Conversation
NathaelB
deleted the
612-incorrect-client-secret-validation-logic-in-password-grant
branch
NathaelB
pushed a commit
that referenced
this pull request
Jan 16, 2026
* Fix: only validate client secret for non-public clients * Fix: Simplify client secret validation logic
NathaelB
added a commit
that referenced
this pull request
Jan 16, 2026
* feat: add ThemeProvider and user theme menu (#651) * feat: invalid id token field instead embedded into access token (#652) * feat: refactor token generation and support id_token Add a new `IdTokenClaims` struct and a `TokenClaims` trait to abstract over different token claim types. Modify `create_jwt` to optionally generate an ID token if the `openid` scope is present. Update `JwtToken` to accommodate an optional ID token. * fix: refactor token creation to include ID token * fix: return service account not found exception when service account not found (#611) (#631) * fix: only validate client secret for non-public clients (#657) * Fix: only validate client secret for non-public clients * Fix: Simplify client secret validation logic --------- Co-authored-by: Luis Daniel RUBIERA <[email protected]> Co-authored-by: Joris VILARDELL <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request updates the authentication logic to better handle public clients and client secret validation. The main change ensures that public clients are not required to provide a client secret, and secret validation is performed only for non-public clients.
Authentication logic improvements:
core/src/domain/authentication/services.rsso that public clients are not required to provide a client secret, and secret validation is now conditional on the client not being public.