Skip to content

id_token is processed and stored during refresh token flow when AuthConfig.oidc = false #1254

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
buchatsky opened this issue Sep 5, 2022 · 2 comments
Closed

id_token is processed and stored during refresh token flow when AuthConfig.oidc = false #1254

buchatsky opened this issue Sep 5, 2022 · 2 comments
Labels
bug For tagging faulty or unexpected behavior. investigation-needed Indication that the maintainer or involved community members may need to investigate more.

Comments

@buchatsky
Copy link

buchatsky commented Sep 5, 2022
edited
Loading

Describe the bug
I use Authorization Code flow with refresh_token. Id provider also returns an id_token, but I don't need it, so I set AuthConfig.oidc = false and use oauthService.tryLogin() instead of oauthService.loadDiscoveryDocumentAndTryLogin().
id_token is not processed and stored during initial authorization_code flow, but surprisingly is processed and stored during all subsequent refresh_token flows (in case of loadDiscoveryDocumentAndTryLogin()) or the exception "Parameter jwks expected!" is thrown (in case of tryLogin()).
The cause is that this.oidc is checked in fetchTokenUsingGrant() and fetchAndProcessToken() functions

if (this.oidc && tokenResponse.id_token) {
  this.processIdToken(tokenResponse.id_token, tokenResponse.access_token).then((result) => {

but not in refreshToken()

if (tokenResponse.id_token) {
  return from(this.processIdToken(tokenResponse.id_token, tokenResponse.access_token, true)).pipe(tap((result) =>

Expected behavior
id_token to be NOT processed and stored during refresh token flow when AuthConfig.oidc = false

Desktop (please complete the following information):

  • OS: Windows 10
  • Browser: Google Chrome
  • Version: 13.0.1
@jeroenheijmans
Copy link
Collaborator

That does indeed sound like a bug at first glance.

@jeroenheijmans jeroenheijmans added bug For tagging faulty or unexpected behavior. investigation-needed Indication that the maintainer or involved community members may need to investigate more. labels Sep 5, 2022
@manfredsteyer
Copy link
Owner

Fixed in next version.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug For tagging faulty or unexpected behavior. investigation-needed Indication that the maintainer or involved community members may need to investigate more.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@manfredsteyer @jeroenheijmans @buchatsky