Add support rfc7523 private_key_jwt in client credentials flow #450
Conversation
SmotrovaLilit
force-pushed
the
issue-433-add-support-rfc7523-client-credentials
branch
2 times, most recently
from
06ee726 to
56f9a0b
Compare
|
This PR (HEAD: 56f9a0b) has been imported to Gerrit for code review. Please visit https://go-review.googlesource.com/c/oauth2/+/264959 to see it. Tip: You can toggle comments from me using the |
|
Message from Go Bot: Patch Set 1: Congratulations on opening your first change. Thank you for your contribution! Next steps: Most changes in the Go project go through a few rounds of revision. This can be Please don’t reply on this GitHub thread. Visit golang.org/cl/264959. |
SmotrovaLilit
force-pushed
the
issue-433-add-support-rfc7523-client-credentials
branch
from
56f9a0b to
d4025d6
Compare
|
This PR (HEAD: d4025d6) has been imported to Gerrit for code review. Please visit https://go-review.googlesource.com/c/oauth2/+/264959 to see it. Tip: You can toggle comments from me using the |
|
@SmotrovaLilit thanks for adding this much needed feature. Any progress on getting this merged? I don't notice any code review on the Gerrit link yet... |
|
Hello. Nobody has started the code review yet. Could I do something to push forward the code review? Either should I wait for some time? |
|
If there's anything I can do to push forward the code review process I'll do that immediately. This is something that I was looking for! @SmotrovaLilit thanks for taking an initiative to proceed with adding this feature. |
|
AFAIK there are no active maintainers of this repository at the moment. Maybe @Sajmani knows? |
|
@dudududi maybe just the wrong people... @codyoss @ScruffyProdigy can you help to get this merged/reviewed? |
|
Message from Kamil Dudek: Patch Set 2: Code-Review+1 (1 comment) Please don’t reply on this GitHub thread. Visit golang.org/cl/264959. |
|
Message from Heschi Kreinick: Patch Set 2: (1 comment) Please don’t reply on this GitHub thread. Visit golang.org/cl/264959. |
|
Hi ! Seems like the code is ready, just need a code review or merge from @codyoss @ScruffyProdigy ? Thanks. |
|
I will try to take a look at this later this week. I need to go over the RFC. |
Hi cody, may I check how was it on your end? thank you very much. |
|
Any movement on this yet? |
|
@codyoss Is there anything somebody can do to accelerate the review process? |
|
Seems like the code is ready, @codyoss do you mind reviewing? thank you so much. |
|
The impression is sneaking into my mind, that either
|
|
Message from Kyle Lemons: Patch Set 2: (21 comments) Please don’t reply on this GitHub thread. Visit golang.org/cl/264959. |
|
first: thanks to Kyle Lemons |
|
Hey all, I would still like to help take a look at this sometime in the near future(most likely start Oct). It had fallen off my radar and other priorities have needed to take precedence. I generally work just in within the google subdir for this repo but would like to try to help get these changes moving. I still need to make some time to look over the RFC. Thank you for your patience. |
|
|
Message from Kyle Lemons: Patch Set 2: (1 comment) Please don’t reply on this GitHub thread. Visit golang.org/cl/264959. |
|
@greatvovan ... it might be, that I was overemphasizing (e.g. "crap") and I apologize - but nevertheless, it brought some kind of progression... ;) |
|
Message from Dmitriy Smotrov: Patch Set 2: (1 comment) Please don’t reply on this GitHub thread. Visit golang.org/cl/264959. |
Please do not assume my intentions. You have no idea why I thumbs down'd the comment, and you are not in a position to speculate. You also have no evidence that I haven't properly read a comment, nor that I have managed to forget its context in the time it took me to reach for the button. Perhaps I can correct your misunderstanding.
This is a strawman - google is one of if not the biggest corporate contributors to open source in the world. The way this reads is "oh yeah, leap that wall if you're so strong, bet you can't".
This is also a strawman. @diefans has no apparent knowledge of the inner workings of google, and again, this reads as being intentionally incorrect so as to rouse a response.
And yet more along the same lines, "or maybe the PR is crap" is posed in a seemingly ironic manner, followed by yet another strawman - google is not google for no reason. If there are only a few companies in the world with an employee that can communicate the flaws in a PR, one of those companies will be google. It seems like it's just trying to get a rise. All in all, @diefans' comment is incredibly childish, and serves absolutely no purpose on the PR. It doesn't further discussion in any way, either by @'ing relevant people who haven't seen an update, nor by "communicating flaws". Its tone in fact brings the rest of the PR down by association. It's an embarrassment. It is one of the worst comments I've seen on a PR in recent memory, and I read a lot of PRs in dumb projects. If I had the privelege, I would have deleted it. That's why I thumbs down'd it. |
|
@Asday (and this is my last comment, sorry) after 11 months of desperate begging for something, I decided (also in face of my actual project deliverables, constraints and pressures, etc.) to stop that pray. Fact is: this PR (and all its advocates) were starved to death since the beginning. I would be surprised, if @SmotrovaLilit is still invested. Here is a review of your post, which smells (after more than thirty years working with logic) quite inconsistent...
The purpose was to move it in an inconvenient way
I was looking up people with recent commits and involved them
hmmm.. I was asking to provide further information
which is proven now by yourself
...a friend was telling me something about this (why would such crazy things come up in my mind?)
I know this, that's why these 11 months of "silence" are so ridiculous and unaccountable to me
But it hasn't ... what "unable" means
the only "tone" in my comment rests in the word "crap", where everybody, connecting the dots (since I am begging for that "crap" and would buy it even as it is) must see that I am exaggerating. Isn't your tone worse - I mean you throwing around the same stuff, you accuse somebody else of:
I think you should apply your own rule to yourself, namely:
So I close this "Pandora's box" by quoting your own site:
|
|
May I please remind everyone here to be respectful make sure discussion is in line with our code of conduct Code of Conduct. Let's also try to keep discussion on topic of the PR itself. Thanks. |
SmotrovaLilit
changed the title
SmotrovaLilit
force-pushed
the
issue-433-add-support-rfc7523-client-credentials
branch
from
d4025d6 to
267a86f
Compare
|
This PR (HEAD: 267a86f) has been imported to Gerrit for code review. Please visit https://go-review.googlesource.com/c/oauth2/+/264959 to see it. Tip: You can toggle comments from me using the |
|
Message from Lilit Smotrova: Patch Set 3: (18 comments) Please don’t reply on this GitHub thread. Visit golang.org/cl/264959. |
|
Message from Lilit Smotrova: Patch Set 4: (1 comment) Please don’t reply on this GitHub thread. Visit golang.org/cl/264959. |
|
Message from Kamil Dudek: Patch Set 2: Code-Review+1 (1 comment) Please don’t reply on this GitHub thread. Visit golang.org/cl/264959. |
|
Message from Heschi Kreinick: Patch Set 2: (1 comment) Please don’t reply on this GitHub thread. Visit golang.org/cl/264959. |
|
Message from Kyle Lemons: Patch Set 2: (21 comments) Please don’t reply on this GitHub thread. Visit golang.org/cl/264959. |
|
Message from Kyle Lemons: Patch Set 2: (1 comment) Please don’t reply on this GitHub thread. Visit golang.org/cl/264959. |
|
Message from Dmitriy Smotrov: Patch Set 2: (1 comment) Please don’t reply on this GitHub thread. Visit golang.org/cl/264959. |
|
Message from Lilit Smotrova: Patch Set 3: (18 comments) Please don’t reply on this GitHub thread. Visit golang.org/cl/264959. |
|
Message from Lilit Smotrova: Patch Set 4: (1 comment) Please don’t reply on this GitHub thread. Visit golang.org/cl/264959. |
|
This is a very much appreciated feature. Is this close to get merged? @codyoss? |
|
This feature is highly anticipated for our identity management solutions, is there something that can be done to help move it along? |
|
Looks like this project is dead, but not – new PRs continue merge into it. Maybe @rsc could help with it? He is the author of latest commits in project and I don't know anyone else, who can help with it. |
SmotrovaLilit
force-pushed
the
issue-433-add-support-rfc7523-client-credentials
branch
from
267a86f to
1971a7d
Compare
|
Message from Dmitriy Smotrov: Patch Set 4: (1 comment) Please don’t reply on this GitHub thread. Visit golang.org/cl/264959. |
|
This PR (HEAD: 1971a7d) has been imported to Gerrit for code review. Please visit Gerrit at https://go-review.googlesource.com/c/oauth2/+/264959. Important tips:
|
Implement JSON Web Token Profile for OAuth 2.0 Client Authentication in client credentials flow. See https://tools.ietf.org/html/rfc7523 See https://openid.net/specs/openid-connect-core-1_0.html Fixes golang#433
SmotrovaLilit
force-pushed
the
issue-433-add-support-rfc7523-client-credentials
branch
from
1971a7d to
7b46ef7
Compare
|
This PR (HEAD: 7b46ef7) has been imported to Gerrit for code review. Please visit Gerrit at https://go-review.googlesource.com/c/oauth2/+/264959. Important tips:
|
Implement JSON Web Token Profile for OAuth 2.0 Client Authentication in client credentials flow.
See https://tools.ietf.org/html/rfc7523
See https://openid.net/specs/openid-connect-core-1_0.html
Fixes #433