Comparison

mod_http_oauth2/README.markdown @ 5561:d6ab6f0bd96e

mod_http_oauth2: Add a more complete client registration example More fields from RFC 7591. We should probably mention and recommend more of them, especially the ones that are recorded in grants.
author Kim Alvefur <zash@zash.se>
date Thu, 22 Jun 2023 09:18:32 +0200
parent 5547:d4a2997deae9
child 5562:734788d8bfc3
comparison
equal deleted inserted replaced
5560:697d799fe601 5561:d6ab6f0bd96e
160 `tos_uri`, `policy_uri` 160 `tos_uri`, `policy_uri`
161 : Informative URLs pointing to Terms of Service and Service Policy 161 : Informative URLs pointing to Terms of Service and Service Policy
162 document **MUST** use the same scheme (i.e. `https://`) and hostname 162 document **MUST** use the same scheme (i.e. `https://`) and hostname
163 as the `client_uri`. 163 as the `client_uri`.
164 164
165 #### Registration Example 165 #### Registration Examples
166 166
167 In short registration works by POST-ing a JSON structure describing your 167 In short registration works by POST-ing a JSON structure describing your
168 client to an endpoint: 168 client to an endpoint:
169 169
170 ``` bash 170 ``` bash
180 ] 180 ]
181 } 181 }
182 ' 182 '
183 ``` 183 ```
184 184
185 Another example with more fields:
186
187 ``` bash
188 curl -sSf https://xmpp.example.net/oauth2/register \
189 -H Content-Type:application/json \
190 -H Accept:application/json \
191 --data '
192 {
193 "application_type" : "native",
194 "client_name" : "Desktop Chat App",
195 "client_uri" : "https://app.example.org/",
196 "contacts" : [
197 "support@example.org"
198 ],
199 "policy_uri" : "https://app.example.org/about/privacy",
200 "redirect_uris" : [
201 "http://localhost:8080/redirect",
202 "org.example.app:/redirect"
203 ],
204 "scope" : "xmpp",
205 "software_id" : "32a0a8f3-4016-5478-905a-c373156eca73",
206 "software_version" : "3.4.1",
207 "tos_uri" : "https://app.example.org/about/terms"
208 }
209 '
210 ```
211
185 ### Supported flows 212 ### Supported flows
186 213
187 - Authorization Code grant, optionally with Proof Key for Code Exchange 214 - Authorization Code grant, optionally with Proof Key for Code Exchange
188 - Resource owner password grant 215 - Resource owner password grant
189 - Implicit flow *(disabled by default)* 216 - Implicit flow *(disabled by default)*