Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How do I sent a state parameter in the authorization request? #304

Closed
blake-mealey opened this issue Oct 26, 2020 · 3 comments
Closed

How do I sent a state parameter in the authorization request? #304

blake-mealey opened this issue Oct 26, 2020 · 3 comments
Labels
question

Comments

@blake-mealey
Copy link
Contributor

I'm struggling to find a built-in way to send a state parameter in the authorization request. My provider (Okta) requires it for the implicit flow.

I am able to workaround this by manually adding the query parameter to the URL:

...

const nonce = generators.nonce()
const state = generators.state()

const loginUrl =
  client.authorizationUrl({
    scope: 'openid email profile',
    response_mode: 'form_post',
    nonce
  }) + `&state=${state}`

...

const params = client.callbackParams(ctx.req)
const tokenSet = await client.callback(ctx.url, params, {
  nonce,
  state
})

This feels pretty hacky and I know I must be missing something but I haven't found any related properties in the docs.
@panva
Copy link
Owner

panva commented Oct 26, 2020

Screenshot 2020-10-26 at 17 27 07

@panva panva closed this as completed Oct 26, 2020
@blake-mealey
Copy link
Contributor Author

🤦‍♂️ Thank you.

Would you consider adding state as an optional parameter in the options object for TS users? I can open a PR if you'd like

@panva
Copy link
Owner

panva commented Oct 26, 2020

sure, seems like it was omitted by mistake.

@blake-mealey blake-mealey mentioned this issue Oct 26, 2020
Merged
panva pushed a commit that referenced this issue Oct 27, 2020
@blake-mealey
fix(typescript): add state property to AuthorizationParameters (#305)
b9dfa60 
Resolves #304
@github-actions github-actions bot locked and limited conversation to collaborators Jan 25, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Bump openid-client from 3.15.10 to 4.5.1 VMDDTE/defra-identity-hapi-plugin
2 participants
@panva @blake-mealey