Ory Hydra Authentication Server - Authorization Code Grant Flow Issues

.gitignore

@@ -1,3 +1,121 @@
+# Created by https://www.gitignore.io/api/node,angular
+# Edit at https://www.gitignore.io/?templates=node,angular
+
+### Angular ###
+## Angular ##
+# compiled output
+/dist
+/tmp
+/app/**/*.js
+/app/**/*.js.map
+
+# dependencies
+/node_modules
+/bower_components
+
+# IDEs and editors
+/.idea
+
+# misc
+/.sass-cache
+/connect.lock
+/coverage/*
+/libpeerconnection.log
+npm-debug.log
+testem.log
+/typings
+
+# e2e
+/e2e/*.js
+/e2e/*.map
+
+#System Files
+.DS_Store
+
+### Node ###
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (https://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+node_modules/
+jspm_packages/
+
+# TypeScript v1 declaration files
+typings/
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variables file
+.env
+.env.test
+
+# parcel-bundler cache (https://parceljs.org/)
+.cache
+
+# next.js build output
+.next
+
+# nuxt.js build output
+.nuxt
+
+# vuepress build output
+.vuepress/dist
+
+# Serverless directories
+.serverless/
+
+# FuseBox cache
+.fusebox/
+
+# DynamoDB Local files
+.dynamodb/
+
+# End of https://www.gitignore.io/api/node,angular
+
 # See http://help.github.com/ignore-files/ for more about ignoring files.
 
 # compiled output

projects/lib/src/auth.config.ts

@@ -215,6 +215,11 @@ export class AuthConfig {
   */
   public useHttpBasicAuthForPasswordFlow? = false;
 
+  /*
+   * set this to true to use HTTP BASIC auth for authorization code flow
+  */
+ public useHttpBasicAuthForAuthorizationCodeFlow? = false;
+
   public disableNonceCheck? = false;
 
   constructor(json?: Partial<AuthConfig>) {

projects/lib/src/oauth-service.ts

@@ -719,18 +719,27 @@ export class OAuthService extends AuthConfig {
       }
 
       return new Promise((resolve, reject) => {
-        params = params.set('client_id', this.clientId);
-
-              if (this.customQueryParams) {
-                  for (const key of Object.getOwnPropertyNames(this.customQueryParams)) {
-                      params = params.set(key, this.customQueryParams[key]);
-                  }
-              }
-
-              const headers = new HttpHeaders().set(
-                  'Content-Type',
-                  'application/x-www-form-urlencoded'
-              );
+        if (!this.useHttpBasicAuthForAuthorizationCodeFlow) {
+            params = params.set('client_id', this.clientId);
+        }
+        if (this.customQueryParams) {
+            for (const key of Object.getOwnPropertyNames(this.customQueryParams)) {
+                params = params.set(key, this.customQueryParams[key]);
+            }
+        }
+        let headers = new HttpHeaders().set(
+            'Content-Type',
+            'application/x-www-form-urlencoded');
+
+        if (this.useHttpBasicAuthForAuthorizationCodeFlow) {
+            headers = headers.append(
+                'Accept',
+                'application/json');
+            const header = btoa(`${this.clientId}:${this.dummyClientSecret}`);
+            headers = headers.append(
+                'Authorization',
+                'BASIC ' + header);
+        }
 
         this.http.post<TokenResponse>(this.tokenEndpoint, params, { headers }).subscribe(
           (tokenResponse) => {
@@ -1093,7 +1102,7 @@ export class OAuthService extends AuthConfig {
 
         let nonce = null;
         if (!this.disableNonceCheck) {
-          let nonce = this.createAndSaveNonce();
+          nonce = this.createAndSaveNonce();
           if (state) {
             state = nonce + this.config.nonceStateSeparator + state;
           } else {
@@ -1353,7 +1362,7 @@ export class OAuthService extends AuthConfig {
      * @param options Optinal options.
      */
     private tryLoginImplicit(options: LoginOptions = null): Promise<void> {
-      options = options || {};
+        options = options || {};
 
         let parts: object;
 
@@ -1909,4 +1918,4 @@ export class OAuthService extends AuthConfig {
         }
         return this.tokenValidationHandler.validateSignature(params);
     }
-}
+}