Infrastructure/logto
0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-30 20:33:54 -05:00
Code Issues Activity
logto/.changeset/serious-geese-admire.md
simeng-li 458746c9ac
fix(core): fix azure oidc sso connector authorization error (#5912) 
* fix(core): fix azure oidc sso connector authorization error

fix azure oidc sso connector authorization error

* chore: add changeset

add changeset

* chore: update changeset

update changeset

* fix(core): dynamicly verify multi-tenant azure oidc issuer

dynamicly verify multi-tenant azure oidc issuer
2024-05-29 13:30:56 +08:00

828 B
Raw Blame History

@logto/core
patch

fix Microsoft EntraID OIDC SSO connector invalid authorization code response bug

  • For public organizations access EntraID OIDC applications, the token endpoint returns expires_in value type in number.
  • For private organization access only applications, the token endpoint returns expires_in value type in string.
  • Expected expires_in value type is number. (See v2-oauth2-auth-code-flow for reference)

String type expires_in value is not supported by the current Microsoft EntraID OIDC connector, a invalid authorization response error will be thrown. Update the token response guard to handle both number and string type expires_in value. Make the SSO connector more robust.