00746ea636
The OpenID Connect specifies that all providers must return a JSON discovery document [1] in a well-known location. We can let the user pass this document instead of the individual endpoints (i.e. token and authorization endpoint). Moreover, we can also check if the requested grant_type (implicit to the used plugin, and one of client_credentials, password, authorization_code) is supported by the provider before starting the auth flow. [1] https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata Fixes-bug: #1583682 Change-Id: I24b7960b25ddcff45552c0ab5541d92122d1d560
1.1 KiB
1.1 KiB