Using the passport strategy, how do I send a state query param? #760
Replies: 2 comments 1 reply
-
|
Overload the strategy's authorizationRequestParams method e.g. like so on a Strategy instance const _orig = strategy.authorizationRequestParams
strategy.authorizationRequestParams = (...args) => {
const params = _orig.call(this, ...args)
params.set('state', client.randomState())
return params
}or like so by subclassing the Strategy class class MyStrategy extends Strategy {
authorizationRequestParams(...args) {
const params = super.authorizationRequestParams(...args)
params.set('state', client.randomState())
return params
}
} |
Beta Was this translation helpful? Give feedback.
-
I'd like to follow up on this, Okta 100% supports PKCE, as indicated by the fact that it's not out of the box used for you. But I find it strange they'd also require state when PKCE is used, can you provide details on the flow you're running? Documentation? anything tangible that I can bring up internally with the team. |
Beta Was this translation helpful? Give feedback.
-
|
FWIW I've got a ticket to omit the requirement for state to be present when PKCE is used in the Okta Workforce Identity product issue tracker open. |
Beta Was this translation helpful? Give feedback.
-
I'm having a problem as okta requires me to send a state query parameter. I can't see how to add it.
Okta support pkce, from what I can make out you don't add the state parameter in that scenario.
https://github.com/panva/openid-client/blob/main/src/passport.ts#L245
What would be the negative consequence of removing the
ifstatement above and always including state query param?Beta Was this translation helpful? Give feedback.
All reactions