Closed ryzhman closed 4 years ago
1) use a method for executing arbitrary token endpoint grant calls. callback()
is for, well, callback based flows.
2) i don't follow.
If you found this helpful, please consider supporting the library if it turns out to provide value to you or your company. Supporting the library means, amongst other things, that such support will be available in the future.
@panva thanks for your response. grant
worked perfectly.
Is there any way to keep the client_credentials
encapsulated in the client
instance and avoid manual construction of the body for the grant
request?
You’re just providing the grant type and its required body payload. I don’t feel like there’s need for further encapsulation for these simple grants.
@panva One more question regarding obtaining the token set based on the authentication code: I use the implicit/hybrid flow and after the login, IdP sends back the access and id tokens with authCode (nonce is stored on IdP). But down the road, I need a refresh token so I do request a new token set via /token in Postman (with client _secret/id, code, grant_type = authorization_code, and original redirecturl). However, when I do a request from the OIDC-client I get an error with nonce validation (expected ... get ...). How can I pass it explicitly to the IdP with callback() call? Adding new property to the params didn't work out
How can I pass it explicitly to the IdP with callback() call? Adding new property to the params didn't work out
You don't pass the nonce back to the IdP in the callback() call, you assert that the nonce you sent in initially is in the ID Token returned. Please read the callback method's docs. There's a whole argument object for these checks where nonce
is called out.
I am implementing the OIDC flow for the first time for my app and would like to use your library as a plug and play. But have a few questions related to two flows I am going to implement:
Client_credentials
grant_type based on POST request to/connect/token
IdP's endpoint. I can get the auth request working from another HTTP client, but in NodeJS nothing is returned and no logs are present. TheredirectParams
are empty since the tokenSet is passed back in the body. Here is the code for issuer:and callback:
Something seems to be missing and would be grateful for your help
A bit more complex flow for
Client_credentials
grant_type;I would like to employ openid-client to make the initial one-way request to IdP and don't expect anything to return. What is the best way to do it?
Thanks for your time