oauth2 icon indicating copy to clipboard operation
oauth2 copied to clipboard

Published 20 hours ago verified publisher icon go-oauth2

Why does ClientInfo carry a User ID?

Open tobiassjosten opened this issue 2 years ago • 4 comments

Looking at the ClientInfo interface, there's a GetUserID() method. How could that be populated after a call to ClientStore.GetByID? I'm not 100% certain how all of this ties together but it seems impossible to pick one specific user based on only a Client's ID.

Maybe at least this specific property could be the first target for #228? :)

tobiassjosten avatar Dec 28 '22 11:12 tobiassjosten

This used by OpenID Connect to identify the logged in user. For client credentials this will not be filled out naturally, but with auth code with pkce flow, the user id will be the logged in user. Either via the AS internal authentication mechanisms (if one chooses to add that) or from some other identity provider. One identity provider might ask the user the authorise towards a different identity provider to obtain a valid logged in state for the authorisation to complete.

jarlandre avatar Jan 19 '23 09:01 jarlandre

related to https://github.com/go-oauth2/oauth2/issues/224

jarlandre avatar Jan 19 '23 10:01 jarlandre

Thanks, @jarlandre! Sounds like it might be something I'll have to dig into further, as I'm using the auth code with PKCE flow.

tobiassjosten avatar Jan 20 '23 18:01 tobiassjosten

can we document this?

bokunodev avatar Jan 24 '23 06:01 bokunodev