Added basic support for oauth2-password-flow #1574
Conversation
lib/swagger-oauth.js
Outdated
|
|
||
| var authParams = { | ||
| grant_type: 'password', | ||
| client_id: encodeURIComponent(clientId), |
There was a problem hiding this comment.
may I suggest adding the client_secret here as well?
client_secret: encodeURIComponent(clientSecret),
at least it helped me using password flow with my REST API endpoint which requird a secret as well for token generation
There was a problem hiding this comment.
In my last push I added the client secret to the auth headers for basic auth. I believe Spring Security requires basic auth for getting a token. Does it solve your problem as well @pkerspe or does it need to be a query param?
There was a problem hiding this comment.
unfortunately cannot confirm that the basic auth header part would be working for me, was trying with your last push, but had to roll back. I am using the shaffer/oauth2-server-php by the way. Grant type is UserCredentials (password).
|
What will happen if you have both "password" and "implicit" or "accessCode" oauth schemes defined ? See #1644 |
|
I've been using it for a couple of weeks now, and this PR works fine! (However, login/password inputs are not styled/aligned at all, but it is not a big deal for me at this point.) Anyone can test it using my example RESTful API server: https://github.com/frol/flask-restplus-server-example/ |
…and added a heap of fixes on top of that
…and added a heap of fixes on top of that
|
@pusherman - Definitely should have dealt with it a long time ago, but unfortunately, I didn't. We do appreciate the time you've taken into putting this up, but as you can tell, it is no longer relevant. Thanks again for taking the time and putting in the effort. |
Issue #807 - refresh_token is not yet support but basic the basic username/password auth works. Will continue to work on refresh_token as I have time.