authlib icon indicating copy to clipboard operation
authlib copied to clipboard
verified publisher icon lepture

Add support for RFC9728 : OAuth 2.0 Protected Resource Metadata

Open yannj-fr opened this issue 6 months ago • 5 comments

DO NOT SEND ANY SECURITY FIX HERE. Please read "Security Reporting" section on README.

What kind of change does this PR introduce? (check at least one)

  • [ ] Bugfix
  • [x] Feature
  • [ ] Code style update
  • [ ] Refactor
  • [ ] Other, please describe:

Does this PR introduce a breaking change? (check one)

  • [ ] Yes
  • [x] No

If yes, please describe the impact and migration path for existing applications:

(If no, please delete the above question and this text message.)

  • [x] You consent that the copyright of your pull request source code belongs to Authlib's author.

yannj-fr avatar Aug 02 '25 11:08 yannj-fr

Hi. Thank you for your contribution. I'll look more in depth in the spec and provide a review in the coming days/weeks. In the meantime, please consider adding unit tests and documentation.

azmeuk avatar Aug 02 '25 12:08 azmeuk

added the unit tests and documentation added support for internationalization of parameters

yannj-fr avatar Aug 02 '25 21:08 yannj-fr

let me cover additional implementation

yannj-fr avatar Aug 06 '25 10:08 yannj-fr

Ok :pray: Please stick to signed_metadata, protected_resources and WWW-Authenticate. I would like to put more thoughts on the other topics before it gets implemented.

azmeuk avatar Aug 06 '25 11:08 azmeuk

Quality Gate Failed Quality Gate failed

Failed conditions
2 Security Hotspots
3.8% Duplication on New Code (required ≤ 3%)

See analysis details on SonarQube Cloud

sonarqubecloud[bot] avatar Aug 08 '25 04:08 sonarqubecloud[bot]