rhamzeh
commented
1 year ago Thanks for raising the issue @stefanmilivojevic91 !
Open stefanmilivojevic91 opened 1 year ago
rhamzeh
commented
1 year ago Thanks for raising the issue @stefanmilivojevic91 !
rhamzeh
commented
1 year ago @stefanmilivojevic91 if we allowed you to specify the token endpoint itself, will that be enough to resolve your issue?
Basically, if you set ApiTokenIssuer with a path, we will no longer append /oauth/token.
| So: | ApiTokenIssuer |
Endpoint SDK will hit |
|---|---|---|
issuer.fga.example |
https://issuer.fga.example/oauth/token |
|
https://issuer.fga.example |
https://issuer.fga.example/oauth/token |
|
issuer.fga.example/some_endpoint |
https://issuer.fga.example/some_endpoint |
|
https://issuer.fga.example/some_endpoint |
https://issuer.fga.example/some_endpoint |
stefanmilivojevic91
commented
1 year ago @rhamzeh My apologies for the delayed response, I think that will do the job, thanks :)
mdimovskihtec
commented
1 year ago @rhamzeh Hi, maybe allow overriding of the endpoint? That should allow for more customization, because I think it does not cover the case for oauth2 endpoints. For example, the oauth2 endpoint in Azure is oauth2/v2.0/token
Token endpoint path should be fetched from issuer's openid configuration (.well-known/openid-configuration) endpoint. AzureAD has oauth2/token for instance and OAuth2Client is unable to fetch access token using client credentials flow (FgaApiNotFoundError exception is thrown). https://github.com/openfga/dotnet-sdk/blob/main/src/OpenFga.Sdk/ApiClient/OAuth2Client.cs#L122