Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue with Authorization Code Flow #83

Open
mliu0506 opened this issue Dec 22, 2020 · 2 comments · May be fixed by #110
Open

Issue with Authorization Code Flow #83

mliu0506 opened this issue Dec 22, 2020 · 2 comments · May be fixed by #110
Labels
enhancement New feature or request

Comments

@mliu0506
Copy link

mliu0506 commented Dec 22, 2020
edited
Loading

I'm using passport-openidconnet

File:/passport-openidconnect/lib/strategy.js
Line: 79:25
AuthorizationError: Missing parameter, 'code_challenge'

Your package is pretty much there in supporting this workflow by defining the necessary additional parameters like e.g. nonce, code_challenge, code_challenge_method using the authorizationParams function. However, I haven't seen an option to extend the authentication request by similar means, e.g. with the necessary parameter code_verifier.
Did I miss something? If not it would be great you could add a similar mechanism like the authorizationParams to the authentication request

Here is my detail error message:
AuthorizationError: Missing parameter, 'code_challenge'

at Strategy.authenticate (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/passport-openidconnect/lib/strategy.js:79:25)
at attempt (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/passport/lib/middleware/authenticate.js:367:16)
at authenticate (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/passport/lib/middleware/authenticate.js:368:7)
at Layer.handle [as handle_request] (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/express/lib/router/layer.js:95:5)
at next (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/express/lib/router/route.js:137:13)
at Route.dispatch (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/express/lib/router/route.js:112:3)
at Layer.handle [as handle_request] (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/express/lib/router/layer.js:95:5)
at /Users/michael/Desktop/working/Gitlab/covid-more/node_modules/express/lib/router/index.js:281:22
at Function.process_params (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/express/lib/router/index.js:335:12)
at next (/Users/michael/Desktop/working/Gitlab/covid-more/node_modules/express/lib/router/index.js:275:10) {

code: 'invalid_request',
uri: undefined,
status: 500
}
@mliu0506 mliu0506 changed the title Support of PKCE workflow Issue with Authorization Code Flow Dec 22, 2020
@jaredhanson jaredhanson added the enhancement New feature or request label Nov 13, 2021
@saidheerajpaluvadi
Copy link

Hi Any update on this ? Is there any alternate npm library to use openidconnect with PKCE supported?

@cedricjacobs
Copy link

@saidheerajpaluvadi I use openid-client which has a strategy for PKCE flows

https://github.com/panva/node-openid-client

@aaronpk aaronpk linked a pull request Feb 6, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

add PKCE support aaronpk/passport-openidconnect
4 participants
@jaredhanson @cedricjacobs @mliu0506 @saidheerajpaluvadi