File tree Expand file tree Collapse file tree 2 files changed +16
-2
lines changed
Expand file tree Collapse file tree 2 files changed +16
-2
lines changed Original file line number Diff line number Diff line change @@ -12,12 +12,19 @@ Performs Authorization Server Metadata discovery and returns a
1212[ Configuration] ( ../classes/Configuration.md ) with the discovered
1313[ Authorization Server] ( ../interfaces/ServerMetadata.md ) metadata.
1414
15- This is the RECOMMENDED method of client configuration.
15+ Passing the Authorization Server's Issuer Identifier to this method is the
16+ RECOMMENDED method of client configuration.
1617
1718This has the same effect as calling the [ Configuration] ( ../classes/Configuration.md ) constructor
1819except that the server metadata is discovered from its own Authorization
1920Server Metadata discovery document.
2021
22+ Note: This method also accepts a URL pointing directly to the Authorization
23+ Server's discovery document, doing so is merely a shorthand for using
24+ [ fetch] ( https://developer.mozilla.org/docs/Web/API/Window/fetch ) and passing the discovered JSON metadata (as
25+ [ ServerMetadata] ( ../interfaces/ServerMetadata.md ) ) into the [ Configuration] ( ../classes/Configuration.md ) constructor. Doing so is
26+ NOT RECOMMENDED as it disables the [ ServerMetadata.issuer] ( ../interfaces/ServerMetadata.md#issuer ) validation.
27+
2128## Parameters
2229
2330| Parameter | Type | Description |
Original file line number Diff line number Diff line change @@ -1050,12 +1050,19 @@ function handleB2Clogin(server: URL, options?: DiscoveryRequestOptions) {
10501050 * {@link Configuration} with the discovered
10511051 * {@link ServerMetadata Authorization Server} metadata.
10521052 *
1053- * This is the RECOMMENDED method of client configuration.
1053+ * Passing the Authorization Server's Issuer Identifier to this method is the
1054+ * RECOMMENDED method of client configuration.
10541055 *
10551056 * This has the same effect as calling the {@link Configuration} constructor
10561057 * except that the server metadata is discovered from its own Authorization
10571058 * Server Metadata discovery document.
10581059 *
1060+ * Note: This method also accepts a URL pointing directly to the Authorization
1061+ * Server's discovery document, doing so is merely a shorthand for using
1062+ * {@link !fetch} and passing the discovered JSON metadata (as
1063+ * {@link ServerMetadata}) into the {@link Configuration} constructor. Doing so is
1064+ * NOT RECOMMENDED as it disables the {@link ServerMetadata.issuer} validation.
1065+ *
10591066 * @param server URL representation of the Authorization Server's Issuer
10601067 * Identifier
10611068 * @param clientId Client Identifier at the Authorization Server
You can’t perform that action at this time.
0 commit comments