Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow Authorization Code flow without a client_secret - Initial commit with Patch & testcases #1276

Merged
merged 2 commits into from
May 31, 2023
Merged

Allow Authorization Code flow without a client_secret - Initial commit with Patch & testcases #1276

merged 2 commits into from
May 31, 2023

Conversation

bull500
Copy link
Contributor

@bull500 bull500 commented May 31, 2023

Hello @n2ygk
Here's the PR

Fixes #1092

Description of the Change

Patch to address -> Allow Authorization Code flow without a client_secret #1092
Edited oauth2_provider/oauth2_validators.py and added testcases to tests/test_oauth2_validators.py
Ran tox. Seems alright

Checklist

  • PR only contains one change (considered splitting up PR)
  • unit-test added
  • documentation updated
  • CHANGELOG.md updated (only for user relevant changes)
  • author name in AUTHORS

@codecov
Copy link

codecov bot commented May 31, 2023
edited
Loading

Codecov Report

Merging #1276 (3ee6e66) into master (016c6c3) will decrease coverage by 0.06%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##           master    #1276      +/-   ##
==========================================
- Coverage   97.29%   97.24%   -0.06%     
==========================================
  Files          31       31              
  Lines        1996     1996              
==========================================
- Hits         1942     1941       -1     
- Misses         54       55       +1
Impacted Files Coverage Δ
oauth2_provider/oauth2_validators.py 93.98% <100.00%> (ø)

... and 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

n2ygk
n2ygk approved these changes May 31, 2023
View reviewed changes
Copy link
Member

@n2ygk n2ygk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a nice, clean addition that will help those who follow the latest OAuth 2.0 BCP which deprecates the implicit grant for browser-based apps, instead using authorization code with PKCE and an empty client_secret.

Thanks for this improvement!

CHANGELOG.md Outdated Show resolved Hide resolved
n2ygk
n2ygk approved these changes May 31, 2023
View reviewed changes
Copy link
Member

@n2ygk n2ygk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a nice, clean addition that will help those who follow the latest OAuth 2.0 BCP which deprecates the implicit grant for browser-based apps, instead using authorization code with PKCE and an empty client_secret.

Thanks for this improvement!

@n2ygk n2ygk merged commit 64faa9e into jazzband:master May 31, 2023
@bull500
Copy link
Contributor Author

bull500 commented May 31, 2023

Thank you @n2ygk for the merge and support! 😄

@glaucojunior22 glaucojunior22 mentioned this pull request Jun 14, 2023
Merged
3 tasks
@kbernst30 kbernst30 mentioned this pull request Jan 14, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@n2ygk n2ygk n2ygk approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Allow Authorization Code flow without a client_secret
2 participants
@bull500 @n2ygk