aboutsummaryrefslogtreecommitdiff
path: root/gn3/auth
diff options
context:
space:
mode:
Diffstat (limited to 'gn3/auth')
-rw-r--r--gn3/auth/authentication/oauth2/models/oauth2client.py10
1 files changed, 9 insertions, 1 deletions
diff --git a/gn3/auth/authentication/oauth2/models/oauth2client.py b/gn3/auth/authentication/oauth2/models/oauth2client.py
index 2ee7858..efaff54 100644
--- a/gn3/auth/authentication/oauth2/models/oauth2client.py
+++ b/gn3/auth/authentication/oauth2/models/oauth2client.py
@@ -34,7 +34,15 @@ class OAuth2Client(NamedTuple):
@property
def client_type(self) -> str:
- """Return the token endpoint authorisation method."""
+ """
+ Return the token endpoint authorisation method.
+
+ Acceptable client types:
+ * public: Unable to use registered client secrets, e.g. browsers, apps
+ on mobile devices.
+ * confidential: able to securely authenticate with authorisation server
+ e.g. being able to keep their registered client secret safe.
+ """
return self.client_metadata.get("client_type", "public")
def check_endpoint_auth_method(self, method: str, endpoint: str) -> bool: