search

AnWeber / vscode-httpyac

Quickly and easily send REST, Soap, GraphQL, GRPC, MQTT and WebSocket requests directly within Visual Studio Code
https://marketplace.visualstudio.com/items?itemName=anweber.vscode-httpyac
MIT License
222 stars 20 forks source link

OAuth2 / OpenID Connect - Error #240

Closed bohni closed 7 months ago

bohni commented 7 months ago

I have an oAuth2 server whose responses do not contain the attribute expires_in.

When using OAuth2 / OpenID Connect, the requests and responses of the necessary token request are shown in a VS Code window, but the request under test does not get executed.

In Access Token Response the attribute expires_in is marked as recommended, not as required.

Does the feature "OAuth2 / OpenID Connect" rely on that attribute?

Those tokens themself have their expiration time included. To get that value, jwd decode could be used.

Edit:

I did a simple test with a hard coded response of that server and a simple Spring Boot App. If the expires_in attribute is present, the request under test runs as expected.

AnWeber commented 7 months ago

Do you use deviceCodeFlow? There may be an issue, when property is not set (https://github.com/AnWeber/httpyac/blob/8feaa0aff2f47de3dda831495868f1983c2e2689/src/plugins/oauth2/flow/deviceCodeFlow.ts#L44).

There is a second one, which affects all oauth2 flows. The response is ignored in isAuthResponse if expires_in is not defined (https://github.com/AnWeber/httpyac/blob/main/src/plugins/oauth2/flow/requestOpenIdInformation.ts#L84)

AnWeber commented 7 months ago

fixed with v6.10.0

bohni commented 7 months ago

Wow, that was fast. And it works. Thank you!