feat: send PKCE code_verifier during OIDC token exchange
Retrieve the stored code_verifier from sessionStorage and include it in the callback POST body so the backend can verify the PKCE challenge. Ref: #2410
This commit is contained in:
parent
f5024e2f2c
commit
4c565537e4
|
|
@ -243,9 +243,13 @@ export const useAuthStore = defineStore('auth', () => {
|
|||
|
||||
const fullProvider: IProvider = configStore.auth.openidConnect.providers.find((p: IProvider) => p.key === provider)
|
||||
|
||||
const codeVerifier = sessionStorage.getItem('pkceCodeVerifier')
|
||||
sessionStorage.removeItem('pkceCodeVerifier')
|
||||
|
||||
const data = {
|
||||
code: code,
|
||||
redirect_url: getRedirectUrlFromCurrentFrontendPath(fullProvider),
|
||||
...(codeVerifier && {code_verifier: codeVerifier}),
|
||||
}
|
||||
|
||||
// Delete an eventually preexisting old token
|
||||
|
|
|
|||
Loading…
Reference in New Issue