search

myndocs / kotlin-oauth2-server

Flexible OAuth2 server library. Support for multiple frameworks
Apache License 2.0
150 stars 25 forks source link

Allow extension of grant types #43

Closed palmenhq closed 5 years ago

palmenhq commented 5 years ago

Oauth2 supports extending a server with custom grant types, as described i.e. here:

OAuth 2.0 also supports extension grant types allowing organizations to define their own custom grant types to support additional client types or to provide a bridge between OAuth and existing systems. https://www.oauth.com/oauth2-servers/differences-between-oauth-1-2/user-experience-alternative-token-issuance-options/)

Problem: Allowed grant types seem to be hard-coded i.e. in the CallRouter as of now.

Solution There should be away of configuring your own custom grant types and their corresponding flows.

Alternatives N/A

Other info (Have taken this lib for a spin now, looks really awesome so far!)

adhesivee commented 5 years ago

Thanks for reporting this! I will add a callback in the configuration for the extension grant types. These callbacks should accept CallContext and TokenService, that should probably be enough.

adhesivee commented 5 years ago

Closing this. Extension is now possible. It should be done in a more friendly way (#46)