- πΊπΈUnited States m.stenta
Bumping this to 3.x - but it may need to be updated/closed if the Simple OAuth v6 upgrade affects it.
simple_oauth comes with a "Grant OAuth2 Codes" permission that restricts which users can complete the Authorization Code grant, which is the grant commonly used for integrating with 3rd party clients. By default there is no restriction on other grant types such as Password Credentials, though, so any User can use the Password Credentials grant on any client.
As we've diagnosed in https://www.drupal.org/project/farm/issues/3167752 β , there is an issue where an OAuth Client might need more permissions than the Users that authorize the client. Thus, there is a need for granular permissions that enable users to authorize individual OAuth Clients (Consumers) with any grant type (I don't think we need separate permissions for each grant type).
Not only would this solve the "set of permissions for granting certain permissions" issue, it would also allow general configuration of which users interact with 1st & 3rd party clients. For example, only users with "authorize farm_client consumers" would be able to use farmOS Field Kit.
Active
3.0
API
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
Bumping this to 3.x - but it may need to be updated/closed if the Simple OAuth v6 upgrade affects it.