From 988b728fb22bcdfd02f6dc89581f64e479c8f1e7 Mon Sep 17 00:00:00 2001 From: Andy Clayton Date: Thu, 16 Aug 2018 16:42:18 -0500 Subject: [PATCH] update docs for multiple response types per client --- docs/sections/accesstokens.rst | 2 +- docs/sections/relyingparties.rst | 9 +++++---- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/docs/sections/accesstokens.rst b/docs/sections/accesstokens.rst index 0472853..b6835db 100644 --- a/docs/sections/accesstokens.rst +++ b/docs/sections/accesstokens.rst @@ -10,7 +10,7 @@ Access tokens generally have a lifetime of only a couple of hours. You can use ` Obtaining an Access Token ========================= -Go to the admin site and create a confidential client with ``response_type = code`` and ``redirect_uri = http://example.org/``. +Go to the admin site and create a confidential client with ``response_types = code`` and ``redirect_uri = http://example.org/``. Open your browser and accept consent at:: diff --git a/docs/sections/relyingparties.rst b/docs/sections/relyingparties.rst index d99497a..3a3028c 100644 --- a/docs/sections/relyingparties.rst +++ b/docs/sections/relyingparties.rst @@ -19,8 +19,8 @@ Properties * ``client_type``: Values are ``confidential`` and ``public``. * ``client_id``: Client unique identifier. * ``client_secret``: Client secret for confidential applications. -* ``response_type``: Values depends of wich flow you want use. -* ``jwt_alg``: Clients can choose wich algorithm will be used to sign id_tokens. Values are ``HS256`` and ``RS256``. +* ``response_types``: The flows and associated ```response_type``` values that can be used by the client. +* ``jwt_alg``: Clients can choose which algorithm will be used to sign id_tokens. Values are ``HS256`` and ``RS256``. * ``date_created``: Date automatically added when created. * ``redirect_uris``: List of redirect URIs. * ``require_consent``: If checked, the Server will never ask for consent (only applies to confidential clients). @@ -58,8 +58,9 @@ Programmatically You can create a Client programmatically with Django shell ``python manage.py shell``:: - >>> from oidc_provider.models import Client - >>> c = Client(name='Some Client', client_id='123', client_secret='456', response_type='code', redirect_uris=['http://example.com/']) + >>> from oidc_provider.models import Client, ResponseType + >>> c = Client(name='Some Client', client_id='123', client_secret='456', redirect_uris=['http://example.com/']) >>> c.save() + >>> c.response_types.add(ResponseType.objects.get(value='code')) `Read more about client creation in the OAuth2 spec `_