From 477df7a3d4f8a68f2efff40e4fb157bc34248d7f Mon Sep 17 00:00:00 2001 From: nihal-deriv Date: Mon, 7 Oct 2024 08:30:29 +0000 Subject: [PATCH 1/4] updated token exchange endpoint to support both client_secret and code_verifier --- lib/WebService/Hydra/Client.pm | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/lib/WebService/Hydra/Client.pm b/lib/WebService/Hydra/Client.pm index d96701d..a37b9c2 100644 --- a/lib/WebService/Hydra/Client.pm +++ b/lib/WebService/Hydra/Client.pm @@ -282,17 +282,22 @@ Exchanges the authorization code with Hydra service for access and ID tokens. =cut -method exchange_token ($code, $client_id, $client_secret, $redirect_uri) { +method exchange_token ($args) { my $method = "POST"; my $path = "$public_endpoint/oauth2/token"; my $grant_type = "authorization_code"; my $payload = { - code => $code, + code => $args->{code}, grant_type => $grant_type, - client_id => $client_id, - client_secret => $client_secret, - redirect_uri => $redirect_uri + client_id => $args->{client_id}, + redirect_uri => $args->{redirect_uri} }; + if($args->{client_secret}){ + $payload->{client_secret} = $args->{client_secret}; + } + if($args->{code_verifier}){ + $payload->{code_verifier} = $args->{code_verifier}; + } my $result = $self->api_call($method, $path, $payload, 'FORM'); if ($result->{code} != OK_STATUS_CODE) { WebService::Hydra::Exception::TokenExchangeFailed->new( From 4c6dca6c5f67e19d9de4d4c33c92ff0ff4421a60 Mon Sep 17 00:00:00 2001 From: nihal-deriv Date: Mon, 7 Oct 2024 09:50:46 +0000 Subject: [PATCH 2/4] updated as per comments --- lib/WebService/Hydra/Client.pm | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/lib/WebService/Hydra/Client.pm b/lib/WebService/Hydra/Client.pm index a37b9c2..a82af95 100644 --- a/lib/WebService/Hydra/Client.pm +++ b/lib/WebService/Hydra/Client.pm @@ -282,22 +282,14 @@ Exchanges the authorization code with Hydra service for access and ID tokens. =cut -method exchange_token ($args) { +method exchange_token ($exchange_payload) { my $method = "POST"; my $path = "$public_endpoint/oauth2/token"; my $grant_type = "authorization_code"; my $payload = { - code => $args->{code}, - grant_type => $grant_type, - client_id => $args->{client_id}, - redirect_uri => $args->{redirect_uri} + grant_type => 'authorization_code', + $exchange_payload->%* }; - if($args->{client_secret}){ - $payload->{client_secret} = $args->{client_secret}; - } - if($args->{code_verifier}){ - $payload->{code_verifier} = $args->{code_verifier}; - } my $result = $self->api_call($method, $path, $payload, 'FORM'); if ($result->{code} != OK_STATUS_CODE) { WebService::Hydra::Exception::TokenExchangeFailed->new( From dbc146e7c4ba01a3b0b015e597205cd06d87cf08 Mon Sep 17 00:00:00 2001 From: nihal-deriv Date: Mon, 7 Oct 2024 09:53:26 +0000 Subject: [PATCH 3/4] removed unused variables --- lib/WebService/Hydra/Client.pm | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/WebService/Hydra/Client.pm b/lib/WebService/Hydra/Client.pm index a82af95..8cb503c 100644 --- a/lib/WebService/Hydra/Client.pm +++ b/lib/WebService/Hydra/Client.pm @@ -285,7 +285,6 @@ Exchanges the authorization code with Hydra service for access and ID tokens. method exchange_token ($exchange_payload) { my $method = "POST"; my $path = "$public_endpoint/oauth2/token"; - my $grant_type = "authorization_code"; my $payload = { grant_type => 'authorization_code', $exchange_payload->%* From a86926f32ffd3bf07d3c91d48c0821190a2ab4a0 Mon Sep 17 00:00:00 2001 From: nihal-deriv Date: Mon, 7 Oct 2024 09:56:59 +0000 Subject: [PATCH 4/4] logged the new changes --- Changes | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Changes b/Changes index 839a83c..cbf1eac 100644 --- a/Changes +++ b/Changes @@ -1,5 +1,5 @@ {{$NEXT}} - + - Updated `exchange_token` to support caller payload 0.002 2024-10-02 22:21:04+00:00 UTC - Bug fix in `validate_token` and `validate_id_token` methods.