Comments (9)
Hey @manfredsteyer,
The issue is that the library seems hardcode the response type to 'token or 'token id_token' - whereas what I think @amouly and I required is the url to response_type=code.
It has to be like this to work with Strava for me, not sure what service @amouly was trying to auth against. I figured it's just an alias, rather than a different flow.
from angular-oauth2-oidc.
I have the same issue. I'm using Cognito to request the tokens which only accepts the response type of 'token' or 'code' [1].
By default this lib hard codes the type to 'id_token token' which is not correct. The response type for implicit is 'token', 'id_token' or 'id_token token' [2].
Regardless, it would be good to be able to override the response_type to cater for differences between ID providers. Currently, in order to work with Cognito, we have to set oidc: false
which stops the parsing of identity token (which is returned by the IDP anyway).
https://github.com/darbio/angular-oauth2-oidc/blob/master/angular-oauth2-oidc/src/oauth-service.ts#L955-L957
[1] https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html
[2] http://oauthlib.readthedocs.io/en/latest/oauth2/grants/implicit.html
from angular-oauth2-oidc.
code flow isn't supported by the library. The reason is that is is not indented for SPA. Please consider using implicit flow instead.
from angular-oauth2-oidc.
Apparently, ADFS does not support implicit flow (or simplified flow).
That's why I need the responseType to be code.
from angular-oauth2-oidc.
AFAIK it supports it meanwhile [1]. The Problem is that code flow isn't really suited for single page apps.
from angular-oauth2-oidc.
@darbio +1 for the issue. So does that mean that I will have to process id token myself or not use this library at all for cognito? Thanks
@manfredsteyer any recommendation for workaround for using library with cognito?
from angular-oauth2-oidc.
Hi, was anyone able to solve this issue, as I am also facing the same issue while integrating ADFS with Angular 5.
Providing response_type = 'code'
Error: error=unsupported_response_type. The+authorization+server+does+not+support+obtaining+an+authorization+code+using+the+requested+'response_type'.+The+authorization+server+only+supports+'code'+as+the+response+type.
from angular-oauth2-oidc.
I think the author doesn’t want to include support for code flow (see: #52 (comment)). You can add in support as discussed above.
from angular-oauth2-oidc.
Hi, was anyone able to solve this issue, as I am also facing the same issue while integrating ADFS with Angular 5.
Providing response_type = 'code'
Error: error=unsupported_response_type. The+authorization+server+does+not+support+obtaining+an+authorization+code+using+the+requested+'response_type'.+The+authorization+server+only+supports+'code'+as+the+response+type.
Hi Nisha... were you able to resolve this issue later??
from angular-oauth2-oidc.
Related Issues (20)
- Upgrading angular-oauth2-oidc v13.0.1 to V15.0.1 needs changelog
- Support for Angular 17 is missing in README.md annotation
- prevent showing the wildcard route component while doing authentication. HOT 1
- setupAutomaticSilentRefresh() not working. HOT 1
- Local parsing HTTP request error HOT 5
- Upgrade jsrsasign to v11 HOT 9
- Azure AD B2C implicate flow clientAuthError: Invalid state
- adfs using initLoginFlow() returns auth token but getAccessToken() is null
- issuer must use HTTPS (with TLS), or config value for property requireHttps must be set to false and allow HTTP without TLS HOT 1
- Third party cookie and token refresh HOT 2
- Re Login with new Scope
- Silent refresh iframe multiple injection
- Requests are canceled on logout
- Publish new npm package? HOT 1
- Authentication Library Config Type Only Import
- SSO login happens and after redirection user is not logged in HOT 1
- IDP errors not handled during initLoginFlowInPopup
- checkSession: Uncaught TypeError: e.data.split is not a function
- Add the hability to end session on the server but without redirecting to postLogoutRedirectUri
- What is proper way to preserve/refresh login state, when redirecting back from other app after refresh_token exp time? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from angular-oauth2-oidc.