Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
[Bug] EnableTokenAcquisitionToCallDownstreamApi overrides response_type preventing use of hybrid flow
See original GitHub issueWhich version of Microsoft Identity Web are you using? 1.9.1
Where is the issue?
- Web app
- Sign-in users
- [ x] Sign-in users and call web APIs
- Web API
- Protected web APIs (validating tokens)
- Protected web APIs (validating scopes)
- Protected web APIs call downstream web APIs
- Token cache serialization
- In-memory caches
- Session caches
- Distributed caches
- Other (please describe)
Is this a new or an existing app? We’re upgrading our .NET Framework app to .NET 5
Repro
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(options =>
{
Configuration.Bind("AzureAD", options);
options.ResponseType = "code id_token";
}
.EnableTokenAcquisitionToCallDownstreamApi()
.AddDistributedTokenCaches();
Expected behavior The library should respect my choice of ResponseType of “code id_token” or let me override it while configuring TokenAcquisition.
Actual behavior The library overrides OpenIdConnectOptions.ResponseType with “code” and this prevents me from using the advantages of a hybrid flow.
Issue Analytics
- State:
- Created 2 years ago
- Comments:6
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Thanks @vvolodin. We’ll look at this:
As a workaround, I think you can override it by adding (after this code):
@vvolodin added documentation