suimeng
/
honojs-middleware
mirror of https://github.com/honojs/middleware.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

feat(oidc-auth): support empty OIDC client secret

Taras Glek 2025-04-17 09:36:17 +03:00
parent 6c36f525f9
commit 7eee61b808
2 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.changeset/every-pugs-wave.md 100644
View File

@ -0,0 +1,5 @@
---
'@hono/oidc-auth': major
---
Support empty OIDC_CLIENT_SECRET

9
packages/oidc-auth/src/index.ts
View File

@ -167,7 +167,14 @@ export const getClient = (c: Context): oauth2.Client => {
const env = getOidcAuthEnv(c) const env = getOidcAuthEnv(c)
let client = c.get('oidcClient') let client = c.get('oidcClient')
if (client === undefined) { if (client === undefined) {
client = { client =
env.OIDC_CLIENT_SECRET === ''
? {
// No client secret provided, use 'none' auth method
client_id: env.OIDC_CLIENT_ID,
token_endpoint_auth_method: 'none',
}
: {
client_id: env.OIDC_CLIENT_ID, client_id: env.OIDC_CLIENT_ID,
client_secret: env.OIDC_CLIENT_SECRET, client_secret: env.OIDC_CLIENT_SECRET,
token_endpoint_auth_method: 'client_secret_basic', token_endpoint_auth_method: 'client_secret_basic',