[GitHub] [nifi] MikeThomsen commented on a diff in pull request #6782: NIFI-10456: Add client authentication strategy option to OAuth2 provider

[GitBox <gi...@apache.org>]

MikeThomsen commented on code in PR #6782:
URL: https://github.com/apache/nifi/pull/6782#discussion_r1051411431


##########
nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/src/main/java/org/apache/nifi/oauth2/StandardOauth2AccessTokenProvider.java:
##########
@@ -69,6 +71,27 @@ public class StandardOauth2AccessTokenProvider extends AbstractControllerService
         .expressionLanguageSupported(ExpressionLanguageScope.VARIABLE_REGISTRY)
         .build();
 
+    public static AllowableValue BASIC_AUTHENTICATION = new AllowableValue(
+        "basic",
+        "Basic Authentication",
+        "Send client authentication as HTTP Basic authentication"
+    );
+
+    public static AllowableValue REQUEST_BODY = new AllowableValue(
+        "request_body",
+        "Request Body",
+        "Send client authentication in request body. Note: users should prefer Basic Authentication unless authorization server does not support it."
+    );
+
+    public static final PropertyDescriptor CLIENT_AUTHENTICATION_STRATEGY = new PropertyDescriptor.Builder()
+        .name("client-authentication-strategy")
+        .displayName("Client Authentication Strategy")
+        .description("Authentication strategy to use for client authentication.")

Review Comment:
   A little awkward in the wording. Should be something like `Strategy for authenticating the client against the OAuth2 token provider service`.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@nifi.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org