tsai
/
openiddict-core
mirror of https://github.com/openiddict/openiddict-core.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Update the XML documentation to discourage using the implicit flow and the resource owner password credentials grant

pull/2435/head
Kévin Chalet 4 weeks ago
parent
a37538ea4c
commit
2a6169d4c8
2 changed files with 20 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 10
      src/OpenIddict.Client/OpenIddictClientBuilder.cs
  2. 10
      src/OpenIddict.Server/OpenIddictServerBuilder.cs

10
src/OpenIddict.Client/OpenIddictClientBuilder.cs
View File

@ -982,6 +982,11 @@ public sealed class OpenIddictClientBuilder
/// https://tools.ietf.org/html/rfc6749#section-4.2 and
/// http://openid.net/specs/openid-connect-core-1_0.html#ImplicitFlowAuth.
/// </summary>
/// <remarks>
/// Note: the implicit flow is not recommended for new applications due to
/// its inherent limitations and should only be used in legacy scenarios.
/// When possible, consider using the authorization code flow instead.
/// </remarks>
/// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
public OpenIddictClientBuilder AllowImplicitFlow()
=> Configure(options =>
@ -1013,6 +1018,11 @@ public sealed class OpenIddictClientBuilder
/// Enables password flow support. For more information about this specific
/// OAuth 2.0 flow, visit https://tools.ietf.org/html/rfc6749#section-4.3.
/// </summary>
/// <remarks>
/// Note: the password flow is not recommended for new applications due to its
/// inherent limitations and should only be used in legacy scenarios. When possible,
/// consider using an interactive user flow like the authorization code flow instead.
/// </remarks>
/// <returns>The <see cref="OpenIddictClientBuilder"/> instance.</returns>
public OpenIddictClientBuilder AllowPasswordFlow()
=> Configure(options => options.GrantTypes.Add(GrantTypes.Password));

10
src/OpenIddict.Server/OpenIddictServerBuilder.cs
View File

@ -955,6 +955,11 @@ public sealed class OpenIddictServerBuilder
/// https://tools.ietf.org/html/rfc6749#section-4.2 and
/// http://openid.net/specs/openid-connect-core-1_0.html#ImplicitFlowAuth.
/// </summary>
/// <remarks>
/// Note: the implicit flow is not recommended for new applications due to
/// its inherent limitations and should only be used in legacy scenarios.
/// When possible, consider using the authorization code flow instead.
/// </remarks>
/// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
public OpenIddictServerBuilder AllowImplicitFlow()
=> Configure(options =>
@ -978,6 +983,11 @@ public sealed class OpenIddictServerBuilder
/// Enables password flow support. For more information about this specific
/// OAuth 2.0 flow, visit https://tools.ietf.org/html/rfc6749#section-4.3.
/// </summary>
/// <remarks>
/// Note: the password flow is not recommended for new applications due to its
/// inherent limitations and should only be used in legacy scenarios. When possible,
/// consider using an interactive user flow like the authorization code flow instead.
/// </remarks>
/// <returns>The <see cref="OpenIddictServerBuilder"/> instance.</returns>
public OpenIddictServerBuilder AllowPasswordFlow()
=> Configure(options => options.GrantTypes.Add(GrantTypes.Password));

Write Preview
Loading…
Cancel
Save