search

itpropro / nuxt-oidc-auth

OIDC (OpenID connect) focused auth module for Nuxt
https://nuxt.com/modules/nuxt-oidc-auth
MIT License
61 stars 11 forks source link

compatibility for older versions of keycloak #15

Closed raj-saroj-vst-au4 closed 3 months ago

raj-saroj-vst-au4 commented 3 months ago

On older versions of keycloak that are facing error: 500 Token request failed on browser & ERROR [nuxt-oidc-auth]: { error: 'RESTEASY003065: Cannot consume content type' } on console

Cause : improper request-form data generation & header content-type json

fix:

1) use of URLSearchParams() class for request form generation instead of FormData() class 2) content-type to be explicity defined as "application/x-www-form-urlencoded" in the headers

DallasHoff commented 3 months ago

This is the purpose of #12

raj-saroj-vst-au4 commented 3 months ago

https://github.com/itpropro/nuxt-oidc-auth/pull/12 was merged but its not reflected in npm, is it even published ?

raj-saroj-vst-au4 commented 3 months ago

after trying your commit, it works but its not able to refresh token on my version of keycloak ! urlsearchparams() works for both accesstoken and refresh token, despite default tokenaccesstype as form.

itpropro commented 3 months ago

It's not published yet, because the current implementation breaks some other providers. Currently. the content-type is already application/x-www-form-urlencoded when using the form format based on the FormData, which is the standard defined by the fetch spec. I will have to find a fix first to handle these special KeyCloak use cases without breaking the other providers, as explicitly defining content-type headers is not recommended and should be avoided if possible, which is why it breaks other providers. EDIT: It is currently no possible to use form-data due to a bug in ofetch and we have to rely on the native inference of fetch (https://github.com/unjs/ofetch/issues/37#issuecomment-1669678640) So for now, application/x-www-form-urlencoded and application/json will stay the only supported content-types, I will expriment with ofetch to see if I can get it to work with multipart/form-data as well, but I cannot promise anything.

itpropro commented 3 months ago

The library now relies on the inference of ofetch for the content-type, as nothing else is currently possible. The parameter form-urlencoded will hand over a URLSearchParams object and the form parameter a FormData object to ofetch.