EvanHahn
commented
5 years ago It looks like it was merged in #464 but it's not released yet, for what it's worth. (Not sure much other than that...)
Open ReeSilva opened 5 years ago
EvanHahn
commented
5 years ago It looks like it was merged in #464 but it's not released yet, for what it's worth. (Not sure much other than that...)
brenc
commented
5 years ago Well this is frustrating. I've been fighting this all week and it turns out it's not even implemented.
After digging around it looks like this project and the Express adapter are all but abandoned. I'll probably just implement my own system at this point.
EvanHahn
commented
5 years ago That's what I wound up doing, for what it's worth. Don't let that be a commentary on the status of this module, but a judgment call I made.
brenc
commented
5 years ago So it looks like the implicit flow is no longer recommended: "the industry best practice has changed to recommend that public clients should use the authorization code flow with the PKCE extension instead."
perry-mitchell
commented
3 years ago So this basically rules out this library when considering a secret-less sign-in process. If neither implicit grants or PKCE are supported.
Hey guy, there is any lack on support of implicit flow?
Because when I try to use response_type token it returns response_type not supported and in the line of response types, token is commented: https://github.com/oauthjs/node-oauth2-server/blob/master/lib/handlers/authorize-handler.js#L32
I've tried to uncomment just to test and it says not implemented.
There is any ETA to release either this or PKCE ASAP?
Thanks in advance.