AUTH SDK GET /token should be POST /token

sst / sst

Build full-stack apps on your own infrastructure.

https://sst.dev

MIT License

22.11k stars 1.68k forks source link

AUTH SDK GET /token should be POST /token #4742

Open TheKnightCoder opened 7 months ago

TheKnightCoder commented 7 months ago

https://github.com/sst/ion/blob/72fab0f5805e09c673cf781a4e5e2dc24fbd4750/sdk/js/src/auth/handler.ts#L226C3-L226C35

The /token endpoint should be POST not GET as it has body form data

Also if (payload.client_id !== form.get("client_id")) { will fail because in app.use("/:provider/authorize", client_id is not added to the options.cookie

thdxr commented 7 months ago

this is correct - do you mind making a PR for this? no worries if you're busy i can look at it when we launch auth officially (next few weeks)

TheKnightCoder commented 7 months ago

yep PR is here sst/ion#310