diff mod_http_oauth2/README.markdown @ 5465:66e13e79928b

mod_http_oauth2: Note about partial OpenID Discovery implementation Notably we don't have an JSON Web Key Set, since we use the client secret in the HS256 algorithm.
author Kim Alvefur <zash@zash.se>
date Wed, 17 May 2023 17:56:56 +0200
parents 2a11f590c5c8
children 1c78a97a1091
line wrap: on
line diff
--- a/mod_http_oauth2/README.markdown	Wed May 17 17:38:18 2023 +0200
+++ b/mod_http_oauth2/README.markdown	Wed May 17 17:56:56 2023 +0200
@@ -50,7 +50,7 @@
 - [RFC 7628: A Set of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth](https://www.rfc-editor.org/rfc/rfc7628)
 - [RFC 7636: Proof Key for Code Exchange by OAuth Public Clients](https://www.rfc-editor.org/rfc/rfc7636)
 - [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html)
-- [OpenID Connect Discovery 1.0](https://openid.net/specs/openid-connect-discovery-1_0.html)
+- [OpenID Connect Discovery 1.0](https://openid.net/specs/openid-connect-discovery-1_0.html) (_partial, e.g. missing JWKS_)
 - [OpenID Connect Dynamic Client Registration 1.0](https://openid.net/specs/openid-connect-registration-1_0.html) 
 
 ## Configuration