Commit graph

4 commits

Author SHA1 Message Date
Andrew Godwin
5ea3d5d143 Implement a client_credentials process for read 2023-03-06 15:48:43 -07:00
Andrew Godwin
1f3f28e8ff Check scope on API endpoints 2023-02-19 11:37:02 -07:00
Cosmin Stejerean
efd5f481e9
OAuth2 Fixes (#338)
This implements a few oauth2 fixes:

- passes along the state object
- enforces authorization code expiration (currently set to 1 minute, we could make this configurable)
- enforces redirect_uri
- properly checks for client_secret when granting a token
- handles pulling client authentication for token grant from basic auth
- implement token revocation
2023-01-01 11:46:55 -07:00
Andrew Godwin
3e062aed36 Timelines working 2022-12-12 11:56:49 -07:00