From 4285a56d472229de5bf43d8ded25827ff924b279 Mon Sep 17 00:00:00 2001 From: OpenIddict Bot <32257313+openiddict-bot@users.noreply.github.com> Date: Sun, 27 Nov 2022 06:59:49 +0000 Subject: [PATCH] Update the documentation pages --- guides/contributing-a-new-web-provider.html | 16 +++++++++++++++- manifest.json | 2 +- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/guides/contributing-a-new-web-provider.html b/guides/contributing-a-new-web-provider.html index 6add3f5..33654b5 100644 --- a/guides/contributing-a-new-web-provider.html +++ b/guides/contributing-a-new-web-provider.html @@ -161,6 +161,19 @@ so the correct issuer to use is https://accounts.google.com/: the value given in the documentation or the base address of the server) and a <Configuration> node with the static configuration needed by the OpenIddict client to communicate with the remote authorization server. For instance: +
<Provider Name="Reddit">
+  <Environment Issuer="https://www.reddit.com/">
+    <Configuration AuthorizationEndpoint="https://www.reddit.com/api/v1/authorize"
+                   TokenEndpoint="https://www.reddit.com/api/v1/access_token"
+                   UserinfoEndpoint="https://oauth.reddit.com/api/v1/me">
+        <GrantType Value="authorization_code" />
+        <GrantType Value="refresh_token" />
+    </Configuration>
+  </Environment>
+</Provider>
+
Note

If the provider doesn't support grant_type=refresh_token and only supports the authorization code flow +(typically with non-expiring access tokens), the <GrantType> nodes MUST be removed for clarity, +as the authorization code flow is always considered supported by default if no <GrantType> is present:

<Provider Name="Reddit">
   <Environment Issuer="https://www.reddit.com/">
     <Configuration AuthorizationEndpoint="https://www.reddit.com/api/v1/authorize"
@@ -168,7 +181,8 @@ the OpenIddict client to communicate with the remote authorization server. For i
                    UserinfoEndpoint="https://oauth.reddit.com/api/v1/me" />
   </Environment>
 </Provider>
-
Caution

If the provider doesn't support server metadata but is known to support Proof Key for Code Exchange (PKCE), a <CodeChallengeMethod> node MUST +

+
Caution

If the provider doesn't support server metadata but is known to support Proof Key for Code Exchange (PKCE), a <CodeChallengeMethod> node MUST be added under <Configuration> to ensure the OpenIddict client will send appropriate code_challenge/code_challenge_method parameters:

<Provider Name="Fitbit">
   <Environment Issuer="https://www.fitbit.com/">
diff --git a/manifest.json b/manifest.json
index 8d8a2e4..7bffd09 100644
--- a/manifest.json
+++ b/manifest.json
@@ -1600,7 +1600,7 @@
       "output": {
         ".html": {
           "relative_path": "guides/contributing-a-new-web-provider.html",
-          "hash": "pjC3OIpW2IELs4joT+Gu1Q=="
+          "hash": "4ovCVYw3qFNm1e7Yi3eQNw=="
         }
       },
       "is_incremental": false,