获取类型错误:client_secret_basic 客户端身份验证方法需要 client_secret

问题描述 投票:0回答:2

我在使用客户端身份验证方法时遇到错误消息。我收到的错误消息是:

“类型错误:client_secret_basic 客户端身份验证方法需要 client_secret。”

我不知道如何解决这个问题,因为它似乎与身份验证过程有关。这是相关的代码片段:

const express = require('express');
const session = require('express-session');
const { Issuer, generators } = require('openid-client');
const axios = require('axios');

const app = express();
const port = 3000;

app.use(session({
  secret: 'f06549ea-282a-4096-a3b4-d123bc881a00',
  resave: false,
  saveUninitialized: true,
}));

// Load environment variables
require('dotenv').config();

// OpenID Connect configuration
const azureTenantId = process.env.AZURE_TENANT_ID;
const clientId = process.env.CLIENT_ID;
const redirectUri = process.env.REDIRECT_URI;

const openIdConfigUrl = `https://login.microsoftonline.com/${azureTenantId}/v2.0/.well-known/openid-configuration`;

app.get('/auth/callback', async (req, res) => {
  try {
    const issuer = await Issuer.discover(openIdConfigUrl);
    const client = new issuer.Client({
      client_id: clientId,
      redirect_uris: [redirectUri],
    });

    if (!req.query.code) {
      // Generate and store PKCE code_verifier and code_challenge
      const codeVerifier = generators.codeVerifier();
      req.session.codeVerifier = codeVerifier;
      const codeChallenge = generators.codeChallenge(codeVerifier);

      // Initial authorization request with PKCE parameters
      const authorizationUrl = client.authorizationUrl({
        scope: 'openid',
        response_type: 'code',
        code_challenge: codeChallenge,
        code_challenge_method: 'S256',
        nonce: generators.nonce(),
      });

      res.redirect(authorizationUrl);
    } else {
      // Token exchange request with PKCE parameters
      const params = client.callbackParams(req);
      const tokenSet = await client.callback(redirectUri, params, {
        code_verifier: req.session.codeVerifier,
        response_type: 'code',
        token_endpoint_auth_method: 'none',
      });

      // Store the access token in the session or use it as needed
      const accessToken = tokenSet.access_token;
      console.log('Access token:', accessToken);

      // Call the API using the access token
      const apiUrl = 'https://api.example.com/data';
      const headers = {
        Authorization: `Bearer ${accessToken}`,
      };

      axios.get(apiUrl, { headers })
        .then(response => {
          // Process the API response and send it back to the client
          res.json(response.data);
        })
        .catch(error => {
          console.error('API request error:', error);
          res.status(500).send('API request error');
        });
    }
  } catch (error) {
    console.error('Authentication error:', error);
    res.status(500).send('Authentication error');
  }
});

app.listen(port, () => {
  console.log(`Server running on port ${port}`);
});

如果您有任何关于如何修复此错误的见解或建议,我将不胜感激。预先感谢您的帮助!

node.js single-sign-on openid-connect openid openid-provider
2个回答
0
投票

我在尝试使用

authorization_code
流时遇到了同样的错误,其中不涉及
client_secret
参数。为了解决我的情况,我在客户端创建中使用了参数
token_endpoint_auth_method
设置为“none”:

  const authServer = await Issuer.discover(AUTH_SERVER_BASE_URL);
  const client = new authServer.Client({
    client_id: CLIENT_ID,
    response_types: ["code"],
    redirect_uris: [REDIRECT_URI],
    token_endpoint_auth_method: "none"
  });

0
投票

我也有同样的问题。找不到解决办法

© www.soinside.com 2019 - 2024. All rights reserved.