Is your feature request related to a problem? Please describe.

When querying the Clients/Consent Sessions using pagination, ORY Hydra will only return results with some links, but not the total count of the items, which is useful to display in the frontend, you know, showing the total pages or something.

Describe the solution you'd like

Add the total_count parameter into Hea

So I'm extremely confused about what I should use when instantiating AuthorizationServer object.

So the documentation directs people to generate public and private keys and then literally says:

The authorization server also requires the public key.

But then this commit removes the public key from the AuthorizationServer code:
[76

The links on the FAQ page in the wiki still point to the old wiki, which seems to be deprecated.

I am trying to setup Strapi with a new auth provider (Login.gov). They use grant for auth. The issue I am currently having is that Login.gov wants state and nonce to be at least 32 characters in length. I know this is probably an edge case but is there any reason this 10 couldn't be changed to 32?

https://github.com/simov/grant/blob/c8e

Is your feature request related to a problem? Please describe.

The public key-based request signing functionality added to sso_proxy in buzzfeed/sso#106 is undocumented. In particular, it's not immediately obvious how to a) generate an appropriate keypair or b) validate a signed request in an upstream service.

Describe the solution you'd like

New documenta

There are a few files that still do not have type values. Those should be finished for PRAW 7.0.0.

Should the Debian install docs mention:

sudo apt-get install apt-transport-https

?

Just hit that myself, and we also had a recent support request about it.

/cc @danderson

Describe the feature

Ideally the documentation should mention all the datastore models required by the OpenID Connect flows. The current documentation has this section for OAuth2.0 (https://oauthlib.readthedocs.io/en/latest/oauth2/server.html#create-your-datastore-models) but it is missing for OIDC.

For Twig it is ok, tell me please what if site used with API?

Everything build with json and JsonResponses, urls for UI we dont have, and do not know what is going on on UI, it can be some Andriod app written with Java, or some JS framewrok, or else.

What configurations should be set?
Any examples?
Docs?

Because there is example only for Twig.
There are not much examples.
https://gi

authlib contains pretty much all you need to implement JWT token validation. It would be nice if there was a simple default one provided. I'm not sure how many moving parts it would have. If no single validator would cover 80% of cases, maybe provide more docs on how to assemble one.

@lepture If you have a general idea of how you would like to see this implemented I would probably be able to do

Is your feature request related to a problem? Please describe.

I am trying to build an OpenID provider only, I do not really have any resources to which one would delegate access to. So I do not need OAuth provider, just OpenId provider. The issue is that currently documentation/example just says that OAuth handlers have to be registered before OpenId ones, but does not explain which are th

I'm working on authenticating with Bungie to do fun things with the Destiny API. In their OAuth documentation here, they specify the parameters to be used when POSTing to their token exchange endpoint, one of which is grant_type:

grant_type: Value must be set to “authorization_code”.

Inside of exchangeForToken() it

This is not a question just a query, it is mentioned in authentication.md that facebook OAuth is not working but in my case, it is working completely fine.

What would you like to be added

Allow more url variations in "step certificate inspect".
e.g.

// this works
step certificate inspect https://www.google.com

// these don't
step certificate inspect https://www.google.com/
step certificate inspect www.google.com:443
step certificate inspect www.google.com

Why this is needed

More convenience

Turns out this is a whitelist that defaults to []. We just got bit pretty hard by this behavior being hidden, so it's worth calling out in the docs. Effectively we had a bunch of plugs all acting on the presence of query params and were very confused why they never seemed to actually trip. This whitelist behavior was very unexpected.

Seems to have been added quite a while back in https://git

Bug report

https://github.com/request/request-promise#deprecated

Describe the bug

I just noticed that the oauth package relies on request (or request promise) which is no longer maintained.

"@accounts/oauth@^0.24.0":
  version "0.24.0"
  resolved "https://registry.yarnpkg.com/@accounts/oauth/-/oauth-0.24.0.tgz#e9968428688f5820d8e0242bd47d97a4e5a23877"
  integrity sha512-rcF8wzR