科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>javascript - Module passport-oauth2 in nodej.js: extra parameters to be included in the authorization request - Stack Overflow

    javascript - Module passport-oauth2 in nodej.js: extra parameters to be included in the authorization request - Stack Overflow

    programmeradmin0浏览0评论

    I have a problem with implementing an Oauth2 authentication in node.js application where I need to add one extra parameter in the authorization request, but the module simply ignores the "unknown" parameters.

    My code is attached below. The parameter being ignored is APIName.

    var OAuth2Strategy = require('passport-oauth2').Strategy;

// load the auth variables
var configAuth = require('./auth');

module.exports = function(passport) {

    passport.use('ihealth', new OAuth2Strategy({
            authorizationURL: ':8443/OpenApiV2/OAuthv2/userauthorization/',
            tokenURL: ':8443/OpenApiV2/OAuthv2/userauthorization/',
            clientID: configAuth.iHealthAuth.clientID,
            clientSecret: configAuth.iHealthAuth.clientSecret,
            callbackURL: configAuth.iHealthAuth.callbackURL,
            APIName : 'OpenApiActivity'
        },
        function(token, refreshToken, profile, done) {

            // ...

        }
    ));
};

    The reason that I know APIName is being ignored, is that I see the URL in the browser:

    :8443/OpenApiV2/OAuthv2/userauthorization/?response_type=code&redirect_uri=SOMEREDIRECTURI&client_id=SOMECLIENTID

    I am wondering how to enable adding extra parameters to the authorization request? Maybe by overriding the function OAuth2Strategy.prototype.authorizationParams in node_modules/passport_oauth2/lib/strategy.js, which looks like this in the donwloaded file:

    /**
 * Return extra parameters to be included in the authorization request.
 *
 * Some OAuth 2.0 providers allow additional, non-standard parameters to be
 * included when requesting authorization.  Since these parameters are not
 * standardized by the OAuth 2.0 specification, OAuth 2.0-based authentication
 * strategies can overrride this function in order to populate these parameters
 * as required by the provider.
 *
 * @param {Object} options
 * @return {Object}
 * @api protected
 */
OAuth2Strategy.prototype.authorizationParams = function(options) {
  return {};
};

    I have a problem with implementing an Oauth2 authentication in node.js application where I need to add one extra parameter in the authorization request, but the module simply ignores the "unknown" parameters.

    My code is attached below. The parameter being ignored is APIName.

    var OAuth2Strategy = require('passport-oauth2').Strategy;

// load the auth variables
var configAuth = require('./auth');

module.exports = function(passport) {

    passport.use('ihealth', new OAuth2Strategy({
            authorizationURL: 'https://api.ihealthlabs.:8443/OpenApiV2/OAuthv2/userauthorization/',
            tokenURL: 'https://api.ihealthlabs.:8443/OpenApiV2/OAuthv2/userauthorization/',
            clientID: configAuth.iHealthAuth.clientID,
            clientSecret: configAuth.iHealthAuth.clientSecret,
            callbackURL: configAuth.iHealthAuth.callbackURL,
            APIName : 'OpenApiActivity'
        },
        function(token, refreshToken, profile, done) {

            // ...

        }
    ));
};

    The reason that I know APIName is being ignored, is that I see the URL in the browser:

    https://api.ihealthlabs.:8443/OpenApiV2/OAuthv2/userauthorization/?response_type=code&redirect_uri=SOMEREDIRECTURI&client_id=SOMECLIENTID

    I am wondering how to enable adding extra parameters to the authorization request? Maybe by overriding the function OAuth2Strategy.prototype.authorizationParams in node_modules/passport_oauth2/lib/strategy.js, which looks like this in the donwloaded file:

    /**
 * Return extra parameters to be included in the authorization request.
 *
 * Some OAuth 2.0 providers allow additional, non-standard parameters to be
 * included when requesting authorization.  Since these parameters are not
 * standardized by the OAuth 2.0 specification, OAuth 2.0-based authentication
 * strategies can overrride this function in order to populate these parameters
 * as required by the provider.
 *
 * @param {Object} options
 * @return {Object}
 * @api protected
 */
OAuth2Strategy.prototype.authorizationParams = function(options) {
  return {};
};
    • javascript
    • node.js
    • oauth-2.0
    Share Improve this question asked Sep 2, 2015 at 16:00 JackONeillJackONeill 1231 silver badge9 bronze badges
    Add a ment  | 

    2 Answers 2

    Reset to default 8

    You can override OAuth2Strategy.prototype.authorizationParams as follows

     var myStrategy = new OAuth2Strategy({
        authorizationURL: 'https://api.ihealthlabs.:8443/OpenApiV2/OAuthv2/userauthorization/',
        tokenURL: 'https://api.ihealthlabs.:8443/OpenApiV2/OAuthv2/userauthorization/',
        clientID: configAuth.iHealthAuth.clientID,
        clientSecret: configAuth.iHealthAuth.clientSecret,
        callbackURL: configAuth.iHealthAuth.callbackURL
    },
    function(token, refreshToken, profile, done) {
        // ...
    });

    myStrategy.authorizationParams = function(options) {
      return {
        APIName : 'OpenApiActivity'
      };
    };

    passport.use('ihealth',myStrategy);

    For Microsoft ADFS OAuth 2, this can be used to add the required source parameter; if one wants the callback to include some specific value too, then add the state parameter.

    The options in function(options) can be set when calling passport.authenticate:

    router.get('/auth', passport.authenticate('ihealth', {time: Date.now()}));

    In this time I managed to find a workaround. Maybe it will help someone with a similar problem.

    For the solution I didn't use the well known modules such as passport-oauth2 or simple-oauth2, but just the modules querystring for building the request URL and the module request for making the HTTP calls.

    Example:

    var express = require('express');
var router = express.Router();
var request = require('request');
var qs = require('querystring');
var configAuth = require('../config/auth');

var authorization_url_site = configAuth.iHealthAuth.authorizationSite;
var authorization_url_params = {
    response_type : 'code',
    client_id: configAuth.iHealthAuth.clientID,
    redirect_uri: configAuth.iHealthAuth.callbackURL,
    APIName : configAuth.iHealthAuth.APIName
};
var authorization_uri = authorization_url_site + '?' + qs.stringify(authorization_url_params);

var token_url_site = configAuth.iHealthAuth.tokenSite;
var token_url_params = {
    grant_type : 'authorization_code',
    client_id: configAuth.iHealthAuth.clientID,
    client_secret: configAuth.iHealthAuth.clientSecret,
    redirect_uri: configAuth.iHealthAuth.callbackURL,
    code: req.query.code
};
var token_uri = token_url_site + '?' + qs.stringify(token_url_params);

// Initial page redirecting to the login page
router.route('/auth')
    .get(function (req, res) {
            res.redirect(authorization_uri);
    });

// Callback service parsing the authorization token and asking for the access token
router.route('/')
    .get(function(req, res) {

        request(token_uri, function(err, response, body) {
                if(err) {
                    throw err;
                } else {
                    var data = JSON.parse(body);
                    // save token to database or file
                    saveToken(data);
                }
            });
        });
    });

module.exports = router;
    继续浏览有关 的文章

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论