Open ghost opened 3 months ago
I also had to add a special case to my library for that rfc deviation: https://github.com/PhilippHeuer/credential-manager/blob/02ce8e38d47ca8762a6d8a21a80e00490ba875b0/src/main/java/com/github/philippheuer/credentialmanager/identityprovider/OAuth2IdentityProvider.java#L277
Would be best to keep the existing fields but add the error
field (to maintain backwards compatibility at the expense of duplicated data)
Brief description I'm trying to authenticate using this Go library. Authentication fails when I enter user code in the browser. It seems like
/token
endpoint doesn't follow this spec and produces wrong JSON.How to reproduce
Expected behavior When trying to obtain access token before user entered the code,
/token
endpoint should produce this JSON:status
field shouldn't be there andmessage
should be callederror
.