oidc-client
oidc-client copied to clipboard
AxaFrance
Bearer error on user info proxied request to ADFS
Issue and Steps to Reproduce
Receiving Bearer error invalid token on user info endpoint proxied request to Microsoft ADFS.
Versions
@axa-fr-react-oidc v6.0.0-alpha1 node 14.20.0
Screenshots
Additional Details
Using proxy due to organization's CORS policy. Authority configuration snippet:
const AUTH_CONFIG: AuthorityConfiguration = {
authorization_endpoint: `${CONFIG.OIDC_URL}/oauth2/authorize/`,
token_endpoint: `./proxy/proxy.ashx?${CONFIG.OIDC_URL}/oauth2/token/`,
userinfo_endpoint: `./proxy/proxy.ashx?${CONFIG.OIDC_URL}/userinfo`, // not working?
end_session_endpoint: `${CONFIG.OIDC_URL}/oauth2/Logout`,
revocation_endpoint: 'notimplented'
}
- Installed packages:
- @axa-fr-react-oidc
Hi @hagenderouen , do you have the possibility to test whithout your reverse proxy? It may come from your reverse proxy that does not follow the authorization header.
@guillaume-chervet Unfortunately, I cannot due to our organization's CORS policy. It works with @axa-fr/react-oidc-context v3.1.7 if that is helpful.
It is a good news. Do you have the request details from the v3? It may missed something in v4 and more.
I have added missing credential header on userinfo fetch. Does it fix something? In v6.0.0-alpha9
@guillaume-chervet Excellent. Please give me some time to test this in our project.
You may try the v6.0.0-beta2 instead of alpha9, I have fixed the fix :]
does it work for you?
@guillaume-chervet This was de-prioritized in our project. I will test in future iterations. Thank you for your prompt action.
Update. Receiving error: OidcServiceWorker.js:393 Uncaught Error: Domain ./proxy/proxy.ashx?https://login.tfs.tamu.edu/adfs/userinfo is not trusted, please add domain in TrustedDomains.js.
Installed packages: @axa-fr/react-oidc v6.9.2
Hi @hagenderouen , with the use of service worker, you need to configure all used domain in trusteddomain.js. It is a security need.