1 | initial version |
To modify the OAuth flow in httr2 to utilize idtoken instead of accesstoken, you need to make the following changes:
Update the authorization endpoint to include the OpenID Connect scope (openid
). This scope is required to request an id_token.
Set the response_type
parameter in the authorization request to code id_token
.
Request the id_token
parameter in the token request.
Verify the id_token
received from the token endpoint to ensure its authenticity.
Here is an example code snippet:
```{r} library(httr)
authurl <- "https://example.com/oauth2/authorize" tokenurl <- "https://example.com/oauth2/token" clientid <- "yourclientid" clientsecret <- "yourclientsecret" redirect_uri <- "https://localhost:1410"
myapp <- oauthapp("myapp", key = clientid, secret = clientsecret, redirecturi = redirect_uri)
authparams <- list(scope = "openid", responsetype = "code idtoken", redirecturi = redirect_uri, state = "myapp")
authurl <- oauth2.0authorizeurl(myapp, authurl, auth_params)
tokenparams <- list(granttype = "authorizationcode", redirecturi = redirecturi, code = "yourauthorizationcodereceivedfromtheredirecturi", id_token = "true")
token <- oauth2.0token(tokenurl, myapp, token_params)
jwt::jwtdecode(token$idtoken)
```