Open emersion opened 1 year ago
Note, it seems like doorkeeper-openid_connect supports this: https://github.com/doorkeeper-gem/doorkeeper-openid_connect/pull/152
It would still be nice to support the RFC without an additional plugin.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Ping
Hey @emersion , thanks for the feedback. I think we can add it into Doorkeeper itself, yes, and then reuse in doorkeeper openid_ connect extending default data. Would you mind prepare a PR?
Sounds good. I don't have time for this at the moment, but will keep in my TODO list.
@nbulaj I think I can maybe secure some funding for this work, would you like me to implement it if I can secure that funding? (I'm wanting to implement this in Mastodon)
@emersion we implemented this directly in Mastodon 4.3 via https://github.com/mastodon/mastodon/pull/29191, since I had the funding to implement and didn't receive a response here.
Hey @emersion , thanks for the feedback. I think we can add it into Doorkeeper itself, yes, and then reuse in doorkeeper openid_ connect extending default data. Would you mind prepare a PR?
@nbulaj keep in mind that .well-known/oauth-authorization-server
and .well-known/openid-configuration
are different specifications; They're very similar but different.
See https://www.rfc-editor.org/rfc/rfc8414
This allows clients to auto-discover OAuth 2.0 parameters instead of having to hardcode them.