Skip to content

Allow making raw HTTP POST requests to the authz server#463

Open
misberner wants to merge 1 commit intogolang:masterfrom
misberner:mi-raw-http-requests
Open

Allow making raw HTTP POST requests to the authz server#463
misberner wants to merge 1 commit intogolang:masterfrom
misberner:mi-raw-http-requests

Conversation

@misberner
Copy link

@misberner misberner commented Dec 11, 2020

This PR adds functionality to make token-style HTTP requests to an arbitrary endpoint of the authz server, instead of just for retrieving tokens.

Use case: the main motivation was to support for OAuth2 token revocation per RFC7009. The token revocation endpoint requires client credentials, and implementing it outside of this library requires effectively re-implementing the auth style auto-sensing & caching.

This seemed the most convenient way of leveraging the library for token revocation. If desired, I can also make this less general to only support token revocation, but a.o.t. this would require figuring out the revocation URLs for all supported providers, which is outside my current time budget.

@google-cla google-cla bot added the cla: yes label Dec 11, 2020
@gopherbot
Copy link
Contributor

gopherbot commented Dec 11, 2020

This PR (HEAD: d2a14ae) has been imported to Gerrit for code review.

Please visit https://go-review.googlesource.com/c/oauth2/+/277272 to see it.

Tip: You can toggle comments from me using the comments slash command (e.g. /comments off)
See the Wiki page for more info

@gopherbot
Copy link
Contributor

gopherbot commented Dec 11, 2020

Message from Go Bot:

Patch Set 1:

Congratulations on opening your first change. Thank you for your contribution!

Next steps:
A maintainer will review your change and provide feedback. See
https://golang.org/doc/contribute.html#review for more info and tips to get your
patch through code review.

Most changes in the Go project go through a few rounds of revision. This can be
surprising to people new to the project. The careful, iterative review process
is our way of helping mentor contributors and ensuring that their contributions
have a lasting impact.

Please don’t reply on this GitHub thread. Visit golang.org/cl/277272.
After addressing review feedback, remember to publish your drafts!

@misberner misberner force-pushed the mi-raw-http-requests branch from d2a14ae to 0b4d90a Compare September 4, 2021 01:03
@gopherbot
Copy link
Contributor

gopherbot commented Sep 4, 2021

This PR (HEAD: 0b4d90a) has been imported to Gerrit for code review.

Please visit https://go-review.googlesource.com/c/oauth2/+/277272 to see it.

Tip: You can toggle comments from me using the comments slash command (e.g. /comments off)
See the Wiki page for more info

@janisz janisz mentioned this pull request Feb 28, 2025
Open
@janisz
Copy link

janisz commented Feb 28, 2025

Fixes:

octavio12345300
octavio12345300 approved these changes Aug 26, 2025
View reviewed changes
Copy link

@octavio12345300 octavio12345300 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

List

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@octavio12345300 octavio12345300 octavio12345300 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

cla: yes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@misberner @gopherbot @janisz @octavio12345300