Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for extracting id_token from oauth2 implicit flow redirect. #1408

Merged
merged 1 commit into from Apr 18, 2019

Conversation

Projects
None yet
2 participants
@Dirbaio
Copy link
Contributor

commented Mar 15, 2019

This adds the final missing piece for being able to use OpenID Connect auth in Insomnia (with Google, at least).

The problem is that OpenID auth returns the token in the id_token param, instead of access_token. This has been previously discussed in #839.

This PR fixes the issue by doing the following:

  • Watch for id_token= as well as access_token= to detect the redirect.
  • If response type is id_token, get the token from id_token instead of access_token.

With this change, Google OpenID Connect auth works, with the following settings:
Screenshot from 2019-03-15 15-49-42

@welcome

This comment has been minimized.

Copy link

commented Mar 15, 2019

💖 Thanks for opening this pull request! 💖

To help make this a smooth process, please be sure you have first read the
contributing guidelines.

@Dirbaio Dirbaio force-pushed the Dirbaio:develop branch from 2d867a7 to fa275e6 Mar 15, 2019

@gschier
Copy link
Collaborator

left a comment

Good stuff!

@gschier gschier merged commit 6b24456 into getinsomnia:develop Apr 18, 2019

2 checks passed

continuous-integration/appveyor/pr AppVeyor build succeeded
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
@welcome

This comment has been minimized.

Copy link

commented Apr 18, 2019

Congrats on merging your first pull request! 🎉🎉🎉 You're helping make Insomnia awesome! 🙌

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.