Comments (7)
jasondonnette
commented on August 19, 2024
@skinnyworm Did you find a solution for this? I am working on the same flow, but don't see a place to add in req.user
from authentication-oauth2.
ekryski
commented on August 19, 2024
@jasondonnette @skinnyworm if the user already exists in the system and they authenticate again, it will attempt to update the user. We recently made an update so that it performs a patch to the user service. #20
If you are looking to consolidate social profiles, (ie. they are authenticated but then want to "connect" their social account) then yes they'd have to be logged in first. Due to the nature of OAuth and the number of redirects you have, you'd have to send the JWT as a header and pull it out in middleware or store it in a cookie.
If you have configured the feathers-authentication-jwt module to parse the JWT out of a cookie or you are passing it via the Authorization header then you should be able to use the express authenticate middleware that comes bundled with feathers-authentication to process the JWT and load the user into req.user. It does that for you automatically and works just like passport does in that regard.
Let me know if that does or doesn't help. We've had a few people ask about this and we might need to create an example of how to do this.
from authentication-oauth2.
nsainaney
commented on August 19, 2024
The problem is that this gets called in the callback (e.g. /auth/google/callback) and feathers-authentication-jwt doesn't get a chance to extract the cookie before calling verify. I'm submitting a PR for a possible solution.
from authentication-oauth2.
daffl
commented on August 19, 2024
If you find a solution that would be amazing. This has been a long standing open feature. Let me know if I can help with anything.
from authentication-oauth2.
nsainaney
commented on August 19, 2024
Well, it works (I've tested it) but it feels kinda kludgey. Give me the day to see if I can pretty it up and make it a bit cleaner.
But overall, the problem is that req.user is undefined because OAuth2 callbacks do not include the proper Authorization header and the verifier does not check cookies. A cleaner fix would be to contain the issue in the verifier.
from authentication-oauth2.
nsainaney
commented on August 19, 2024
Ok - I now have a cleaner fix that doesn't require any code changes to existing code
from authentication-oauth2.
daffl
commented on August 19, 2024
With cookies enabled and the existing JWT set as feathers-jwt in the cookie, account linking is now possible with @feathersjs/authentication-jwt@^2.0.0 and @feathersjs/authentication-oauth@^1.2.0. Thank you for the fix @nsainaney!
from authentication-oauth2.
Related Issues (20)
- How to setup a dynamic URL parameters to successRedirect URL HOT 1
- Callback URL problem in production when using oauth HOT 4
- Cannot connect with OAuth2, always getting 404 Not Found Page. HOT 4
- I get Internal server error after I auth with Google authentication HOT 1
- `facebook.profileFields` not works properly HOT 2
- Dependency @feathersjs/express not declared HOT 2
- how to use proxy when call authnetication provider HOT 5
- I got Internal error when I log in with google HOT 1
- JWT Payload is null after app logout HOT 2
- How to pass successUrl from client side? HOT 1
- Deleted
- Confusing in doc of 'OAuth2 Authentication' HOT 2
- Error when save callback payload google login into users service HOT 4
- Restricting certain email domains HOT 1
- Authentication always logging as first user HOT 1
- How to authenticate token from Facebook on Feathers server HOT 3
- JWT sub is always 'anonymous' after using verifier HOT 1
- Cannot use Passport-Google-Token through POST request on /authentication HOT 7
- Entity could be an array? HOT 1
- DefaultVerifier profile id field not configurable HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from authentication-oauth2.