Skip to content
This repository has been archived by the owner on Mar 3, 2022. It is now read-only.

Send credentials (certificate) when retrieving token #1062

Open
808x88 opened this issue Feb 26, 2020 · 5 comments · May be fixed by #1314
Open

Send credentials (certificate) when retrieving token #1062

808x88 opened this issue Feb 26, 2020 · 5 comments · May be fixed by #1314
Labels
enhancement

Comments

@808x88
Copy link

808x88 commented Feb 26, 2020

When conducting the post request to get the token from the idp, we should be able to choose whether we want to send the credentials in the post request so the idp can verify who is calling to get the token with our certificate.
@brockallen
Copy link
Member

What certificate?

@achebrol
Copy link

i would like to include the cookies while sending the token request.
is it possible to set xhr.withCredentials = true; in JsonService.js

@seeshaarp
Copy link

seeshaarp commented Oct 21, 2020
edited
Loading

This is really required. I am sending the token as a cookie from an api to avoid access token stroring either in session or local storage in the client side. if we dont make withcredentials = true, it ignores the repsonse cookies and cookies are not attached to the subsequent requests..

@npflood npflood linked a pull request Mar 5, 2021 that will close this issue
Open
@npflood
Copy link

npflood commented Mar 8, 2021

@brockallen There is an open pull request that fixes this issue. Please let me know if there are any changes needed.

@kimlukas
Copy link

kimlukas commented Apr 21, 2021
edited
Loading

And if you do something like this.
To have your own XMLHttpRequest Factory?

Global.setXMLHttpRequest(function () {
  var request = new XMLHttpRequest();
  request.withCredentials = true;
  return request;
});

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Feat: Option to send credentials with http requests ECHOInternational/oidc-client-js
6 participants
@brockallen @npflood @achebrol @808x88 @kimlukas @seeshaarp