Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Feature request: add `additionalFormParams` to `authConfigs`

See original GitHub issue

In oauth2-authorize.js the additionalQueryStringParams property is used from the authConfigs object in order to add custom query string parameters to an authentication request.

Could we get a similar additionalFormParams property added that could then be passed to the authActions via method params or a property? That would allow actions.js to add custom form properties as it’s building the form data string.

Reason: We’re trying to use Swagger-UI (via Swashbuckle.AspNetCore) to authenticate with Auth0. It has the right mix of params for the implicit grant type, but we’re finding that client_credentials and password out-of-the-box body params passed aren’t meeting Auth0’s requirements. For example: when trying to use client_credentials, Auth0 requires audience in the body, but swagger-ui only passes grant_type and scope. Adding audience to the query string params doesn’t cut it. This is where people are talking about getting the “Non-global clients are not allowed access to APIv1” error from Auth0.

If we had a similar way to add custom form/body params like we do query string params, it would make life easier.

Cross-post side note: ideally the Swashbuckle.AspNetCore library could then add another extension method similar to OAuthAdditionalQueryStringParams that would feed those values through in a similar way.

Auth0 Reference:

Issue Analytics

  • State:open
  • Created 4 years ago
  • Reactions:26
  • Comments:21

github_iconTop GitHub Comments

12reactions
LandryDubuscommented, May 20, 2020

Any updates on this issue? I am using Swagger-net (.NET package that provides Swagger-UI using Open Api 2.0 specification for .NET Full Framework 4.8) and I am still getting this issue where the audience parameter is missing in the request body for the token endpoint in order for auth0 to allow clientCredentials grant.

2reactions
altescapecommented, Mar 30, 2021

It would be useful to add a way to be able to use Auth0’s non-standard way.

In case it helps anyone we’re currently getting around it using the requestInterceptor, here’s an example:

import SwaggerUI from 'swagger-ui'

const audience = 'me'

const ui = SwaggerUI({
  url: 'https://example.com/api.yaml',
  dom_id: '#swaggerUI',
  requestInterceptor: (request) => {
    if (request.url.includes('oauth/token')) {
      return {
        ...request,
        body: `${request.body}${audience}`
      }
    } else {
      return request
    }
  }
})
Read more comments on GitHub >

github_iconTop Results From Across the Web

Feature request: add `additionalFormParams` to `authConfigs` -
In oauth2-authorize.js the additionalQueryStringParams property is used from the authConfigs object in order to add custom query string parameters to an ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Swagger-ui does not hide readOnly nested object from example body

Next page

GET request do not allow a body