fix(auth/external): add some missing url params for external auth PKCE exchanges
#2812
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
ThatOneBro
changed the title
PKCE search paramsPKCE search params
| @@ -1053,12 +1051,22 @@ export class MedplumClient extends EventTarget { | |||
| redirectUri: string, | |||
| loginRequest: BaseLoginRequest | |||
| ): string { | |||
| const { codeChallenge, codeChallengeMethod } = loginRequest; | |||
| if (!codeChallengeMethod) { | |||
There was a problem hiding this comment.
Is this always true? I think PKCE is optional for external auth.
There was a problem hiding this comment.
In the way that it's implemented there is always a call to ensureCodeChallenge() as far as I can tell. I'll double check
There was a problem hiding this comment.
This is currently the only place where client.getExternalAuthRedirectUri() is called:
medplum/packages/core/src/client.ts
Lines 1014 to 1015 in 8be748f
So in the current codebase it will always have a codeChallenge and codeChallengeMethod. I think in this case it's better to do this check because if they aren't there in the current codebase it is likely a bug and not intentional.
I could see a case for it being more general maybe, but if it's not planned yet then this is probably better IMO.
ThatOneBro
changed the title
PKCE search paramsPKCE exchanges
|
Kudos, SonarCloud Quality Gate passed! |
codyebberson
approved these changes
Sep 12, 2023
codyebberson
added a commit
that referenced
this pull request
Sep 13, 2023
Use data migrations in version numbers (#2816) Fixes #2784 - Data migrations framework (#2786) Fixes #2817 - add jose to bot lambda layer (#2818) Move "public" resources into R4 Project (#2591) fix(auth/external): add some missing url params for external auth `PKCE` exchanges (#2812) Experiment: remove prettier from ESLint config, try out Biome (Rome fork) (#2748) Fixes #2808 - handle observation groups in DiagnosticReportDisplay (#2809) Adding content for Titan case study (#2806) QuestionnaireForm Cleanup (#2801) UI Clone for Lab Order Questionnaire (#2787) Lab order bot (#2791) Blog Post: GraphQL vs. Rest (#2781) Fixes #2761 - docs for bot logs and aws athena (#2779) Adding EMPI documentation (#2754) Example on Lab Ordering demo (#2716) Fixed links on about page (#2777) Adding blog material (#2776) Fixes #2771 - handle numeric return values from bots (#2775) New www 'about' page (#2770)
Merged
github-merge-queue bot
pushed a commit
that referenced
this pull request
Sep 13, 2023
Use data migrations in version numbers (#2816) Fixes #2784 - Data migrations framework (#2786) Fixes #2817 - add jose to bot lambda layer (#2818) Move "public" resources into R4 Project (#2591) fix(auth/external): add some missing url params for external auth `PKCE` exchanges (#2812) Experiment: remove prettier from ESLint config, try out Biome (Rome fork) (#2748) Fixes #2808 - handle observation groups in DiagnosticReportDisplay (#2809) Adding content for Titan case study (#2806) QuestionnaireForm Cleanup (#2801) UI Clone for Lab Order Questionnaire (#2787) Lab order bot (#2791) Blog Post: GraphQL vs. Rest (#2781) Fixes #2761 - docs for bot logs and aws athena (#2779) Adding EMPI documentation (#2754) Example on Lab Ordering demo (#2716) Fixed links on about page (#2777) Adding blog material (#2776) Fixes #2771 - handle numeric return values from bots (#2775) New www 'about' page (#2770)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Closes #2810