Reputation: 775
node-openid-client, how to resolve errors like "callbackParams of undefined" and "state mismatch"
Regarding this library https://github.com/panva/node-openid-client
Is that correct to assume that the same openIdClient instance should be handling both openIdClient.authorizationUrl() and openIdClient.callbackParams() for a particular authentication request.
As I found out, it could be wrong, that if the instance is different between these 2 calls, then "callbackParams of undefined" and "state mismatch" errors could happen, especially in a multi-instance environment.
Thanks
Upvotes: 0
Views: 1609
Answers (2)
Reputation:
There is no requirement for the same Instance of the Client class to handle the init and callback phases.
Not being able to access Client.prototype.callbackParams due to client being undefined is an application level error.
The OP's problem in question is being handled in a package that includes openid-client here.
Upvotes: 1
Reputation: 19931
Yes, the client should be the same instance that handles the initial authentication request and that also retrieves the final tokens from the OICD provider.
Most of the security features like state and PKCE in OICD requires this to be true.
Upvotes: 1
Related Questions
- No state in response after callback in oidc-client-js
- Auth0 & Express-openid-connect /callback not responding
- OpenID Connect implementation (node.js typescript)
- Node.JS/Passport-CI-OIDC - Error: Can't set headers after they are sent. at ServerResponse.OutgoingMessage.setHeader
- Error: No state in response using oidc-client-js
- Undefined object when trying to retreive state object from oidc-client callback
- OpenID Connect: Is it an error to request scope openid with response_type token
- Passport-OpenID Connect configuration
- NodeJS OpenID Connect Authentication Request
- Using OpenID with server-side JavaScript (node.js), but I get an error