diff options
Diffstat (limited to 'gn3/auth/authentication')
| -rw-r--r-- | gn3/auth/authentication/oauth2/models/oauth2client.py | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/gn3/auth/authentication/oauth2/models/oauth2client.py b/gn3/auth/authentication/oauth2/models/oauth2client.py index 2ee7858..efaff54 100644 --- a/gn3/auth/authentication/oauth2/models/oauth2client.py +++ b/gn3/auth/authentication/oauth2/models/oauth2client.py @@ -34,7 +34,15 @@ class OAuth2Client(NamedTuple): @property def client_type(self) -> str: - """Return the token endpoint authorisation method.""" + """ + Return the token endpoint authorisation method. + + Acceptable client types: + * public: Unable to use registered client secrets, e.g. browsers, apps + on mobile devices. + * confidential: able to securely authenticate with authorisation server + e.g. being able to keep their registered client secret safe. + """ return self.client_metadata.get("client_type", "public") def check_endpoint_auth_method(self, method: str, endpoint: str) -> bool: |