wiresteward icon indicating copy to clipboard operation
wiresteward copied to clipboard
verified publisher icon utilitywarehouse

Support with Google OAuth2

Open tomberek opened this issue 9 months ago • 1 comments

While trying to get wiresteward working with Google's implementation of OAuth2, i needed these changes:

https://github.com/utilitywarehouse/wiresteward/compare/master...tomberek:wiresteward:tomberek.google

Not sure if I'm configuring something wrong, or if this is just due to differences in OAuth2 implementation.

tomberek avatar Feb 28 '25 21:02 tomberek

Hey @tomberek ! tyvm for raising this issue with a code change proposal. This code was developed against Okta Oauth2 APIs and it looks like there are differences in the implementation of /introspect endpoint between Okta and Google. We will be happy to keep this open and work on introducing support for Google as the provider to pass token validation.

Another thing to note here, is that your code seems to introduce a client sercret which is not favourable. Since Wiresteward is intended to be shipped to different clients for our use cases, we are following the PKCE flow, which seems to be supported by Google too: https://developers.google.com/identity/protocols/oauth2/native-app#step1-code-verifier. Is there a specific reason for wanting to a client secret here?

ffilippopoulos avatar Mar 04 '25 10:03 ffilippopoulos