fix: decode oidc client_secret before token exchange

This commit is contained in:
ZacharyZcR
2026-05-13 14:56:45 +08:00
parent ec87f8a4d1
commit 51d469008c
+12
View File
@@ -949,6 +949,18 @@ router.get("/oidc/callback", async (req, res) => {
config = JSON.parse(
(configRow as Record<string, unknown>).value as string,
);
if (config.client_secret?.startsWith("encrypted:")) {
config.client_secret = Buffer.from(
config.client_secret.substring(10),
"base64",
).toString("utf8");
} else if (config.client_secret?.startsWith("encoded:")) {
config.client_secret = Buffer.from(
config.client_secret.substring(8),
"base64",
).toString("utf8");
}
}
const tokenResponse = await fetch(config.token_url, {