Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add more constants to OAuth2ParameterNames #15130

Open
Tracked by #13090
xenoterracide opened this issue May 22, 2024 · 4 comments
Open
Tracked by #13090

add more constants to OAuth2ParameterNames #15130

xenoterracide opened this issue May 22, 2024 · 4 comments
Assignees
Labels
in: docs An issue in Documentation or samples status: feedback-provided Feedback has been provided type: enhancement A general enhancement

Comments

@xenoterracide
Copy link

code_verifier, code_challenge, and code_challenge_method would be nice.

@xenoterracide xenoterracide added status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement labels May 22, 2024
@jzheaux
Copy link
Contributor

jzheaux commented May 31, 2024

Hey, @xenoterracide, thanks for the suggestion. Are you able to use the ones in PkceParameterNames?

@jzheaux jzheaux self-assigned this May 31, 2024
@jzheaux jzheaux added status: waiting-for-feedback We need additional information before we can continue in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) and removed status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement labels May 31, 2024
@xenoterracide
Copy link
Author

xenoterracide commented May 31, 2024

I am, but it was very unintuitive and I didn't stumble across it... One thought that I had on that though was that you could make like jpa model Jen and extend these other classes. I don't actually fully agree with that approach because using inheritance for a utility class seems kind of naughty.

So, it's not a can or can't use it's a discovery issue like I had no idea this code existed when I reported this ticket I found it in between then and now.

Something something documentation with examples 😉 That test the API.

@spring-projects-issues spring-projects-issues added status: feedback-provided Feedback has been provided and removed status: waiting-for-feedback We need additional information before we can continue labels May 31, 2024
@jzheaux
Copy link
Contributor

jzheaux commented May 31, 2024

Okay, awesome. I agree that there's room for improvement in how this is discovered. I think at least the OAuth2ParameterNames javadoc could point to PkceParameterNames, e.g. @see PkceParameterNames.

What were the circumstances where you needed access to those properties? That way, I can see whether I can add something easily as a snippet into the docs or if a full sample in spring-security-samples would be better.

@jzheaux jzheaux added status: waiting-for-feedback We need additional information before we can continue in: docs An issue in Documentation or samples type: enhancement A general enhancement and removed status: feedback-provided Feedback has been provided in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) labels May 31, 2024
@xenoterracide
Copy link
Author

writing this test https://github.com/xenoterracide/spring-app-commons/blob/main/module/test-authorization-server/src/test/java/com/xenoterracide/test/authorization/server/AuthorizationServerTest.java

It was very challenging as someone who's never done the PKCE workflow and hasn't touched an oauth implementation in years to figure out the exact flow of requests in order to test an implementation. The docs and samples seem to mostly skim right over testing the thing.

@spring-projects-issues spring-projects-issues added status: feedback-provided Feedback has been provided and removed status: waiting-for-feedback We need additional information before we can continue labels May 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
in: docs An issue in Documentation or samples status: feedback-provided Feedback has been provided type: enhancement A general enhancement
Projects
None yet
Development

No branches or pull requests

3 participants