diff options
author | Jonathan Huot <JonathanHuot@users.noreply.github.com> | 2018-12-16 19:38:30 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-12-16 19:38:30 +0100 |
commit | 2d9410d17be0a748ae390ea466672157fe373d5a (patch) | |
tree | 66afc4e553e021157fe738f8eb569a015354cd78 /docs | |
parent | bc53c6189a1096fd1f112be42f372d70465ab4ac (diff) | |
parent | 8de1e52fabdd9c3738a012bb88e2234d1bd06255 (diff) | |
download | oauthlib-2d9410d17be0a748ae390ea466672157fe373d5a.tar.gz |
Merge branch 'master' into add-metadata-doc
Diffstat (limited to 'docs')
-rw-r--r-- | docs/feature_matrix.rst | 9 | ||||
-rw-r--r-- | docs/oauth2/server.rst | 11 |
2 files changed, 17 insertions, 3 deletions
diff --git a/docs/feature_matrix.rst b/docs/feature_matrix.rst index 45010d1..df8cb0e 100644 --- a/docs/feature_matrix.rst +++ b/docs/feature_matrix.rst @@ -18,14 +18,16 @@ OAuth 2.0 client and provider support for: - `RFC7009`_: Token Revocation - `RFC Draft MAC tokens`_ - OAuth2.0 Provider: `OpenID Connect Core`_ +- OAuth2.0 Provider: `RFC7636`_: Proof Key for Code Exchange by OAuth Public Clients (PKCE) - OAuth2.0 Provider: `RFC7662`_: Token Introspection - OAuth2.0 Provider: `RFC8414`_: Authorization Server Metadata Features to be implemented (any help/PR are welcomed): -- OAuth2.0 Client: `OpenID Connect Core`_ -- OAuth2.0 Client: `RFC7662`_: Token Introspection -- OAuth2.0 Client: `RFC8414`_: Authorization Server Metadata +- OAuth2.0 **Client**: `OpenID Connect Core`_ +- OAuth2.0 **Client**: `RFC7636`_: Proof Key for Code Exchange by OAuth Public Clients (PKCE) +- OAuth2.0 **Client**: `RFC7662`_: Token Introspection +- OAuth2.0 **Client**: `RFC8414`_: Authorization Server Metadata - SAML2 - Bearer JWT as Client Authentication - Dynamic client registration @@ -51,5 +53,6 @@ RSA you are limited to the platforms supported by `cryptography`_. .. _`RFC Draft MAC tokens`: https://tools.ietf.org/id/draft-ietf-oauth-v2-http-mac-02.html .. _`RFC7009`: https://tools.ietf.org/html/rfc7009 .. _`RFC7662`: https://tools.ietf.org/html/rfc7662 +.. _`RFC7636`: https://tools.ietf.org/html/rfc7636 .. _`OpenID Connect Core`: https://openid.net/specs/openid-connect-core-1_0.html .. _`RFC8414`: https://tools.ietf.org/html/rfc8414 diff --git a/docs/oauth2/server.rst b/docs/oauth2/server.rst index 35a58aa..6c065c5 100644 --- a/docs/oauth2/server.rst +++ b/docs/oauth2/server.rst @@ -246,6 +246,17 @@ the token. expires_at = django.db.models.DateTimeField() +**PKCE Challenge (optional)** + + If you want to support PKCE, you have to associate a `code_challenge` + and a `code_challenge_method` to the actual Authorization Code. + + .. code-block:: python + + challenge = django.db.models.CharField(max_length=128) + challenge_method = django.db.models.CharField(max_length=6) + + 2. Implement a validator ------------------------ |