Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add refreshTokenWithClientId option, to send client_id when using a refresh token #175

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add refreshTokenWithClientId option, to send client_id when using a refresh token #175

wants to merge 1 commit into from

Conversation

rob-a-bolton
Copy link

@rob-a-bolton rob-a-bolton commented Jan 3, 2024
edited
Loading

Some OAuth providers (e.g. Keycloak) require that client_id is sent when using a refresh token.
This patch adds the refreshTokenWithClientId option that may be used similarly to the refreshTokenWithCredentials.
When true, the request body for the token refresh will also send a client_id parameter fetched from the state.
I have locally tested this patch and it produces the desired behaviour, though I've not commit the packed dist bundle files yet.

The refreshTokenWithCredentials option wouldn't be suitable when using a public client as no credentials are known.

Evidence of Keycloak's behaviour may be found on the discourse.

@the-kenny
Copy link

the-kenny commented Oct 9, 2024
edited
Loading

We're having the same problem in our setup. It would be great if this option could be merged so that we can stop using a forked version of fhir.js.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rob-a-bolton @the-kenny