Support OAuth Password Grant

Created on 14 August 2024, 5 months ago

Problem/Motivation

We currently only support the client_credentials grant for OAuth. The simple OAuth module deprecated the password grant, but a re-implementation with sizable usage exists: https://www.drupal.org/project/simple_oauth_password_grant β†’

Adding support for this could address some common use cases, including some requests from the community.

Proposed resolution

Introduce a grant_type option for OAuth authentication. We should make this optional and default to 'client_credentials' for backwards compatibility.

From the password grant module page:

You can then obtain an access token by requesting it with the following payload:

{
"grant_type": "password",
"client_id": "__your-client-id__",
"client_secret": "__your-client-secret__",
"username": "drupal_username_or_email",
"password": "drupal_password"
}

Once we get a token, we should handle it the same way we do for tokens from the client_credentials grant.

Remaining tasks

* Implement changes.
* Update tests
* Update docs

API changes

Introduces an optional 'grant type' for OAuth authentication.

✨ Feature request
Status

Active

Component

Code

Created by

πŸ‡ΊπŸ‡ΈUnited States brianperry

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

Production build 0.71.5 2024