pankaj-sp
commented
5 days ago Hi, Will it be possible for you to share the update on this?
Open dtsiflit opened 3 weeks ago
pankaj-sp
commented
5 days ago Hi, Will it be possible for you to share the update on this?
pankaj-sp
commented
4 days ago I have already implemented this. Please let me know if I can raise a pull request for this.
dtsiflit
commented
4 days ago I have already implemented this. Please let me know if I can raise a pull request for this.
Hello @pankaj-sp , yes feel free to raise a PR. Thanks!
Add support for using dpopNonce provided by the authorization server, in the following interactions:
In the above cases, the authorization server may reply with a (oauth2) error use_dpop_nonce either because the dopNonce is missing or because the the value it is not the correct.
Library catches the above error, updates the dpopNonce of the client, to the new value provided by the server and repeats the call using the new dpopNonce. At this stage, if authorization server replies again with a use_dpop_nonce, library will not retry again.
Furthermore, authorization server at any of the aforementioned three interactions may choose to update the dpopNonce. To satisfy this, library evaluates whether success (200) responses contain a dpopNonce header, and if present, the locally held dpopNonce is updated.
Authorization Server-Provided Nonce https://datatracker.ietf.org/doc/html/rfc9449#name-authorization-server-provid
Resource Server-Provided Noncehttps://datatracker.ietf.org/doc/html/rfc9449#name-resource-server-provided-no
Authorization Code Binding to a DPoP Keyhttps://datatracker.ietf.org/doc/html/rfc9449#name-authorization-code-binding-