Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.- Log in or register to create an issue
- Advanced search
| Title | Status | Priority | Category | Version | Component | Replies |
Last updated |
Assigned to | Created |
|---|---|---|---|---|---|---|---|---|---|
| Implement JWKs (RFC 7517) and OAuth metadata (RFC 8414) | Needs work | Normal | Feature request | 6.0.x-dev | Code | 14 | 1 year 3 months | bradjones1 | 3 years 6 months |
| Exceptions should be sent as an oauth error with server_error, not left to core's exception subscriber | Active | Normal | Task | 5.2.x-dev | Code | 5 | 1 year 3 months | 1 year 3 months | |
| LogicException: leaked metadata was detected | Postponed (maintainer needs more info) | Normal | Bug report | 5.2.x-dev | Code | 9 | 1 year 3 months | 1 year 3 months | |
| JSON:API can't handle exceptions thrown by the authentication provider | Active | Normal | Bug report | 5.x-dev | Code | 7 | 1 year 3 months | 4 years 4 months | |
| Disallow login by role or rule | Active | Minor | Support request | 5.2.3 | Code | 2 | 1 year 3 months | 1 year 3 months | |
| Interface 'League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface' not found | Active | Normal | Bug report | 5.x-dev | Code | 7 | 1 year 3 months | 3 years 9 months | |
| Invoke the hook_user_login() after authentication | Needs work | Major | Task | 5.x-dev | Code | 15 | 1 year 3 months | 3 years 8 months | |
| [OAuth 2.1] Require clients to be configured with a redirect URI | Active | Normal | Bug report | 5.x-dev | Code | 9 | 1 year 3 months | 3 years 4 months | |
| Allow email authentification | Active | Normal | Feature request | 8.x-3.x-dev | Code | 9 | 1 year 4 months | Kgaut | 6 years 7 months |
| Content-type: application json not accepted with post method on get access token or refresh it | Postponed (maintainer needs more info) | Normal | Bug report | 6.0.0-alpha3 | Code | 7 | 1 year 4 months | 1 year 6 months | |
| Allow decoration of KeyGeneratorService | Needs review | Minor | Feature request | 6.0.x-dev | Code | 4 | 1 year 5 months | 4 years 6 months | |
| Add indexes to the oauth2_token table | Needs review | Normal | Task | 5.x-dev | Code | 7 | 1 year 5 months | 3 years 3 months | |
| Authorization endpoint should return error in case of missing response_type parameter | Needs work | Normal | Bug report | 5.2.x-dev | Code | 9 | 1 year 5 months | 2 years 9 months | |
| [PP-1] Provide automated key rotation | Postponed | Normal | Feature request | 6.0.x-dev | Code | 9 | 1 year 6 months | 5 years 1 week | |
| Token Generation at User Profile gone? | Active | Major | Bug report | 5.2.0 | User interface | 2 | 1 year 6 months | 1 year 6 months | |
| Expand help text regarding how scopes and roles work | Needs review | Normal | Task | 5.x-dev | User interface | 3 | 1 year 8 months | 4 years 6 months | |
| Set `_format` to `json` on most routes | Needs work | Normal | Task | 5.2.x-dev | Code | 4 | 1 year 8 months | 1 year 8 months | |
| [PP-1] Compatibility with new EntityInterface::[get|set]OriginalDefaultRevision() | Postponed | Normal | Task | 5.2.x-dev | Code | 2 | 1 year 8 months | 1 year 8 months | |
| Support for the Key module | Needs work | Normal | Feature request | 6.0.x-dev | Code | 14 | 1 year 8 months | 3 years 11 months | |
| Not useful message: Deleted 0 expired tokens in cron. | Active | Normal | Bug report | 5.2.0 | Code | 2 | 1 year 9 months | 1 year 9 months | |
| [PP-1] PHP Fatal error: Class Drupal\simple_oauth\Authentication\TokenAuthUser contains 1 abstract method | Postponed | Normal | Bug report | 5.2.0 | Code | 8 | 1 year 9 months | 2 years 6 months | |
| Add consumer cache context | Needs review | Normal | Feature request | 5.2.x-dev | Code | 4 | 1 year 10 months | 1 year 10 months | |
| Revoke token on user_logout() | Needs work | Normal | Bug report | 5.2.x-dev | Code | 4 | 2 years 2 days | 2 years 1 week | |
| [PP-1] Introspection/debug response should be conform OAuth2 specs | Postponed | Normal | Feature request | 6.0.x-dev | Code | 6 | 2 years 2 days | 2 years 2 months | |
| Move to thephpleague/oauth2-server 9.0 | Active | Normal | Plan | 6.0.x-dev | Code | 1 | 2 years 2 days | 2 years 2 days | |
| Implement nonce in OIDC | Needs work | Normal | Bug report | 5.x-dev | OpenID Connect | 19 | 2 years 2 weeks | 3 years 5 months | |
| [PP-1] Can't add non-URL redirect URI on client config form | Postponed | Normal | Task | 5.2.x-dev | Code | 7 | 2 years 3 weeks | 3 years 4 months | |
| Use relative path for keys | Needs review | Normal | Feature request | 5.2.x-dev | Code | 7 | 2 years 3 weeks | phoang | 2 years 3 weeks |
| Support generating static scopes via Drupal console or drush | Active | Normal | Feature request | 6.0.x-dev | Code | 1 | 2 years 1 month | 2 years 1 month | |
| Tokens for nonexistent users incorrectly throw uncaught Invalid Client errors | Active | Normal | Bug report | 5.2.x-dev | Code | 2 | 2 years 1 month | 2 years 1 month | |
| Add OpenAPI support for Access Token Creation | Needs review | Normal | Feature request | 5.2.x-dev | Documentation | 3 | 2 years 2 months | z3cka | 2 years 2 months |
| Setting to disable OIDC only really disables userinfo, JWKS endpoints | Active | Normal | Bug report | 5.2.x-dev | OpenID Connect | 1 | 2 years 3 months | 2 years 3 months | |
| Add test coverage for OpenID Connect | Active | Normal | Task | 5.2.x-dev | OpenID Connect | 1 | 2 years 3 months | 2 years 3 months | |
| [META] OpenID Connect implementation maturity | Active | Normal | Plan | 5.2.x-dev | OpenID Connect | 1 | 2 years 3 months | 2 years 3 months | |
| Make the naming of the add button in the settings and clients tab consistent | Active | Normal | Feature request | 5.2.x-dev | User interface | 4 | 2 years 3 months | 3 years 4 months | |
| Code style cleanup & enable phpstan for static analysis in CI | Active | Normal | Task | 5.2.x-dev | Code | 1 | 2 years 3 months | 2 years 3 months | |
| Invalid argument for ScopeRepository::scopeFactory() | Postponed (maintainer needs more info) | Major | Bug report | 5.2.x-dev | Code | 7 | 2 years 3 months | BR0kEN | 5 years 2 months |
| Map event subscribers to League OAuth2 auth server events | Active | Normal | Feature request | 5.2.x-dev | Code | 5 | 2 years 3 months | 2 years 5 months | |
| Use UnauthorizedHttpException over HttpException | Active | Normal | Feature request | 5.2.x-dev | Code | 2 | 2 years 3 months | 3 years 4 months | |
| Allow sharing OIDC public and private claims | Active | Normal | Feature request | 5.2.x-dev | Documentation | 2 | 2 years 3 months | 2 years 8 months | |
| Make the user authorization step optional for anonymous users if !is_third_party | Active | Minor | Feature request | 5.2.x-dev | Code | 6 | 2 years 3 months | 4 years 2 months | |
| Include client UUID in query string for login redirect | Needs work | Normal | Feature request | 5.2.x-dev | Code | 5 | 2 years 3 months | bradjones1 | 3 years 9 months |
| [BC break] Use user's UUID for jwt sub claim/token validation | Active | Normal | Task | 5.1.x-dev | Code | 2 | 2 years 3 months | 2 years 3 months | |
| BasicAuthSwap swapping basic credentials with client authorization data applied for bearer token. | Needs work | Normal | Task | 5.0.5 | Code | 4 | 2 years 3 months | 2 years 4 months | |
| [PP-1, League v9] Finalize scopes when issuing refresh tokens | Needs work | Normal | Bug report | 5.x-dev | Code | 7 | 2 years 3 months | 6 years 3 weeks | |
| Use RevocableTokenRepositoryTrait::getNew() in AccessTokenRepository | Active | Normal | Bug report | 5.x-dev | Code | 1 | 2 years 4 months | 2 years 4 months | |
| Convert [most?] browser tests to unit tests | Active | Minor | Task | 5.x-dev | Code | 1 | 2 years 4 months | 2 years 4 months | |
| Roadmap for Updated Dependencies | Active | Normal | Plan | 5.x-dev | Code | 12 | 2 years 4 months | 2 years 10 months | |
| Skip public/private key file validation if config is overriden | Needs review | Normal | Feature request | 5.x-dev | Code | 4 | 2 years 4 months | 3 years 2 months | |
| If file is not readable, you will get file doesnt exists. | Needs review | Normal | Bug report | 5.x-dev | Code | 5 | 2 years 4 months | 4 years 7 months |
Pages
Subscribe with RSS 
