Adding additional query params breaks the client id

bhubr / react-simple-oauth2-login

Simple React component for OAuth2 login - Supports Authorization Code and Implicit Grant flows.

MIT License

49 stars 31 forks source link

Adding additional query params breaks the client id #39

Closed jshthornton closed 3 years ago

jshthornton commented 3 years ago

Google's authorization url let's you supply an additional query param of ?prompt=consent to force users to have to reauth every time.

If you supply that in the authorization url as such https://accounts.google.com/o/oauth2/v2/auth?prompt=consent then the client id is not appended and Google rejects with a malformed url error.

This can be bypassed by forcefully inserting the client id in the authorization url.

bhubr commented 3 years ago

@all-contributors please add @jshthornton for code

allcontributors[bot] commented 3 years ago

@bhubr

I've put up a pull request to add @jshthornton! :tada: