Add token request parameters for authorization code flow

The access token request needs the code if we're using code flow. For authorization code flow, grant_type and redirect_uri are also required. To run tests, pin the minitest version per a conflict with mocha, as noted here: freerange/mocha#614 But do not leave pinned as the gem fails to install under some rubies that previously succeeded. For example: net-imap-0.5.0 requires ruby version >= 3.1.0, which is incompatible with the current version, ruby 2.6.8p0 (jruby 9.3.7.0)
coberlin · Oct 23, 2024 · 38e5959 · 38e5959
1 parent 389869b
commit 38e5959
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/lib/omniauth/strategies/openid_connect.rb b/lib/omniauth/strategies/openid_connect.rb
@@ -271,6 +271,12 @@ def access_token
           client_auth_method: options.client_auth_method,
         }
 
+        if configured_response_type == 'code'
+          token_request_params[:grant_type] = :authorization_code
+          token_request_params[:code] = authorization_code
+          token_request_params[:redirect_uri] = redirect_uri
+        end
+
         token_request_params[:code_verifier] = params['code_verifier'] || session.delete('omniauth.pkce.verifier') if options.pkce
 
         @access_token = client.access_token!(token_request_params)