John Kelleher comments

Repositories
Issues
Comments

Results 2 comments of


                                            John Kelleher

hasCodeInUrl checks both hashParams and searchParams even though the OIDC Auth is configured for just one of them.

Since we have access to the `userManager.settings` I would just use the same check oidc-client-js uses https://github.com/IdentityModel/oidc-client-js/blob/dev/src/OidcClient.js#L103 and https://github.com/IdentityModel/oidc-client-js/blob/dev/src/SigninRequest.js#L96 ``` const isCode = (response_type) => { var result = response_type.split(/\s+/g).filter(function...

hasCodeInUrl checks both hashParams and searchParams even though the OIDC Auth is configured for just one of them.

We also have the `redirect_uri` in the UserManagerSettings, is there a reason we do not check the path to confirm it is the correct OIDC callback location?