casdoor icon indicating copy to clipboard operation
casdoor copied to clipboard

Published 20 hours ago verified publisher icon casdoor

OAuth 2.0 device authorization grant support

Open nodece opened this issue 2 years ago • 7 comments

Summary

I tried to use casdoor in our project, but I notice it doesn't support the OAuth 2.0 device authorization, this model is simple and powerful. This is a great feature if the casdoor can support this, see here for this model.

nodece avatar Feb 12 '22 10:02 nodece

@Steve0x2a @seriouszyx @Abingcbc @ComradeProgrammer

casbin-bot avatar Feb 12 '22 10:02 casbin-bot

Casdoor supports oidc protocol to access the application, and oidc is based on oauth, you can get the relevant information in this document:https://casdoor.org/docs/how-to-connect/oidc-client/

Steve0x2a avatar Feb 12 '22 10:02 Steve0x2a

OIDC has multiple auth models, such as implicit-grant-flow, auth-code-flow, device-code-flow. I guess the casdoor can support implicit-grant-flow and auth-code-flow, I haven't tested it, but I tried the device-code-flow, the casdoor doesn't provide the device_authorization_endpoint in .well-known/openid-configuration.

nodece avatar Feb 12 '22 11:02 nodece

Oh you're right, casdoor doesn't support device-code-flow yet, do we need to add that? @hsluoyz

Steve0x2a avatar Feb 12 '22 11:02 Steve0x2a

@Steve0x2a Please update #415.

nodece avatar Feb 22 '22 10:02 nodece

@Steve0x2a Please update #415.

@nodece Thank you for your review! But totp we have discussed and feel that we still need to make some major changes, so this pr may not progress in a short time, if we continue to move forward with this pr, I will make changes according to your suggestions, thank you very much.

Steve0x2a avatar Feb 22 '22 10:02 Steve0x2a

@Steve0x2a Could you share this discussion thread? I want to know this progress.

nodece avatar Feb 22 '22 11:02 nodece

Done

hsluoyz avatar Mar 10 '23 15:03 hsluoyz