feat(auth): OAuth2 access_token in GET query string in userInfoURL (#5188)
This commit is contained in:
parent
a647626a51
commit
de151031ea
@ -37,7 +37,7 @@ module.exports = {
|
|||||||
})
|
})
|
||||||
|
|
||||||
client.userProfile = function (accesstoken, done) {
|
client.userProfile = function (accesstoken, done) {
|
||||||
this._oauth2._useAuthorizationHeaderForGET = true
|
this._oauth2._useAuthorizationHeaderForGET = !conf.useQueryStringForAccessToken
|
||||||
this._oauth2.get(conf.userInfoURL, accesstoken, (err, data) => {
|
this._oauth2.get(conf.userInfoURL, accesstoken, (err, data) => {
|
||||||
if (err) {
|
if (err) {
|
||||||
return done(err)
|
return done(err)
|
||||||
|
@ -64,3 +64,9 @@ props:
|
|||||||
title: Scope
|
title: Scope
|
||||||
hint: (optional) Application Client permission scopes.
|
hint: (optional) Application Client permission scopes.
|
||||||
order: 10
|
order: 10
|
||||||
|
useQueryStringForAccessToken:
|
||||||
|
type: Boolean
|
||||||
|
default: false
|
||||||
|
title: Pass access token via GET query string to User Info Endpoint
|
||||||
|
hint: (optional) Pass the access token in an `access_token` parameter attached to the GET query string of the User Info Endpoint URL. Otherwise the access token will be passed in the Authorization header.
|
||||||
|
order: 11
|
||||||
|
Loading…
Reference in New Issue
Block a user