Comments (8)
Issue resolved by 85744ec.
Version 1.9.1 is now available with this included.
from react-oauth2-pkce.
Tested and it works. Thanks!
from react-oauth2-pkce.
Hi,
Can you please post your configuration?
Also, are you sure the access token is a valid JWT? You can try it out at pages like jwt.ms
And, are you receiving an id_token in the token request? Usually you need some special config on the provider, and a special scope for this.
from react-oauth2-pkce.
Hi @soofstad , thank you for your reply.
I created a fork of the project https://github.com/albertwangnz/react-oauth2-pkce-issue49, and you can see my change in the example microsoft-auth-provider
. I use AWS Cognito as the auth provider.
As you can see in the screenshot below, idTokenData is empty but idToken is not, and I can manually parse idToken to an object with the data.
from react-oauth2-pkce.
I just guess the issue might be missing of using if (idToken) setIdTokenData(decodeJWT(idToken))
in the file below.
src/AuthContext.tsx
Line 195.
from react-oauth2-pkce.
I think he's right. The idToken data is decoded and assign on line 105 of the AuthContext when a login happens...... but there is another effect() that decodes the access token that starts on line 163..... What is the purpose of that effect() ? An additional decode for both tokens might need to be placed in there.
They should both also obey the configuration "config.decodeToken" to decide on if token decoding happens at all.
from react-oauth2-pkce.
You are both absolutely right.
Seems I was a bit quick on the testing for the last version.
As it is now, we decode the idToken on a received token response, but not when loading the page when the idToken is already fetched.
Will get a fix for this ASAP.
from react-oauth2-pkce.
Really appreciate your so fast response :-)
from react-oauth2-pkce.
Related Issues (20)
- Compatibility with ie11 HOT 1
- 💡 [REQUEST] - Add ability to add headers to requests HOT 6
- 💡 [REQUEST] - Scope parameter is not supported on an authorization code access_token exchange request HOT 8
- Bug: Client authentication with confidential access isn't working HOT 6
- Bug: Redirects replace instead of creating a history entry HOT 2
- 💡 [REQUEST] - Parse (refresh) token expiration from token payload HOT 5
- 💡 [REQUEST] - Refresh access token without resetting the refresh token HOT 1
- Bug: "codeVerifier" and "state" are stored in sessionStorage despite "storage" parameter being "local" HOT 4
- Bug: Does not work correctly if routing type is hash HOT 2
- 💡 [Feature] - Ability to send custom headers in the authorization, token requests HOT 6
- 💡 [REQUEST] - Pass extra parameters to login()-function
- 💡 [FEATURE] - Option in login()-function to not redirect, but instead do it in an iframe or popup HOT 1
- 💡 [REQUEST] - Enhance Logout Functionality HOT 2
- 💡 [Feature] - `postLogout`-callback HOT 2
- 💡 [Feature] - Allow for passing arbitrary arguments to `logOut()`
- Bug: codeVerifier is not set in sessionStorage (sometimes) HOT 4
- Bug: Refresh token has a fixed expiration time HOT 1
- /authorized?code complains 404 Not Found HOT 1
- Bug: Token is cleared before Logout HOT 4
- Bug: refreshAccessToken is only called once
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from react-oauth2-pkce.