passport-openidconnect icon indicating copy to clipboard operation
passport-openidconnect copied to clipboard

Published 20 hours ago verified publisher icon jaredhanson

Issue with Authorization Code Flow

Open mliu0506 opened this issue 4 years ago • 2 comments

I'm using passport-openidconnet

File:/passport-openidconnect/lib/strategy.js Line: 79:25 AuthorizationError: Missing parameter, 'code_challenge'

Your package is pretty much there in supporting this workflow by defining the necessary additional parameters like e.g. nonce, code_challenge, code_challenge_method using the authorizationParams function. However, I haven't seen an option to extend the authentication request by similar means, e.g. with the necessary parameter code_verifier. Did I miss something? If not it would be great you could add a similar mechanism like the authorizationParams to the authentication request

Here is my detail error message: AuthorizationError: Missing parameter, 'code_challenge'

at Strategy.authenticate (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/passport-openidconnect/lib/strategy.js:79:25)
at attempt (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/passport/lib/middleware/authenticate.js:367:16)
at authenticate (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/passport/lib/middleware/authenticate.js:368:7)
at Layer.handle [as handle_request] (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/express/lib/router/layer.js:95:5)
at next (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/express/lib/router/route.js:137:13)
at Route.dispatch (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/express/lib/router/route.js:112:3)
at Layer.handle [as handle_request] (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/express/lib/router/layer.js:95:5)
at /Users/michael/Desktop/working/Gitlab/covid-more/node_modules/express/lib/router/index.js:281:22
at Function.process_params (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/express/lib/router/index.js:335:12)
at next (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/express/lib/router/index.js:275:10) {

code: 'invalid_request', uri: undefined, status: 500 }

mliu0506 avatar Dec 22 '20 14:12 mliu0506

Hi Any update on this ? Is there any alternate npm library to use openidconnect with PKCE supported?

saidheerajpaluvadi avatar May 24 '23 07:05 saidheerajpaluvadi

@saidheerajpaluvadi I use openid-client which has a strategy for PKCE flows

https://github.com/panva/node-openid-client

cedricjacobs avatar Jun 12 '23 18:06 cedricjacobs