search

damienbod / angular-auth-oidc-client

npm package for OpenID Connect, OAuth Code Flow with PKCE, Refresh tokens, Implicit Flow
https://www.npmjs.com/package/angular-auth-oidc-client
MIT License
1.15k stars 433 forks source link

Audience list does not work #138

Closed feargear closed 6 years ago

feargear commented 6 years ago

We were using angular-auth-oidc-client v1.3.14 and decided to update to the latest client. Our identity server (wso2is) returns a list of clientid:s in the id_token's aud property. However, the new version of the angular oidc client seems to compare the list directly with a string. I noticed that the ts code is like this

if ((dataIdToken.aud as string) !== (aud as string)) { this.oidcSecurityCommon.logDebug( 'Validate_id_token_aud failed, dataIdToken.aud: ' + dataIdToken.aud + ' client_id:' + aud ); return false; }

But this gets transpiled to:

if (((dataIdToken.aud)) !== ((aud))) { this.oidcSecurityCommon.logDebug('Validate_id_token_aud failed, dataIdToken.aud: ' + dataIdToken.aud + ' client_id:' + aud ); return false; }

In the old version this worked because they were compared with the value equal operator, but now it broke our app.

damienbod commented 6 years ago

OK, I will support a array again. We updated to strict Typescript, incorrectly. I will add support for arrays again. Will fix this in the next couple of days. Thanks for reporting

Greetings Damien

damienbod commented 6 years ago

Now supports an array of strings of any object.

Will release this weekend, just need to fix a test first

damienbod commented 6 years ago

fixed in 3.0.9