Skip to content

Commit

Permalink
Merge pull request #2521 from Cedric-Magnan/master
Browse files Browse the repository at this point in the history
feat: Update response_types_supported to allow multiple-valued response type combinations
  • Loading branch information
sagikazarmark authored Jul 22, 2023
2 parents bfa6d61 + 7e4798a commit 295b0ac
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 5 deletions.
10 changes: 7 additions & 3 deletions server/oauth2.go
Original file line number Diff line number Diff line change
Expand Up @@ -145,9 +145,13 @@ const (
)

const (
responseTypeCode = "code" // "Regular" flow
responseTypeToken = "token" // Implicit flow for frontend apps.
responseTypeIDToken = "id_token" // ID Token in url fragment
responseTypeCode = "code" // "Regular" flow
responseTypeToken = "token" // Implicit flow for frontend apps.
responseTypeIDToken = "id_token" // ID Token in url fragment
responseTypeCodeToken = "code token" // "Regular" flow + Implicit flow
responseTypeCodeIDToken = "code id_token" // "Regular" flow + ID Token
responseTypeIDTokenToken = "id_token token" // ID Token + Implicit flow
responseTypeCodeIDTokenToken = "code id_token token" // "Regular" flow + ID Token + Implicit flow
)

const (
Expand Down
4 changes: 2 additions & 2 deletions server/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -225,9 +225,9 @@ func newServer(ctx context.Context, c Config, rotationStrategy rotationStrategy)

for _, respType := range c.SupportedResponseTypes {
switch respType {
case responseTypeCode, responseTypeIDToken:
case responseTypeCode, responseTypeIDToken, responseTypeCodeIDToken:
// continue
case responseTypeToken:
case responseTypeToken, responseTypeCodeToken, responseTypeIDTokenToken, responseTypeCodeIDTokenToken:
// response_type=token is an implicit flow, let's add it to the discovery info
// https://datatracker.ietf.org/doc/html/rfc6749#section-4.2.1
allSupportedGrants[grantTypeImplicit] = true
Expand Down

0 comments on commit 295b0ac

Please sign in to comment.