OAuth2 code flow example doesn't work ootb after recent PR#17 #24
Description
The last merged PR added the requirement that the token endpoint's response must contain an id token (i.e. id_token property in the JSON response from Volvo's authorization server), but right now this doesn't happen.
The auth. server response only contains something like this:
{
access_token: 'eyJhbGciOiJSUzI1NiIsImtpZCI6InZJMUNiZVBNaWNfajBVUzdHMnM0bXhaRHgwNF9SUzI1NiIsInBpLmF0bSI6InpzZnYifQ.eyJzY29wZSI6ImNvbnZlOmJhdHRlcnlfY2hhcmdlX2xldmVsIiwiY2xpZW50X2lkIjoidzltYnNkaDR5UTZiSnJDRnUzaFdFMGZtR2VxWiIsImdybnRpZCI6InIwZ2ZvMG1RbjJFeFVWS1pheEw0Z3MzNThFZkx0NXZRIiwiaXNzIjoiaHR0cHM6Ly92b2x2b2lkLmV1LnZvbHZvY2Fycy5jb20iLCJpYXQiOjE3NTI2NzEyOTAsImp0aSI6InYwa2JLSnc3dUI0SkU3ZzdCZWJaeTYiLCJtYXJrZXQiOiJIVSIsImF1ZCI6Inc5bWJzZGg0eVE2YkpyQ0Z1M2hXRTBmbUdlcVoiLCJmaXJzdE5hbWUiOiJKb2huIiwibGFzdE5hbWUiOiJEb2UiLCJzdWIiOiI1YTI3NTE5Mi05MzcyLTQ4NzItOGZlZC1hZWE3YTg1ZjllZWIiLCJwaS5zcmkiOiI5ZjFnLTNCRHhDX0ZpcjRIbzk1WklrZDgwRHcuLmU2ZkkuNGc2VVJmNDlEZ2pxTUY5NUZPUzM5RmZWMyIsInVzZXJOYW1lIjoiam9obi5kb2VAZXhhbXBsZS5jb20iLCJlbWFpbCI6ImpvaG4uZG9lQGV4YW1wbGUuY29tIiwiZXhwIjoxNzUyNjcxNTkwfQ.ed7w95BEABjxNURRRWW5UQAM8TmW8C7iinfJ6SHeJ8ojTBaUpSUgmT5pHA-D3TM3iIEwmbPPk1vT6c9CBTKApog-DM080lduK-rF03MuAz19fLcHNVl968hotWlJv7Adm4eEtKWL2pEG0krt785NDyXI-ySUAIVlcJMgo79mZBhYKK5_2BASDH2ncUqk8mkHq9bTOsQJgBT69JluUlp9NWkMK8-5_kHgJ7LC7SGODr-eOGlgQktD3fiRZd2yYidiQ8h5J5zK-k30pQgVrNkE2I06nfi2sHla9CO70tt1RW3XfF7diMxxT1bHVzgQ-W-NqRdnVLqyK0oEsqQ6-p_01A',
refresh_token: '2WyWF8VTeHutPVAjf1OuXbpfRxmHkWquIea1IDtnC1',
token_type: 'bearer',
expires_in: 299
}
The current code (server.js) produces the following error message upon receiving the auth. server response:
authorizationCodeGrant request failed with error: ClientError: invalid response encountered
at e (file:///home/sampleuser/developer-portal-api-samples/oauth2-code-flow-sample/node_modules/openid-client/build/index.js:71:12)
at errorHandler (file:///home/sampleuser/developer-portal-api-samples/oauth2-code-flow-sample/node_modules/openid-client/build/index.js:94:23)
at Module.authorizationCodeGrant (file:///home/sampleuser/developer-portal-api-samples/oauth2-code-flow-sample/node_modules/openid-client/build/index.js:681:9)
at process.processTicksAndRejections (node:internal/process/task_queues:105:5)
at async file:///home/sampleuser/developer-portal-api-samples/oauth2-code-flow-sample/server.js:135:22 {
code: 'OAUTH_INVALID_RESPONSE',
[cause]: OperationProcessingError: "response" body "id_token" property must be a string
at OPE (file:///home/sampleuser/developer-portal-api-samples/oauth2-code-flow-sample/node_modules/oauth4webapi/build/index.js:92:12)
at assertString (file:///home/sampleuser/developer-portal-api-samples/oauth2-code-flow-sample/node_modules/oauth4webapi/build/index.js:207:19)
at processAuthorizationCodeOpenIDResponse (file:///home/sampleuser/developer-portal-api-samples/oauth2-code-flow-sample/node_modules/oauth4webapi/build/index.js:1333:5)
at process.processTicksAndRejections (node:internal/process/task_queues:105:5)
at async Module.authorizationCodeGrant (file:///home/sampleuser/developer-portal-api-samples/oauth2-code-flow-sample/node_modules/openid-client/build/index.js:670:18)
at async file:///home/sampleuser/developer-portal-api-samples/oauth2-code-flow-sample/server.js:135:22 {
code: 'OAUTH_INVALID_RESPONSE',
[cause]: { body: [Object] }
}
}
Changing idTokenExpected: true, to idTokenExpected: false, (or simply removing this parameter) fixes the issue.