chore: make pkce easier to test

2026-03-13 08:43:15 +08:00 · 2025-10-10 10:41:07 +02:00
parent d45be63fe0
commit 8fbc38be3f
3 changed files with 20 additions and 14 deletions
--- a/backend/flow_api/flow/shared/action_thirdparty_oauth.go
+++ b/backend/flow_api/flow/shared/action_thirdparty_oauth.go
@@ -3,8 +3,6 @@ package shared
 import (
 	"cmp"
 	"fmt"
-	"github.com/teamhanko/hanko/backend/v2/utils"
-	"net/http"
 	"slices"

 	"github.com/teamhanko/hanko/backend/v2/config"
@@ -103,18 +101,18 @@ func (a ThirdPartyOAuth) Execute(c flowpilot.ExecutionContext) error {
 	//	SameSite: http.SameSiteLaxMode,
 	// })

-	cookie := &http.Cookie{
-		Name:     utils.HankoThirdpartyStateCookie,
-		Value:    string(state),
-		Path:     "/",
-		Domain:   deps.Cfg.Session.Cookie.Domain,
-		MaxAge:   300,
-		Secure:   true,
-		HttpOnly: deps.Cfg.Session.Cookie.HttpOnly,
-		SameSite: http.SameSiteNoneMode,
-	}
+	//cookie := &http.Cookie{
+	//	Name:     utils.HankoThirdpartyStateCookie,
+	//	Value:    string(state),
+	//	Path:     "/",
+	//	Domain:   deps.Cfg.Session.Cookie.Domain,
+	//	MaxAge:   300,
+	//	Secure:   true,
+	//	HttpOnly: deps.Cfg.Session.Cookie.HttpOnly,
+	//	SameSite: http.SameSiteNoneMode,
+	//}

-	deps.HttpContext.SetCookie(cookie)
+	//deps.HttpContext.SetCookie(cookie)

 	if err = c.Payload().Set("redirect_url", authCodeUrl); err != nil {
 		return fmt.Errorf("failed to set redirect_url to payload: %w", err)
--- a/frontend/elements/src/pages/LoginInitPage.tsx
+++ b/frontend/elements/src/pages/LoginInitPage.tsx
@@ -115,9 +115,13 @@ const LoginInitPage = (props: Props) => {
    event.preventDefault();
    setSelectedThirdPartyProvider(name);

+    const codeVerifier = crypto.randomUUID();
+    localStorage.setItem("code_verifier", codeVerifier);
+
    const nextState = await flowState.actions.thirdparty_oauth.run({
      provider: name,
      redirect_to: window.location.toString(),
+      code_verifier: codeVerifier,
    });

    if (nextState.error) {
--- a/frontend/frontend-sdk/src/lib/flow-api/auto-steps.ts
+++ b/frontend/frontend-sdk/src/lib/flow-api/auto-steps.ts
@@ -90,7 +90,11 @@ export const autoSteps: AutoSteps = {

    if (token?.length > 0) {
      updateUrl(["hanko_token"]);
-      return await state.actions.exchange_token.run({ token });
+      const codeVerifier = localStorage.getItem("code_verifier");
+      return await state.actions.exchange_token.run({
+        token,
+        code_verifier: codeVerifier,
+      });
    }

    if (error?.length > 0) {