OIDC: pass id_token via id_token_hint on Manage Account interaction (#12499)

* Store id_token rather than just id_token_claims Signed-off-by: Michael Telatynski <7t3chguy@gmail.com> * Pass id_token via `id_token_hint` on `Manage Account` interaction Signed-off-by: Michael Telatynski <7t3chguy@gmail.com> * Fix tests Signed-off-by: Michael Telatynski <7t3chguy@gmail.com> --------- Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2024-05-07 12:27:37 +01:00 · 2024-05-07 12:27:37 +01:00 · 580bb5537d
commit 580bb5537d
parent e2310e637c
8 changed files with 89 additions and 33 deletions
--- a/src/Lifecycle.ts
+++ b/src/Lifecycle.ts
@ -289,7 +289,7 @@ export async function attemptDelegatedAuthLogin(
 */
 async function attemptOidcNativeLogin(queryParams: QueryDict): Promise<boolean> {
    try {
-        const { accessToken, refreshToken, homeserverUrl, identityServerUrl, idTokenClaims, clientId, issuer } =
+        const { accessToken, refreshToken, homeserverUrl, identityServerUrl, idToken, clientId, issuer } =
            await completeOidcLogin(queryParams);

        const {
@ -311,7 +311,7 @@ async function attemptOidcNativeLogin(queryParams: QueryDict): Promise<boolean>
        logger.debug("Logged in via OIDC native flow");
        await onSuccessfulDelegatedAuthLogin(credentials);
        // this needs to happen after success handler which clears storages
-        persistOidcAuthenticatedSettings(clientId, issuer, idTokenClaims);
+        persistOidcAuthenticatedSettings(clientId, issuer, idToken);
        return true;
    } catch (error) {
        logger.error("Failed to login via OIDC", error);