Another quick update.

I’ve just updated the (somewhat experimental) Known OAuth2 client to be able to support OpenID connect (OIDC).

What this means is that the client will now be able to authenticate against any identity provider that supports OpenID Connect.

This has been tested and works (as part of my work on my day job) with Keycloak, but it should work with pretty much anything else that supports OIDC.

Hope this is useful to you!

» Visit the project on Github...

Just a quick one, you’ve been coding up your REST api, and are trying to use a Bearer authorization token (as obtained from an OAuth2 handshake), and it’s just not working.

If you send your access token as a GET or POST value things work fine however.

You point your head at httpbin.org and to see what your client is sending, and low and behold, the bearer token is present and correct.

You scratch your head and dump the contents of $_SERVER to a log, and to your surprise, nothing. No Authorization header is present!

To save you many a frustrating hour, here’s the answer. Turns out that Apache will strip any authorisation header it doesn’t recognise, which is basically anything that’s not basic auth.

So, you need to put it back in yourself. Do so by putting the following into your .htaccess

So, here’s a plugin that implements a basic Known to Known cross poster, which uses the Known API authenticated with OAuth2 using my OAuth2 server.

This post will let you link an account on one Known server with an account on another Known server, and allow you to crosspost status and text posts from one to the other.

Primarily this is a demo of OAuth together with the Known API, but it might be handy if you have, say, a corporate blog but still want to post to it from your main site.

Pull it apart, play with the OAuth and see how I talk to the API!

» Visit the project on Github...