AUTH SDK GET /token should be POST /token

sst / ion

❍ — a new engine for SST

https://ion.sst.dev

MIT License

1.19k stars 149 forks source link

AUTH SDK GET /token should be POST /token #277

Open TheKnightCoder opened 3 months ago

TheKnightCoder commented 3 months ago

https://github.com/sst/ion/blob/72fab0f5805e09c673cf781a4e5e2dc24fbd4750/sdk/js/src/auth/handler.ts#L226C3-L226C35

The /token endpoint should be POST not GET as it has body form data

Also if (payload.client_id !== form.get("client_id")) { will fail because in app.use("/:provider/authorize", client_id is not added to the options.cookie

thdxr commented 3 months ago

this is correct - do you mind making a PR for this? no worries if you're busy i can look at it when we launch auth officially (next few weeks)

TheKnightCoder commented 3 months ago

yep PR is here #310