Michael Salinger

I just came across this today after never having an issue. No prompt on my phone.

Merged into `dev`. Will be included in `v4.0.0`.

What does your authentication handler look like? How are you invoking it as part of your authorization flow?

@maxtruxa Will do

Yeah, I just don't see this as a common flow. It also isn't correct to include a `bearer` token in an auth grant request, at least not in any implementation...

Same... Any input?

> Really happy about moving forward on node-oauth2-server, especially the change into an oauthjs org. Yeah, I'm excited. Thanks for moving the express wrapper over there! > You nailed it....

@maxtruxa What's your take here?

Yes, it is. The idea of this library is that it handles the OAuth, not the authentication. So the general flow is that the request is submitted (for authorization_code grant...

The token endpoint requires a user, regardless of the grant type - so in this case, the method could be used to set the user to the same object as...