Skip to content

Use client authn on device auth request#757

Open
nsklikas wants to merge 1 commit intogolang:masterfrom
nsklikas:fix-device-auth
Open

Use client authn on device auth request#757
nsklikas wants to merge 1 commit intogolang:masterfrom
nsklikas:fix-device-auth

Conversation

@nsklikas
Copy link

@nsklikas nsklikas commented Nov 27, 2024

According to https://datatracker.ietf.org/doc/html/rfc8628#section-3.1:

The client authentication requirements of Section 3.2.1 of [RFC6749]
apply to requests on this endpoint, which means that confidential
clients (those that have established client credentials) authenticate
in the same manner as when making requests to the token endpoint, and
public clients provide the "client_id" parameter to identify
themselves.

This PR introduces client authentication on the device auth request. Same mechanism used for client authentication on the token endpoint is used on the device auth request as well.

The logic for making the device auth request was moved to the internal package similar to the token request logic, so that we can re-use the lookupAuthStyle cache.

Fixes #685

@gopherbot
Copy link
Contributor

gopherbot commented Nov 27, 2024

This PR (HEAD: 1549187) has been imported to Gerrit for code review.

Please visit Gerrit at https://go-review.googlesource.com/c/oauth2/+/632135.

Important tips:

  • Don't comment on this PR. All discussion takes place in Gerrit.
  • You need a Gmail or other Google account to log in to Gerrit.
  • To change your code in response to feedback:
    • Push a new commit to the branch used by your GitHub PR.
    • A new "patch set" will then appear in Gerrit.
    • Respond to each comment by marking as Done in Gerrit if implemented as suggested. You can alternatively write a reply.
    • Critical: you must click the blue Reply button near the top to publish your Gerrit responses.
    • Multiple commits in the PR will be squashed by GerritBot.
  • The title and description of the GitHub PR are used to construct the final commit message.
    • Edit these as needed via the GitHub web interface (not via Gerrit or git).
    • You should word wrap the PR description at ~76 characters unless you need longer lines (e.g., for tables or URLs).
  • See the Sending a change via GitHub and Reviews sections of the Contribution Guide as well as the FAQ for details.

@gopherbot
Copy link
Contributor

gopherbot commented Nov 27, 2024

Message from Gopher Robot:

Patch Set 1:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/632135.
After addressing review feedback, remember to publish your drafts!

@gopherbot
Copy link
Contributor

gopherbot commented Nov 27, 2024

Message from Gopher Robot:

Patch Set 1:

Congratulations on opening your first change. Thank you for your contribution!

Next steps:
A maintainer will review your change and provide feedback. See
https://go.dev/doc/contribute#review for more info and tips to get your
patch through code review.

Most changes in the Go project go through a few rounds of revision. This can be
surprising to people new to the project. The careful, iterative review process
is our way of helping mentor contributors and ensuring that their contributions
have a lasting impact.

Please don’t reply on this GitHub thread. Visit golang.org/cl/632135.
After addressing review feedback, remember to publish your drafts!

@nsklikas
oauth2: use client authn on device auth request
dcc463a 
According to https://datatracker.ietf.org/doc/html/rfc8628#section-3.1,
the device auth request must include client authentication.

Fixes golang#685
@gopherbot
Copy link
Contributor

gopherbot commented Nov 27, 2024

This PR (HEAD: dcc463a) has been imported to Gerrit for code review.

Please visit Gerrit at https://go-review.googlesource.com/c/oauth2/+/632135.

Important tips:

  • Don't comment on this PR. All discussion takes place in Gerrit.
  • You need a Gmail or other Google account to log in to Gerrit.
  • To change your code in response to feedback:
    • Push a new commit to the branch used by your GitHub PR.
    • A new "patch set" will then appear in Gerrit.
    • Respond to each comment by marking as Done in Gerrit if implemented as suggested. You can alternatively write a reply.
    • Critical: you must click the blue Reply button near the top to publish your Gerrit responses.
    • Multiple commits in the PR will be squashed by GerritBot.
  • The title and description of the GitHub PR are used to construct the final commit message.
    • Edit these as needed via the GitHub web interface (not via Gerrit or git).
    • You should word wrap the PR description at ~76 characters unless you need longer lines (e.g., for tables or URLs).
  • See the Sending a change via GitHub and Reviews sections of the Contribution Guide as well as the FAQ for details.

@gopherbot
Copy link
Contributor

gopherbot commented Jan 16, 2025

Message from Nikos Sklikas:

Patch Set 2:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/632135.
After addressing review feedback, remember to publish your drafts!

@gopherbot
Copy link
Contributor

gopherbot commented Mar 14, 2025

Message from Nikos Sklikas:

Patch Set 2:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/632135.
After addressing review feedback, remember to publish your drafts!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

No authentication sent with OAuth2 device authorization request

2 participants

@nsklikas @gopherbot