Closed pedroharbs closed 2 years ago
Hi @devbarba,
Thank you for submitting a PR. I have reached out to my friends at Microsoft's Identity Standards team to let them know about this problem.
I understand Microsoft's implementation pre-dates any of the I-D or WG drafts, which is why these non-conformities are present. But, it is not in the scope of this library to work around non conform behaviours.
What I'll suggest to you is to make a PR to expose the DeviceFlowHandle class, which I'd accept, and make the requests to azure's device_authorization_endpoint
yourself, then parse the response, modify it to be conform, instantiate DeviceFlowHandle manually and then proceed to await handle.poll()
as usual.
I got a reply from Microsoft.
The v2.0 endpoint (https://login.microsoftonline.com/{{tenant}}/oauth2/v2.0/devicecode) is RFC compliant.
Please use the latest interfaces from Azure and you're good to go.
Please use the latest interfaces from Azure and you're good to go.
Great @panva, many thank's!!
I'm working with Azure OIDC and building the Device Authorization flow and was receiving this error:
I did decide to do a deep verification what's happening and I did realize that Azure returns
verification_url
insteadverification_uri
:So, I did a verification before, regarding the field name and another fix on
expires_in
field verification.