-
Notifications
You must be signed in to change notification settings - Fork 4k
Make client secret optional while parsing basic authentication secret #2374
Make client secret optional while parsing basic authentication secret #2374
Conversation
Except the tests? |
Sorry didn't get it, can you elaborate more ? |
Well, look at the status:
|
Oh yes, I noticed that, but it looks like it's related to Ubuntu where it failed to compile the integration test project, the windows image with visual studio passed all tests I don't think the modified unit test broke that project |
Ah yes, you're right -- I hadn't followed the link to know it was the unbutu build. I guess something environmental. |
This is my second PR to Identity server, and both of them were very minimal changes, but my bad luck jumped in the verification process in both PR, the earlier one failed mysteriously as well |
No worries. We'll have a look. Thanks |
Welcome :) |
Thanks! Could you also add an integration test - basically a client with empty secret calling into the token endpoint - I want to make sure, nothing breaks later in the pipeline because of a null secret. |
Sure, working on it :) |
…asic authentication scheme
@leastprivilege please take a look at the integration test when you have time. |
You also need a test for an empty secret I guess - not just RequireClientSecret = false. |
So to verify the assertion of the test with you: Correct me if I'm wrong, and thanks for the help in advance. |
Add a client with require secret = true but an empty secret - see if that works as expected. |
After investigating the code, I think the semantic of empty secret is not supported currently, what is supported is a client that has RequireClientSecret set to Please advice on the next step and correct me please if I'm wrong. |
You are probably right - will have a look and merge later...thanks! |
thanks! |
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
This PR add feature request in #2267 ticket
It doesn't introduce breaking change.