Comments (8)
Well your callback includes userinfo
, so what the function attempts to do is get userinfo with what it received, but your response_type is id_token only. Should be pretty clear you cannot get userinfo with this response_type. Change your verify signature to (tokenset, done) and you're good to go.
from node-openid-client.
@panva with body parser works fine, thanks
from node-openid-client.
Why are you not calling authenticate on the callback route?
app.post('/callback', passport.authenticate('oidc'), ... );
from node-openid-client.
I get the following error when I do auth in the callback:
Error: access_token not present in TokenSet
at Client.userinfo (D:\playground\IdSrvTest\src\node_client\node_modules\openid-client\lib\client.js:492:31)
at callback.then (D:\playground\IdSrvTest\src\node_client\node_modules\openid-client\lib\passport_strategy.js:106:40)
at process._tickCallback (internal/process/next_tick.js:103:7)
from node-openid-client.
FYI, I am using Identity Server 4 (another OP) and it posts back to my callback
and it posts to my app with the following fields in the body:
id_token: '....',
scope: 'openid profile',
state: '...',
session_state: '...'
from node-openid-client.
Awesome! Thank you very much. That did it.
from node-openid-client.
@panva
Hi! I have almost identical situation. Have this too:
FYI, I am using Identity Server 4 (another OP) and it posts back to my
callback
and it posts to my app with the following fields in the body:id_token: '....', scope: 'openid profile', state: '...', session_state: '...'
But by adding passport.authenticate
in my post
I get cyclic redirect.
Could you give some tip what can be done ?
from node-openid-client.
do you have a body parser on that path?
from node-openid-client.
Related Issues (20)
- OAuth 2.0 Device Authorization Grant (Device Flow) - poll without PKCE HOT 3
- Type checking httpOptions and rejectUnauthorized
- RPError thrown when IdToken JWE Header enc is blank HOT 2
- client won't run under `edge` runtime HOT 1
- Support setting client_secret to an empty string when using client_secret_basic or client_secret_post HOT 1
- Cannot assign to read only property 'dpopProof' of object '#<Client>' HOT 2
- Unsuccessful Callback to Unknow client side error HOT 10
- isKeyObject check fails in Bun HOT 5
- Scope delimiter replace problem HOT 2
- Multiple authenticate requests from the same session causes state mismatch HOT 1
- Can't authenticate when the server advertises authorization_response_iss_parameter_supported HOT 2
- Requests made without Accept-Encoding header HOT 1
- "cty" should not be included in jwks query HOT 2
- URL is not a constructor at Issuer.request HOT 1
- Application and Identity manger on different domains HOT 1
- Support other status code than 200 HOT 4
- Unable to use private_key_jwt auth method with Azure.
- Audience matching doesn't work as intended HOT 1
- Using `authorizationUrl()` in combination with PAR adds too many parameters HOT 3
- update interface AuthenticateOptions to include redirect_uri HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from node-openid-client.