Kévin Chalet

I gave it a try too and even after tweaking `interfaces.inc` to generate the `prefix-interface [wan]` section when advanced configuration is used, it didn't work. The generated configuration looks good...

> @fichtner Yep you're right, sorry I'm afraid I can't help for testing at this point then, my php-fu isn't as sharp as @kevinchalet :) Haha, PHP brings back sweet...

@andregeuze interested in giving it a try? 😃

FYI, I just updated all the samples to target .NET 5.0, which shouldn't be a problem for this work item, but don't hesitate to ping me if you hit any...

Thanks for the pointer @veikkoeeva 👍🏻

`private_key_jwt` is already supported by the new OpenIddict client as it was required for the Apple SignIn provider but the OpenIddict server doesn't support it yet. Native support for client...

> Assertion grant flows are 1 of the 4 vignettes that are tested. I will look at the samples and define a custom flow that handles assertion grants (I saw...

If you can't/don't want to wait for built-in support, you'll need to replace these 2 handlers: - https://github.com/openiddict/openiddict-core/blob/eb8715d96440c05400b3613d37ca64385d79c042/src/OpenIddict.Server/OpenIddictServerHandlers.Exchange.cs#L498-L537: `ValidateClientCredentialsParameters` blocks the request if `client_id` and/or `client_secret` is/are missing. You'll want...

> Having said that I think working with these handlers would help me better understand this extremely well done package. Haha, thanks for the kind words! 😃 > What is...

I suspect this could be related to the fact you're trying to subclass the built-in `ValidateClientSecret` handler, which is something you should never do. Instead, create your own independent handler...