Fix: OAuth 2.0 Grant Type Authorization: "invalid_client" error / URL Encode of Client ID (#2129)

#2115
#1003
This commit is contained in:
Mateusz Pietryga 2024-07-26 14:47:38 +02:00 committed by GitHub
parent 2e2c60d90e
commit f2ba351f0d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -51,26 +51,26 @@ const getOAuth2AuthorizationCode = (request, codeChallenge, collectionUid) => {
const { oauth2 } = request; const { oauth2 } = request;
const { callbackUrl, clientId, authorizationUrl, scope, state, pkce } = oauth2; const { callbackUrl, clientId, authorizationUrl, scope, state, pkce } = oauth2;
let oauth2QueryParams = const authorizationUrlWithQueryParams = new URL(authorizationUrl);
(authorizationUrl.indexOf('?') > -1 ? '&' : '?') + `client_id=${clientId}&response_type=code`; authorizationUrlWithQueryParams.searchParams.append('response_type', 'code');
authorizationUrlWithQueryParams.searchParams.append('client_id', clientId);
if (callbackUrl) { if (callbackUrl) {
oauth2QueryParams += `&redirect_uri=${callbackUrl}`; authorizationUrlWithQueryParams.searchParams.append('redirect_uri', callbackUrl);
} }
if (scope) { if (scope) {
oauth2QueryParams += `&scope=${scope}`; authorizationUrlWithQueryParams.searchParams.append('scope', scope);
} }
if (pkce) { if (pkce) {
oauth2QueryParams += `&code_challenge=${codeChallenge}&code_challenge_method=S256`; authorizationUrlWithQueryParams.searchParams.append('code_challenge', codeChallenge);
authorizationUrlWithQueryParams.searchParams.append('code_challenge_method', 'S256');
} }
if (state) { if (state) {
oauth2QueryParams += `&state=${state}`; authorizationUrlWithQueryParams.searchParams.append('state', state);
} }
const authorizationUrlWithQueryParams = authorizationUrl + oauth2QueryParams;
try { try {
const oauth2Store = new Oauth2Store(); const oauth2Store = new Oauth2Store();
const { authorizationCode } = await authorizeUserInWindow({ const { authorizationCode } = await authorizeUserInWindow({
authorizeUrl: authorizationUrlWithQueryParams, authorizeUrl: authorizationUrlWithQueryParams.toString(),
callbackUrl, callbackUrl,
session: oauth2Store.getSessionIdOfCollection(collectionUid) session: oauth2Store.getSessionIdOfCollection(collectionUid)
}); });