Resource Owner Password fails with PE_FIRSTACCESS when using Auth::Choice
Concerned version
Version: 2.0.11
Summary
- Configure Auth::Choice
- Try to do an OAuth2 Resource Owner Password grant
- fails
Logs
[LLNG:654] [debug] Returned error: 9 (PE_FIRSTACCESS)
...
[LLNG:654] [warn] [anonymous] invalid_grant
Workaround
Using /oauth2/token?lmAuth=my_choice is a workaround, but not very user-friendly
Possible fixes
We should add an option in the choice module that lets administrators select which choice must be used in contexts such as Resource Owner Password Credential or /proxy/pwdConfirm
The option already exists: authChoiceAuthBasic, we simply should extend its purpose.