Need to modify ath value in dpop payload - Githubissues

AxaFrance / oidc-client

Light, Secure, Pure Javascript OIDC (Open ID Connect) Client. We provide also a REACT wrapper (compatible NextJS, etc.).

MIT License

571 stars 152 forks source link

Need to modify ath value in dpop payload #1322

Closed bhargavmullakuru closed 3 months ago

bhargavmullakuru commented 3 months ago

Issue and Steps to Reproduce

@guillaume-chervet As per my server gateway, they need ath value divide by 2 in dpop jwt payload. if possible, can we have a extra param something like makeAthHalfInJWT divide by 2 (half) in configuration itself like below. From this code...

       const configuration = this.configuration;
        const claimsExtras = {ath: await base64urlOfHashOfASCIIEncodingAsync(accessToken),};

to...


        const configuration = this.configuration;
        const athValue= await base64urlOfHashOfASCIIEncodingAsync(accessToken);
        const claimsExtras = {ath: configuration?.makeAthHalfInJWT ?  athValue.slice(0, athValue.length / 2) : athValue ,};

If you want me to send custom ath value like below, i can send it as extra param to generateDemonstrationOfProofOfPossessionAsync method.

await oidc.generateDemonstrationOfProofOfPossessionAsync( accessToken, urlSplit[0], method, ath );

Thanks in Advance.

Versions

"@axa-fr/react-oidc": "^7.14.1"

Screenshots

Expected

Actual

Additional Details

Installed packages:

guillaume-chervet commented 3 months ago

hi @bhargavmullakuru , thank you for the issue. I'am not sure to understand why you need to devid it by 2 ? Do you have more details.

Are you using dpop inside service worker or whithout service worker?

bhargavmullakuru commented 3 months ago

@guillaume-chervet . I'm not using service worker in my configuration. From another gateway end they are checking dpop ath divide by 2.

guillaume-chervet commented 3 months ago

Hi @bhargavmullakuru , we may can add an extras parameter so you will be able to override defaut properties by your own one.

bhargavmullakuru commented 3 months ago

@guillaume-chervet .. any update on this fix for new extras parameter ? 😁

guillaume-chervet commented 3 months ago

I will try to do it today @bhargavmullakuru :)

bhargavmullakuru commented 3 months ago

Okay . Thanks for your time @guillaume-chervet

guillaume-chervet commented 3 months ago

I published v7.20.0-alpha.1393, but I'am not sure it will resolve your issue.

I pushed on main by mistake : https://github.com/AxaFrance/oidc-client/commit/c7793c9913128dbb82a60dff11261ca5b4749f0c But it is an alpha.

bhargavmullakuru commented 3 months ago

@guillaume-chervet Tried using that alpha, it was not accepting 4th parm. Image 01-01-1946 Saka at 11 44 AM

guillaume-chervet commented 3 months ago

Sorry @bhargavmullakuru , I have created/pulished a new alpha => https://github.com/AxaFrance/oidc-client/pull/1325

7.20.0-alpha.1394

guillaume-chervet commented 3 months ago

Any news @bhargavmullakuru ?

bhargavmullakuru commented 3 months ago

It was working with that alpha version and i'm able to pass custom keys. Let me know once it's merged to main release version. Thanks for your help @guillaume-chervet

guillaume-chervet commented 3 months ago

Thank you for your feedback @bhargavmullakuru , I released it :)

bhargavmullakuru commented 3 months ago

Thanks @guillaume-chervet