casdoor
casdoor copied to clipboard
OAuth 2.0 device authorization grant support
Summary
I tried to use casdoor in our project, but I notice it doesn't support the OAuth 2.0 device authorization, this model is simple and powerful. This is a great feature if the casdoor can support this, see here for this model.
@Steve0x2a @seriouszyx @Abingcbc @ComradeProgrammer
Casdoor supports oidc protocol to access the application, and oidc is based on oauth, you can get the relevant information in this document:https://casdoor.org/docs/how-to-connect/oidc-client/
OIDC has multiple auth models, such as implicit-grant-flow, auth-code-flow, device-code-flow. I guess the casdoor can support implicit-grant-flow and auth-code-flow, I haven't tested it, but I tried the device-code-flow, the casdoor doesn't provide the device_authorization_endpoint
in .well-known/openid-configuration
.
Oh you're right, casdoor doesn't support device-code-flow yet, do we need to add that? @hsluoyz
@Steve0x2a Please update #415.
@Steve0x2a Please update #415.
@nodece Thank you for your review! But totp we have discussed and feel that we still need to make some major changes, so this pr may not progress in a short time, if we continue to move forward with this pr, I will make changes according to your suggestions, thank you very much.
@Steve0x2a Could you share this discussion thread? I want to know this progress.
Done