oidc-client-js double encoding acr_values?

843 Views Asked by jefftrotman At 19 October 2024 at 21:56

I'm using oidc-client-js in an Angular application and would like to use the acr_values to pass an IDP value to Identity Server 4. (Identity Server is our primary token service, but we have configured it to use Okta as an external provider for one tenant of the application.)

Setting the value like this in Angular:

this.userManager = new UserManager({
      authority: environment.stsAuthority,
      client_id: window.location.hostname,
      acr_values: 'ipd:oktatest',
      ...

The generated URL contains %26acr_values%3Dipd%253Aoktatest which is what you get if you URL encode idp:oktatest twice.

If I manually change the URL to %26acr_values%3Didp%3Aoktatest it works as expected. (It's hard to pick up on the difference but the % sign in %3A between ipd and okta becomes %25 when it's double encoded.)

Am I doing something wrong? Is this a bug? Is there a better way to specify the value of acr_values in the Angular code?

Original Q&A

There are 1 best solutions below

Shahar Shokrani On 07 September 2020 at 11:40

You can try this workaround by defining the acr_values at the level of signinRedirect:

this.options.acr_values = 'ipd:oktatest';
this.userManager.signinRedirect(this.options);

this.userManager = new UserManager({
    authority: environment.stsAuthority,
    client_id: window.location.hostname,
    ...});

oidc-client-js double encoding acr_values?

There are 1 best solutions below

Related Questions in IDENTITYSERVER4

Related Questions in OIDC-CLIENT-JS

Trending Questions

Popular # Hahtags

Popular Questions