Merge branch 'master' of https://github.com/dbgate/dbgate

2024-11-07 12:13:57 +00:00 · 2024-10-02 10:43:32 +02:00 · 2024-10-02 10:43:32 +02:00 · c9da9bdd23
commit c9da9bdd23
parent 8a1e717c1b 9520b053af
1 changed files with 9 additions and 2 deletions
--- a/packages/api/src/auth/authProvider.js
+++ b/packages/api/src/auth/authProvider.js
@ -83,9 +83,16 @@ class OAuthProvider extends AuthProviderBase {
      )}&client_id=${process.env.OAUTH_CLIENT_ID}&client_secret=${process.env.OAUTH_CLIENT_SECRET}${scopeParam}`
    );

-    const { access_token, refresh_token } = resp.data;
+    const { access_token, refresh_token, id_token } = resp.data;

-    const payload = jwt.decode(access_token);
+    var payload = jwt.decode(access_token);
+
+    // Fallback to id_token in case the access_token is not a JWT
+    // https://www.oauth.com/oauth2-servers/access-tokens/
+    // https://github.com/dbgate/dbgate/issues/727
+    if (!payload && id_token) {
+      payload = jwt.decode(id_token);
+    }

    logger.info({ payload }, 'User payload returned from OAUTH');