Jan Küster
Jan Küster
Hey @beeing that looks good. I would love to see a PR on this one as it looks pretty easy and would be a good chance for you to do...
Can't merge chai 5 as it's esm-only now, which would require to convert our project to ESM-only as well. This, however would be another breaking change. However, since we lifted...
@Valerionn thank you for reporting. From what I see this must be still wrong in the types and docs, since scope must be a string, according to the standard. //...
This is the related PR: https://github.com/node-oauth/node-oauth2-server/pull/267 - Scope can be sent from clients either as string or array of strings. - Internally scope is managed as array of strings. -...
This is implementation detail, the allowed flag is set by client implementation and indicates approval if true or denied of false.
@saschanaz it's the second to third step in the Authorization Code Grant workflow: https://datatracker.ietf.org/doc/html/rfc6749.html#section-4.1 see Part B)
@saschanaz do you use express? We could create a minimal example project with express + vanilla JavaScript + in memory DB that shows how this could work. We have an...
@saschanaz I added you as collaborator to the examples repo and created a branch there incl. draft PR: https://github.com/node-oauth/node-oauth2-server-examples/pull/1 Let's continue discussion here: https://github.com/node-oauth/node-oauth2-server-examples/issues/2
@saschanaz @jfstephe just to clarify: we are all talking about the `authorization code grant` workflow here, right?
@saschanaz if you are still interested then please let's continue this in the examples repository. Closing this for now.