import { ClientAuthMethod } from "https://deno.land/x/authlete_deno@v1.2.7/mod.ts";
Client authentication methods.
For more details, see OpenID Connect Core 1.0, 9. Client Authentication .
Static Properties
client_secret_basic
(1).
Clients that have received a client_secret
value from the
Authorization Server authenticate with the Authorization Server
in accordance with Section 3.2.1
of OAuth 2.0 [RFC6749] using
the HTTP Basic authentication scheme.
client_secret_jwt
(3).
Clients that have received a client_secret
value from the
Authorization Server create a JWT using an HMAC SHA algorithm,
such as HMAC SHA-256. The HMAC (Hash-based Message Authentication
Code) is calculated using the octets of the UTF-8 representation
of the client_secret
as the shared key.
The Client authenticates in accordance with JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants [OAuth.JWT] and Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants [OAuth.Assertions].
'client_secret_post' (2).
Clients that have received a client_secret
value from the
Authorization Server, authenticate with the Authorization Server
in accordance with Section 3.2.1
of OAuth 2.0 [RFC6749] by
including the Client Credentials in the request body.
none
(0).
The Client does not authenticate itself at the Token Endpoint, either because it uses only the Implicit Flow (and so does not use the Token Endpoint) or because it is a Public Client with no Client Secret or other authentication mechanism.
private_key_jwt
(4).
Clients that have registered a public key sign a JWT using that key. The Client authenticates in accordance with JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants [OAuth.JWT] and Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants [OAuth.Assertions].
self_signed_tls_client_auth
(6).
Clients authenticate with the Authorization Server using self-signed certificates as defined in "Mutual TLS Profiles for OAuth Clients".
tls_client_auth
(5).
Clients authenticate with the Authorization Server using X.509 certificates as defined in "Mutual TLS Profiles for OAuth Clients".