if client secret is provided, do not pass in code challenge

SalesforceCommerceCloud · Sep 16, 2024 · 9b73db4 · 9b73db4
1 parent 6eb9175
commit 9b73db4
Showing 1 changed file with 12 additions and 5 deletions.
diff --git a/src/static/helpers/IDPLoginHelper.ts b/src/static/helpers/IDPLoginHelper.ts
@@ -43,11 +43,18 @@ async function loginIDPUser(
 ): Promise<TokenResponse> {
   const codeVerifier = createCodeVerifier();
 
-  const authResponse = await authorize(slasClient, codeVerifier, {
-    redirectURI: parameters.redirectURI,
-    hint: parameters.hint,
-    ...(parameters.usid && {usid: parameters.usid}),
-  });
+  const privateClient = !!credentials.clientSecret;
+
+  const authResponse = await authorize(
+    slasClient,
+    codeVerifier,
+    {
+      redirectURI: parameters.redirectURI,
+      hint: parameters.hint,
+      ...(parameters.usid && {usid: parameters.usid}),
+    },
+    privateClient
+  );
 
   const tokenBody: TokenRequest = {
     client_id: slasClient.clientConfig.parameters.clientId,