Larry McCay created KNOX-3142:
---------------------------------
Summary: Add support for client credentials flow to use HTTP Basic
Key: KNOX-3142
URL: https://issues.apache.org/jira/browse/KNOX-3142
Project: Apache Knox
Issue Type: Improvement
Components: Server
Reporter: Larry McCay
Assignee: Larry McCay
Fix For: 2.2.0
We currently expect client_id and client_secret for OAuth client credentials
flow to be provided as part of the request body.
It turns out that they are often and sometimes by default provided as HTTP
Basic credentials by OIDC clients such as the quarkus.oidc-client extension.
The JWTProvider which is where we support these credentials currently only
supports Passcode and Token as the username and the respective token as the
password.
We need to open this up to client credentials flow by checking if it isn't one
of those two that the grant_type=client_credentials is provided in the request
body.
At this time, we are able to configure that specific client to use a "post"
method which puts them in the request body as we expect but we should close
this gap.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
