Skip to content

Commit

Permalink
fix: push pkce <> response type resolution to the authenticate function
Browse files Browse the repository at this point in the history
fixes #312
  • Loading branch information
panva committed Nov 30, 2020
1 parent a06446a commit 1970af4
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions lib/passport_strategy.js
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ function OpenIDConnectStrategy({
params = {},
passReqToCallback = false,
sessionKey,
usePKCE,
usePKCE = true,
extras = {},
} = {}, verify) {
if (!(client instanceof BaseClient)) {
Expand Down Expand Up @@ -57,7 +57,7 @@ function OpenIDConnectStrategy({
if (!this._params.redirect_uri) this._params.redirect_uri = resolveRedirectUri.call(client);
if (!this._params.scope) this._params.scope = 'openid';

if (this._usePKCE === true || (typeof this._usePKCE === 'undefined' && this._params.response_type.includes('code'))) {
if (this._usePKCE === true) {
const supportedMethods = Array.isArray(this._issuer.code_challenge_methods_supported)
? this._issuer.code_challenge_methods_supported : false;

Expand Down Expand Up @@ -101,7 +101,7 @@ OpenIDConnectStrategy.prototype.authenticate = function authenticate(req, option

req.session[sessionKey] = pick(params, 'nonce', 'state', 'max_age', 'response_type');

if (this._usePKCE) {
if (this._usePKCE && params.response_type.includes('code')) {
const verifier = random();
req.session[sessionKey].code_verifier = verifier;

Expand Down

0 comments on commit 1970af4

Please sign in to comment.