Hi all,
I am working on an authentication implementation for our VueJs frontend and Hydra. I am using the nuxtjs oauth2 module (https://auth.nuxtjs.org/#getting-started) and its coming along pretty well, but I have a question. I have a login view with the username and password fields. When I don’t fill the fields or give them a wrong input, Hydra still returns me a code/token.
Here is my settings from the nuxt.config.js file:
auth: {
strategies: {
hydra: {
_scheme: "oauth2",
authorization_endpoint: "http://localhost:4444/oauth2/auth",
userinfo_endpoint: "http://localhost:4444/userinfo",
access_token_endpoint: "http://localhost:4444/oauth2/token",
scope: ["openid"],
response_type: "code",
redirect_uri: "http://localhost:4000",
client_id: "reaction-admin",
token_key: "id_token",
grant_type: "authorization_token",
state: "UNIQUE_AND_NON_GUESSABLE",
token_endpoint_auth_method: "client_secret_post",
},
},
},
After some more debugging and testing, I found out I needed to include the “token_endpoint_auth_method”: “client_secret_post”
in the client to make it ‘work’.
Now I’m at the point where I receive a login_challenge
token via the url call.
What I don’t get is how to use this and how to make a full request with username and password to receive a correct token
.
Can anyone help me understand how to make an API request using a custom login form?