-
Notifications
You must be signed in to change notification settings - Fork 66
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Add support for audience in authorization request #68
Conversation
Hey @abhisek, I'm not familiar with this requirement. Could you provide some more details (and expanded acronyms) about what problem this is solving and how it solves it? |
@jtmcg Sure. Thanks for looking at this PR. I will take a stab at explaining the rationale behind this PR, apologies if it is unnecessarily verbose. As I understand, cli/oauth helps cli applications integrate with an OAuth2 capable Identity Provider (IDP). While primarily this is built for integrating cli applications with OpenID Connect (OIDC) compliant Identity Providers usually encode the identity of the authenticating user (resource owner in OAuth2 terminology) in a JSON Web Token (JWT) with standard claims for I am using this package in my project vet to authenticate with Auth0 Identity Provider. As it turns out, This PR is to add the support for users of the package to "optionally" add an audience parameter in the authorization request sent to the identity provider. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the explanation on what's going on - it was very helpful. I had no idea about most of this before now, so thanks for taking the time to teach me 🙇
Anyway, this looks good. I spent some time tinkering around with your implementation and I like where you landed 👍 My only feedback is the small variable name change, otherwise LGTM.
Thanks for the contribution!
@abhisek, I tried to fix the linter errors for you but my commit got rejected 😞 Once those are fixed we can |
@jtmcg Oops. Did not notice the linter errors. Fixed it. Verified by running locally as well
Hope the CI passes when you approve the run. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Thanks for the contribution!
Thanks @jtmcg Will it be possible for you to make a release so that I can switch back to this repo in my project and get rid of this? |
Done! Thanks again for the contribution 🍻 |
Add support for
audience
in authorization request. This is required for IDPs that mandate having an audience field to be able to issue JWT in access token.