Force to use id_token instead of access_token #405
Description
I need to provide the id_token to my API and not the access_token.
If I override the extensions that create the oauth2 signed request like this:
extension OAuth2Base {
func request(forURL url: URL, cachePolicy: NSURLRequest.CachePolicy = .reloadIgnoringLocalCacheData) -> URLRequest {
var req = URLRequest(url: url, cachePolicy: cachePolicy, timeoutInterval: 20)
try? req.sign(with: self)
return req
}
}
extension URLRequest {
public mutating func sign(with oauth2: OAuth2Base) throws {
guard let idToken = oauth2.clientConfig.idToken, !idToken.isEmpty else {
throw OAuth2Error.noAccessToken
}
setValue("Bearer \(idToken)", forHTTPHeaderField: "Authorization")
}
}
This will work when making oauth2.session requests. However if I use OAuth2DataLoader it works while I have a valid token, but if the OAuth2DataLoader has to request a re-login and it gets a new token, the first request it fires off afterwards uses the access_token.
Is it possible to make it use the id_token instead?