I am encountering an error message while working with a client authentication method. The error message I am receiving is:
"TypeError: client_secret_basic client authentication method requires a client_secret."
I am not sure how to resolve this issue, as it seems to be related to the authentication process. Here is the relevant code snippet:
const express = require('express');
const session = require('express-session');
const { Issuer, generators } = require('openid-client');
const axios = require('axios');
const app = express();
const port = 3000;
app.use(session({
secret: 'f06549ea-282a-4096-a3b4-d123bc881a00',
resave: false,
saveUninitialized: true,
}));
// Load environment variables
require('dotenv').config();
// OpenID Connect configuration
const azureTenantId = process.env.AZURE_TENANT_ID;
const clientId = process.env.CLIENT_ID;
const redirectUri = process.env.REDIRECT_URI;
const openIdConfigUrl = `https://login.microsoftonline.com/${azureTenantId}/v2.0/.well-known/openid-configuration`;
app.get('/auth/callback', async (req, res) => {
try {
const issuer = await Issuer.discover(openIdConfigUrl);
const client = new issuer.Client({
client_id: clientId,
redirect_uris: [redirectUri],
});
if (!req.query.code) {
// Generate and store PKCE code_verifier and code_challenge
const codeVerifier = generators.codeVerifier();
req.session.codeVerifier = codeVerifier;
const codeChallenge = generators.codeChallenge(codeVerifier);
// Initial authorization request with PKCE parameters
const authorizationUrl = client.authorizationUrl({
scope: 'openid',
response_type: 'code',
code_challenge: codeChallenge,
code_challenge_method: 'S256',
nonce: generators.nonce(),
});
res.redirect(authorizationUrl);
} else {
// Token exchange request with PKCE parameters
const params = client.callbackParams(req);
const tokenSet = await client.callback(redirectUri, params, {
code_verifier: req.session.codeVerifier,
response_type: 'code',
token_endpoint_auth_method: 'none',
});
// Store the access token in the session or use it as needed
const accessToken = tokenSet.access_token;
console.log('Access token:', accessToken);
// Call the API using the access token
const apiUrl = 'https://api.example.com/data';
const headers = {
Authorization: `Bearer ${accessToken}`,
};
axios.get(apiUrl, { headers })
.then(response => {
// Process the API response and send it back to the client
res.json(response.data);
})
.catch(error => {
console.error('API request error:', error);
res.status(500).send('API request error');
});
}
} catch (error) {
console.error('Authentication error:', error);
res.status(500).send('Authentication error');
}
});
app.listen(port, () => {
console.log(`Server running on port ${port}`);
});
I would appreciate any insights or suggestions on how to fix this error. Thank you in advance for your help!
I've faced the same error trying to use authorization_code flow, in which have no client_secret parameter involved. To resolve in my case, I've used the parameter token_endpoint_auth_method set to 'none' in client creation:
const authServer = await Issuer.discover(AUTH_SERVER_BASE_URL);
const client = new authServer.Client({
client_id: CLIENT_ID,
response_types: ["code"],
redirect_uris: [REDIRECT_URI],
token_endpoint_auth_method: "none"
});