Is your feature request related to a problem? Please describe.

When querying the Clients/Consent Sessions using pagination, ORY Hydra will only return results with some links, but not the total count of the items, which is useful to display in the frontend, you know, showing the total pages or something.

Describe the solution you'd like

Add the total_count parameter into Hea

authlib contains pretty much all you need to implement JWT token validation. It would be nice if there was a simple default one provided. I'm not sure how many moving parts it would have. If no single validator would cover 80% of cases, maybe provide more docs on how to assemble one.

@lepture If you have a general idea of how you would like to see this implemented I would probably be able to do

https://tools.ietf.org/html/rfc6749#section-4.1.1
States that the redirect_uri is OPTIONAL

The server returns an error when redirect_uri is omitted. https://github.com/go-oauth2/oauth2/blob/master/server/server.go#L152

redirectURI := r.FormValue("redirect_uri")
clientID := r.FormValue("client_id")
if !(r.Method == "GET" || r.Method == "POST") ||
    clientID == "" ||
    re

Django doesn't guarantee a consistent ordering of models without an
explicit default ordering.

https://github.com/juanifioren/django-oidc-provider/blob/f0daed07b2ac7608565b80d4c80ccf04d8c416a8/oidc_provider/lib/utils/token.py#L158

Rotating RSA keys requires a consistent ordering, because the first key in the set of keys is always used for signing. Should we add a default ordering?

See ht

Reading through the documentation and being quite new to oAuth in general, I think its very confusing if these two addons are actually the same thing.

The documentation telling you to refer to the other addon continuously isn't great...

Attempting to install ember-oauth2 resulted in a error, so I chose ember-token-auth.

Are they the same? If not, what is the difference and which one shoul

@LostKobrakai commented on slack that some sensitive information is currently logged in requests in Phoenix, like client_secret or request_path and should be filtered.

I agree, and it may also be a good idea to hash client_secret by default in the DB.

We're using Grape with Grape::OAuth2 for a Rails project which provides an API that needs to be secured by the Client Credentials flow of OAuth2.

We've been following the configuration guidelines and the 'lazy' usage example stated in the README, but we have a question regarding the resource_owner_class_name. As we are using Client Credentials we don't need a resource owner, but the documenta

We've got this on email:

Hello!

I would like to create a new oauth2 server, and I have found your
oauth2-server library on gitlab. I was able to compile the example-app
project, but I'm not sure how to use it. I don't see the endpoints. For
example, http://127.0.0.1:8888/oauth2-example-app/login.html or /oauth
or /oauth/login etc. All of them give me 404 not found.

Do you have a g

In order to make it usable for thirdy-party users, it should be possible to set the UI copy through a configuration scheme. The application name should be changeable wherever possible. Related to #70