Force to use id_token instead of access_token #405

ddaddy · 2023-07-21T13:30:18Z

I need to provide the id_token to my API and not the access_token.

If I override the extensions that create the oauth2 signed request like this:

extension OAuth2Base {
    func request(forURL url: URL, cachePolicy: NSURLRequest.CachePolicy = .reloadIgnoringLocalCacheData) -> URLRequest {
        var req = URLRequest(url: url, cachePolicy: cachePolicy, timeoutInterval: 20)
        try? req.sign(with: self)
        return req
    }
}

extension URLRequest {
    public mutating func sign(with oauth2: OAuth2Base) throws {
        guard let idToken = oauth2.clientConfig.idToken, !idToken.isEmpty else {
            throw OAuth2Error.noAccessToken
        }
        setValue("Bearer \(idToken)", forHTTPHeaderField: "Authorization")
    }
}

This will work when making oauth2.session requests. However if I use OAuth2DataLoader it works while I have a valid token, but if the OAuth2DataLoader has to request a re-login and it gets a new token, the first request it fires off afterwards uses the access_token.

Is it possible to make it use the id_token instead?

The text was updated successfully, but these errors were encountered:

ddaddy · 2023-07-21T17:44:40Z

I've created a pull request that adds this feature. #406

ddaddy linked a pull request Jul 21, 2023 that will close this issue

Added requestUsingIDToken configuration #406

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Force to use id_token instead of access_token #405

Force to use id_token instead of access_token #405

ddaddy commented Jul 21, 2023

ddaddy commented Jul 21, 2023

Force to use id_token instead of access_token #405

Force to use id_token instead of access_token #405

Comments

ddaddy commented Jul 21, 2023

ddaddy commented Jul 21, 2023