diff --git a/lib/src/core/authentication-core.ts b/lib/src/core/authentication-core.ts index 292a4205..8b74cca9 100644 --- a/lib/src/core/authentication-core.ts +++ b/lib/src/core/authentication-core.ts @@ -165,27 +165,27 @@ export class AuthenticationCore { sessionState && (await this._dataLayer.setSessionDataParameter( SESSION_STATE as keyof SessionData, sessionState, userID)); - const body: string[] = []; + const body: URLSearchParams = new URLSearchParams(); - body.push(`client_id=${ configData.clientID }`); + body.set("client_id", configData.clientID); if (configData.clientSecret && configData.clientSecret.trim().length > 0) { - body.push(`client_secret=${ configData.clientSecret }`); + body.set("client_secret", configData.clientSecret); } const code: string = authorizationCode; - body.push(`code=${ code }`); + body.set("code", code); - body.push("grant_type=authorization_code"); - body.push(`redirect_uri=${ configData.signInRedirectURL }`); + body.set("grant_type", "authorization_code"); + body.set("redirect_uri", configData.signInRedirectURL); if (configData.enablePKCE) { - body.push( - `code_verifier=${ await this._dataLayer.getTemporaryDataParameter( + body.set( + "code_verifier", `${await this._dataLayer.getTemporaryDataParameter( AuthenticationUtils.extractPKCEKeyFromStateParam(state), userID - ) }` + )}` ); await this._dataLayer.removeTemporaryDataParameter( @@ -198,7 +198,7 @@ export class AuthenticationCore { try { tokenResponse = await fetch(tokenEndpoint, { - body: body.join("&"), + body: body, credentials: configData.sendCookiesInRequests ? FetchCredentialTypes.Include : FetchCredentialTypes.SameOrigin,