OpenID-Connect-PHP icon indicating copy to clipboard operation
OpenID-Connect-PHP copied to clipboard

Published 20 hours ago verified publisher icon jumbojett

The client MUST NOT use more than one authentication method in each

Open lellomaverick opened this issue 2 years ago • 1 comments

Hello everyone, I am using a private Identity Access Manager and I am able to complete the login process until I return to my application. This is the simple code:

$oidc = new OpenIDConnectClient( 'https://aaa.it/oauth2/token', 'xxx', 'yyy' ); $oidc->addScope('profile'); $oidc->addScope('email'); $oidc->addScope('api'); $oidc->setCodeChallengeMethod('S256');

$oidc->authenticate();

After logging into IAM, I go back to my application and I have in GET code, state, session_state. Using the same code as before I get this message: The client MUST NOT use more than one authentication method in each. The requestTokens function returns this error to me.

What can I do to solve the problem?

lellomaverick avatar Jul 16 '22 15:07 lellomaverick

The problem is in the requestTokens method where if is set 'code_verifier' it is also set 'client_id' but the variable $authorizationHeader is not unset correctly. Please fix it.

marzoli avatar Dec 07 '22 12:12 marzoli