But internal.code_verifier it reset with each request and there is no way to set it before a request. How should I properly access this value so I can save it to say a local http only cookie or in the session object so that when my /callback route is called I pass as part of the arguments to performTokenRequest ?
FWIW you can call toJSON() and it sets a different value to internal.code_verifier each time. Is that on purpose?
Not sure what a propery workflow is here.
I have two routes
/login/openid
/login/openid/callback
Before I call
performAuthorizationRequest
the request object doesn't have anything set forinternal.code_verifier
.If I do this
let json = await authRequest.toJSON()
it calls this https://github.com/openid/AppAuth-JS/blob/cf6bb68dfe630c5d5f415bdcc76ea2581f041d8f/src/authorization_request.ts#L79 and sets theinternal.code_verifier
value.Makes sense right?
But
internal.code_verifier
it reset with each request and there is no way to set it before a request. How should I properly access this value so I can save it to say a local http only cookie or in the session object so that when my /callback route is called I pass as part of the arguments toperformTokenRequest
?FWIW you can call
toJSON()
and it sets a different value tointernal.code_verifier
each time. Is that on purpose?