Skip to content

Commit 0a00b3c

Browse files
brockallenbrockallen
committed
fix basic auth PR to keep params in post boady and also pass basic auth on refresh token renewal
1 parent deed90c commit 0a00b3c

File tree

2 files changed

+18
-12
lines changed

2 files changed

+18
-12
lines changed

src/TokenClient.js

Lines changed: 17 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -20,14 +20,12 @@ export class TokenClient {
2020
exchangeCode(args = {}) {
2121
args = Object.assign({}, args);
2222

23-
var basicAuth = undefined;
24-
var urlQuery = "";
25-
2623
args.grant_type = args.grant_type || "authorization_code";
2724
args.client_id = args.client_id || this._settings.client_id;
2825
args.client_secret = args.client_secret || this._settings.client_secret;
2926
args.redirect_uri = args.redirect_uri || this._settings.redirect_uri;
3027

28+
var basicAuth = undefined;
3129
var client_authentication = args._client_authentication || this._settings._client_authentication;
3230
delete args._client_authentication;
3331

@@ -52,21 +50,17 @@ export class TokenClient {
5250
return Promise.reject(new Error("A client_secret is required"));
5351
}
5452

55-
5653
// Sending the client credentials using the Basic Auth method
5754
if(client_authentication == "client_secret_basic")
5855
{
5956
basicAuth = args.client_id + ':' + args.client_secret;
60-
urlQuery = "?grant_type=" + encodeURIComponent(args.grant_type) +
61-
"&redirect_uri="+ encodeURIComponent(args.redirect_uri) +
62-
"&code="+ encodeURIComponent(args.code);
63-
64-
args = {};
57+
delete args.client_id;
58+
delete args.client_secret;
6559
}
6660

6761
return this._metadataService.getTokenEndpoint(false).then(url => {
6862
Log.debug("TokenClient.exchangeCode: Received token endpoint");
69-
return this._jsonService.postForm(url + urlQuery, args, basicAuth).then(response => {
63+
return this._jsonService.postForm(url, args, basicAuth).then(response => {
7064
Log.debug("TokenClient.exchangeCode: response received");
7165
return response;
7266
});
@@ -80,6 +74,10 @@ export class TokenClient {
8074
args.client_id = args.client_id || this._settings.client_id;
8175
args.client_secret = args.client_secret || this._settings.client_secret;
8276

77+
var basicAuth = undefined;
78+
var client_authentication = args._client_authentication || this._settings._client_authentication;
79+
delete args._client_authentication;
80+
8381
if (!args.refresh_token) {
8482
Log.error("TokenClient.exchangeRefreshToken: No refresh_token passed");
8583
return Promise.reject(new Error("A refresh_token is required"));
@@ -89,10 +87,18 @@ export class TokenClient {
8987
return Promise.reject(new Error("A client_id is required"));
9088
}
9189

90+
// Sending the client credentials using the Basic Auth method
91+
if(client_authentication == "client_secret_basic")
92+
{
93+
basicAuth = args.client_id + ':' + args.client_secret;
94+
delete args.client_id;
95+
delete args.client_secret;
96+
}
97+
9298
return this._metadataService.getTokenEndpoint(false).then(url => {
9399
Log.debug("TokenClient.exchangeRefreshToken: Received token endpoint");
94100

95-
return this._jsonService.postForm(url, args).then(response => {
101+
return this._jsonService.postForm(url, args, basicAuth).then(response => {
96102
Log.debug("TokenClient.exchangeRefreshToken: response received");
97103
return response;
98104
});

src/UserManager.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -160,14 +160,14 @@ export class UserManager extends OidcClient {
160160
signinSilent(args = {}) {
161161
args = Object.assign({}, args);
162162

163-
args.request_type = "si:s";
164163
// first determine if we have a refresh token, or need to use iframe
165164
return this._loadUser().then(user => {
166165
if (user && user.refresh_token) {
167166
args.refresh_token = user.refresh_token;
168167
return this._useRefreshToken(args);
169168
}
170169
else {
170+
args.request_type = "si:s";
171171
args.id_token_hint = args.id_token_hint || (this.settings.includeIdTokenInSilentRenew && user && user.id_token);
172172
if (user && this._settings.validateSubOnSilentRenew) {
173173
Log.debug("UserManager.signinSilent, subject prior to silent renew: ", user.profile.sub);

0 commit comments

Comments
 (0)