nebular icon indicating copy to clipboard operation
nebular copied to clipboard

Published 20 hours ago verified publisher icon akveo

casdoor need sent client_secret when get access-token

Open huiwenhan opened this issue 1 year ago • 1 comments

Issue type

I'm submitting a ... (check one with "x")

  • [x ] bug report
  • [ ] feature request

Issue description

Request URL: http://localhost:7001/api/login/oauth/access_token Request Method: POST Status Code: 401 Unauthorized Remote Address: 127.0.0.1:7001 Referrer Policy: strict-origin-when-cross-origin HTTP/1.1 401 Unauthorized X-Powered-By: Express Access-Control-Allow-Origin: * Access-Control-Allow-Methods: * Access-Control-Allow-Headers: * content-length: 82 content-type: application/json; charset=utf-8 server: beegoServer:1.12.3 set-cookie: casdoor_session_id=bb2b09747b6ffbb0ef0746df7689c32f; Path=/; Expires=Fri, 19 May 2023 13:45:14 GMT; Max-Age=2592000; HttpOnly www-authenticate: Basic realm="OAuth2" date: Wed, 19 Apr 2023 13:45:14 GMT connection: close Vary: Accept-Encoding

Current behavior:

payload : grant_type:authorization_code code:e7332a1942219fb440f2 client_id:debecd65e6be1de0d838

response : { "error": "invalid_client", "error_description": "client_secret is invalid" }

Expected behavior:

payload : grant_type:authorization_code code:e7332a1942219fb440f2 client_id:debecd65e6be1de0d838 client_secret:xxxxxxxxxxx

Steps to reproduce:

Related code:

export class Oauth2CallbackComponent implements OnDestroy  {

  private destroy$ = new Subject<void>();

  constructor(private authService: NbAuthService, private router: Router) {
    this.authService.authenticate('casdoor')
      .pipe(takeUntil(this.destroy$))
      .subscribe((authResult: NbAuthResult) => {
        if (authResult.isSuccess() && authResult.getRedirect()) {

          this.router.navigateByUrl(authResult.getRedirect());
        }

      });
  }

  ngOnDestroy(): void {
    this.destroy$.next();
    this.destroy$.complete();
  }

}

Other information:

npm, node, OS, Browser

<!--
Node, npm: `node --version` and `npm --version`
OS: Windows (7/8/10). Linux (incl. distribution). macOS (El Capitan? Sierra?)
Browser: Chrome/Safari/Firefox/etc?
-->

Angular, Nebular

<!--
Check your `package-lock.json` or locate a `package.json` in the `node_modules` folder.
-->

huiwenhan avatar Apr 19 '23 13:04 huiwenhan

Fixed :

add: clientAuthMethod:NbOAuth2ClientAuthMethod.REQUEST_BODY,

huiwenhan avatar Apr 19 '23 14:04 huiwenhan