From c843e14249be425e20dcb8cbb6653e49c22298de Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Fri, 20 Jan 2023 08:20:28 +0300
Subject: auth: Add development utils/tools

To avoid having to manually rebuild some default data for exploration of
concepts while developing the system, add a way to build up the test users and
oauth2 clients to use for testing.
---
 gn3/auth/authentication/oauth2/models/oauth2client.py | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'gn3/auth/authentication')

diff --git a/gn3/auth/authentication/oauth2/models/oauth2client.py b/gn3/auth/authentication/oauth2/models/oauth2client.py
index 2ee7858..efaff54 100644
--- a/gn3/auth/authentication/oauth2/models/oauth2client.py
+++ b/gn3/auth/authentication/oauth2/models/oauth2client.py
@@ -34,7 +34,15 @@ class OAuth2Client(NamedTuple):
 
     @property
     def client_type(self) -> str:
-        """Return the token endpoint authorisation method."""
+        """
+        Return the token endpoint authorisation method.
+
+        Acceptable client types:
+        * public: Unable to use registered client secrets, e.g. browsers, apps
+          on mobile devices.
+        * confidential: able to securely authenticate with authorisation server
+          e.g. being able to keep their registered client secret safe.
+        """
         return self.client_metadata.get("client_type", "public")
 
     def check_endpoint_auth_method(self, method: str, endpoint: str) -> bool:
-- 
cgit v1.2.3