Jarl André Hübenthal

i was in the same boat as you but there is a lot of examples out there. For ex gin-server shows how to make a server that is both AS...

This used by OpenID Connect to identify the logged in user. For client credentials this will not be filled out naturally, but with auth code with pkce flow, the user...

related to https://github.com/go-oauth2/oauth2/issues/224

Only thing i have not gotten working yet is secretless auth code flow with pkce for mobile apps. Try to test your AS in postman like this If kong supports...

when you say "grant type", do you mean "grant_type" which is passed into the token endpoint? If so, then i would use SetPasswordAuthorizationHandler on the server. And use the password...

authorisation code with flow PKCE without passing client_secret is hard to get working. Because nil or empty client_secret will cause the logic to not check client_credentials secret. because of: ```go...

So to actually fix this problem, where we want to use auth code flow with PKCE without passing client_secret in post body, is to use different functions for getting access...

~ok, i can "fix" this on my end by implementing this method and setting it on the server~ ```go ClientScopeHandler func(tgr *oauth2.TokenGenerateRequest) (allowed bool, err error) ``` but i dont...

made a PR here to fix the issue with client_secret being required in auth code flow with PKCE https://github.com/go-oauth2/oauth2/pull/230

this has to be deprecated .. gin-server piggy backs on go-oauth2/oauth2 and i currently use the latest version of the latter in conjunction with gin-server