当这个openid客户端库在JS中时,我试图获取身份验证令牌,但我收到了这个错误:invalid_request(参数redirect_uri与代码不匹配)
我的代码如下:
const issuer = await Issuer.Issuer.discover('https://login.issuer.de/openidsandbox');
code_verifier = Issuer.generators.codeVerifier();
code_challenge = Issuer.generators.codeChallenge(code_verifier);
client = new issuer.Client({
client_id: 'someclientid',
client_secret: 'someclientsecret,
redirect_uri: `http://localhost:3000/authorize/`,
response_types: ['code id_token'],
id_token_signing_alg_values_supported: "RS256",
});
url = client.authorizationUrl({
// scope: 'openid functiontest',
scope: 'openid',
response_mode: 'form_post',
nonce,
code_challenge,
code_challenge_method: 'S256',
state,
});
它打开身份验证页面,登录服务器后,我们成功地重定向回终点。由端点授权处理
('/authorize/', async (request, reply) => {
const params = client.callbackParams(request);
const tokenSet = await client.callback('https://login.issuer.de/openidsandbox/authorize', params, { nonce, state });
// this line throws the error. I tried my own server's end-point but still same error.
});
是不是我做错了什么。请提出建议。
这是由该链接指定的答案修复的
基本上,在回调URL中,我们需要传递服务器的回调。调用此客户端.callBack方法的正确方法是:
const tokenSet = await client.callback('http://localhost:3000/authorize/', params, { nonce, state, code_verifier });