diff options
author | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2018-11-29 16:43:00 +0100 |
---|---|---|
committer | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2018-11-29 16:43:00 +0100 |
commit | 01b3c4c20178b292d470eead153b91feaa05c057 (patch) | |
tree | 2d96e87f21c474dd29e959cd41d17324e2347068 /docs | |
parent | 719a5f3bc62465ab8502442458c72016bf91b7cd (diff) | |
download | oauthlib-01b3c4c20178b292d470eead153b91feaa05c057.tar.gz |
Initial OAuth2.0/PKCE Provider support
Diffstat (limited to 'docs')
-rw-r--r-- | docs/feature_matrix.rst | 9 | ||||
-rw-r--r-- | docs/oauth2/server.rst | 11 |
2 files changed, 17 insertions, 3 deletions
diff --git a/docs/feature_matrix.rst b/docs/feature_matrix.rst index 45010d1..df8cb0e 100644 --- a/docs/feature_matrix.rst +++ b/docs/feature_matrix.rst @@ -18,14 +18,16 @@ OAuth 2.0 client and provider support for: - `RFC7009`_: Token Revocation - `RFC Draft MAC tokens`_ - OAuth2.0 Provider: `OpenID Connect Core`_ +- OAuth2.0 Provider: `RFC7636`_: Proof Key for Code Exchange by OAuth Public Clients (PKCE) - OAuth2.0 Provider: `RFC7662`_: Token Introspection - OAuth2.0 Provider: `RFC8414`_: Authorization Server Metadata Features to be implemented (any help/PR are welcomed): -- OAuth2.0 Client: `OpenID Connect Core`_ -- OAuth2.0 Client: `RFC7662`_: Token Introspection -- OAuth2.0 Client: `RFC8414`_: Authorization Server Metadata +- OAuth2.0 **Client**: `OpenID Connect Core`_ +- OAuth2.0 **Client**: `RFC7636`_: Proof Key for Code Exchange by OAuth Public Clients (PKCE) +- OAuth2.0 **Client**: `RFC7662`_: Token Introspection +- OAuth2.0 **Client**: `RFC8414`_: Authorization Server Metadata - SAML2 - Bearer JWT as Client Authentication - Dynamic client registration @@ -51,5 +53,6 @@ RSA you are limited to the platforms supported by `cryptography`_. .. _`RFC Draft MAC tokens`: https://tools.ietf.org/id/draft-ietf-oauth-v2-http-mac-02.html .. _`RFC7009`: https://tools.ietf.org/html/rfc7009 .. _`RFC7662`: https://tools.ietf.org/html/rfc7662 +.. _`RFC7636`: https://tools.ietf.org/html/rfc7636 .. _`OpenID Connect Core`: https://openid.net/specs/openid-connect-core-1_0.html .. _`RFC8414`: https://tools.ietf.org/html/rfc8414 diff --git a/docs/oauth2/server.rst b/docs/oauth2/server.rst index 35a58aa..eca363b 100644 --- a/docs/oauth2/server.rst +++ b/docs/oauth2/server.rst @@ -246,6 +246,17 @@ the token. expires_at = django.db.models.DateTimeField() +**PKCE Challenge (optional)** + + If you want to support PKCE, you have to associate a `code_challenge` + and a `code_challenge_method` to the actual Authorization Code. + + .. code-block:: python + + challenge = django.db.models.CharField(max_length=100) + challenge_method = django.db.models.CharField(max_length=6) + + 2. Implement a validator ------------------------ |