doorkeeper-openid_connect Possible to disable `client_secret_basic` for `token_endpoint_auth_methods

Possible to disable `client_secret_basic` for `token_endpoint_auth_methods_supported`?

Open jits opened this issue 2 years ago • 0 comments

Hi, thanks for developing this library. It's super useful in setting up an OIDC server as part of a platform.

Is it possible to disable client_secret_basic as an option for token_endpoint_auth_methods_supported? I see that it's hardcoded in the controller: https://github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/69828cb8ae788078674a2238f7d754b3a6c6b76d/app/controllers/doorkeeper/openid_connect/discovery_controller.rb#L48 – has there been some consideration in making this configurable?

I'm happy to submit a PR to support this.

Nov 08 '22 15:11 jits

doorkeeper-openid_connect doorkeeper-openid_connect copied to clipboard

Possible to disable `client_secret_basic` for `token_endpoint_auth_methods_supported`?

doorkeeper-openid_connect
doorkeeper-openid_connect copied to clipboard