auth-module
auth-module copied to clipboard
Token request on authorization_code flow sent with wrong content-type
Version
module: 5.0.0-1648802546.c9880dc
nuxt: 2.15.8
Nuxt configuration
mode:
- [x] universal
- [ ] spa
Nuxt configuration
auth: {
redirect: {
callback: "/oauth2/callback",
},
strategies: {
oidc: {
scheme: "openIDConnect",
clientId: 'REDACTED',
endpoints: {
configuration: '<REDACTED>/.well-known/openid-configuration',
},
scope: ['openid', 'email', 'profile', 'address', 'phone'],
responseType: 'code',
grantType: 'authorization_code',
redirectUri: 'https://localhost:3000/oauth2/callback',
logoutRedirectUri: '/',
codeChallengeMethod: 'S256',
},
},
},
-->
Reproduction
Trigger login with $nuxt.$auth.login()
and then be redirected back to callback, which then tries to swap the authorization code for the tokens.
What is expected?
The authorization code is sent to the /token
endpoint with a content-type of application/x-www-form-urlencoded
.
What is actually happening?
It's being sent with a content-type of application/json
, but the actual body is urlencoded, not JSON.
Steps to reproduce
Additional information
I believe this is happening here (no content-type is being set) https://github.com/nuxt-community/auth-module/blob/dev/src/schemes/oauth2.ts#L390
Whereas here, it is: https://github.com/nuxt-community/auth-module/blob/dev/src/schemes/oauth2.ts#L455
Checklist
- [x] I have tested with the latest Nuxt version and the issue still occurs
- [x] I have tested with the latest module version and the issue still occurs
- [x] I have searched the issue tracker and this issue hasn't been reported yet