua#L37

Thanks
@codebien codebien changed the title [OAuth2] Secret unqiueness check [OAuth2] Secret unique check Jan 12, 2017
@p0pr0ck5 p0pr0ck5 mentioned this issue Apr 24, 2017
Merged
@p0pr0ck5 p0pr0ck5 self-assigned this Apr 28, 2017
@p0pr0ck5 p0pr0ck5 closed this as completed May 8, 2017
@p0pr0ck5
Copy link
Contributor

p0pr0ck5 commented May 8, 2017

^ this was merged in last week. Thanks @codebien for the report!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@p0pr0ck5 p0pr0ck5

Labels
plugins/oauth2
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@subnetmarco @bungle @codebien @p0pr0ck5