Using the passport strategy, how do I send a state query param? #760
Replies: 2 comments 1 reply
-
|
Overload the strategy's authorizationRequestParams method e.g. like so on a Strategy instance const _orig = strategy.authorizationRequestParams
strategy.authorizationRequestParams = (...args) => {
const params = _orig.call(this, ...args)
params.set('state', client.randomState())
return params
}or like so by subclassing the Strategy class class MyStrategy extends Strategy {
authorizationRequestParams(...args) {
const params = super.authorizationRequestParams(...args)
params.set('state', client.randomState())
return params
}
} |
Beta Was this translation helpful? Give feedback.
-
I'd like to follow up on this, Okta 100% supports PKCE, as indicated by the fact that it's not out of the box used for you. But I find it strange they'd also require state when PKCE is used, can you provide details on the flow you're running? Documentation? anything tangible that I can bring up internally with the team. |
Beta Was this translation helpful? Give feedback.
-
|
FWIW I've got a ticket to omit the requirement for state to be present when PKCE is used in the Okta Workforce Identity product issue tracker open. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
I'm having a problem as okta requires me to send a state query parameter. I can't see how to add it.
Okta support pkce, from what I can make out you don't add the state parameter in that scenario.
https://github.com/panva/openid-client/blob/main/src/passport.ts#L245
What would be the negative consequence of removing the
ifstatement above and always including state query param?Beta Was this translation helpful? Give feedback.
All reactions