Closed urbanmarcen closed 7 months ago
yasudacloud
commented
7 months ago @urbanmarcen Hi, I see. If you don't mind, could you tell me a little more about your OIDC server?
I have no problem with adding a header, but I am not that familiar with OIDC and wanted to know what is going on. Of course, PR is welcome!
urbanmarcen
commented
7 months ago We are using the IdentityServer 4 (https://identityserver4.readthedocs.io/en/latest/endpoints/userinfo.html) as our OIDC. The link shows how the endpoint expects the access_token (Authorization: Bearer
The only difference between the plugin implementation and out modification is the API call that is made to the userinfo endpoint.
The plugin sends the access_token as a url parameter /userinfo?access_token=XXXXX We needed a GET: /userinfo with an additional request header: Authorization : Bearer XXXXX.
Therefor we added a config option that the access_token can be send in the header if you set the config option to true. And added a simple if.
urbanmarcen
commented
7 months ago Hi, I added a PR. Please review it and let me know if there are any questions.
yasudacloud
commented
7 months ago @urbanmarcen I checked the code and found no problems, so I merged it. We have released it to npm as version 0.4.1.
Thank you for your contribution to the plugin!
Hi, Thank you for the plugin. Because of some specifics of our OIDC server, we need a slight modification.
We changed the the /userinfo endpoint call to add the Authorization header. To enable this we added a new config option OIDC_USER_INFO_ENDPOINT_WITH_AUTH_HEADER that modifies the default /userinfo?access_token= call to include an Authorization header. I can make PR if there is any need for this addition.