This repository has been archived by the owner on Mar 22, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 118
0.8: Token Service errors on token auth using client #254
Comments
marshallswain
added a commit
that referenced
this issue
Aug 1, 2016
ekryski
pushed a commit
that referenced
this issue
Aug 9, 2016
fixed with #255. |
ekryski
added a commit
that referenced
this issue
Nov 16, 2016
* cleaning up dependencies * removing auth redirects and exposing middleware * expanding express middleware * moving what I can in services to setup method * updating dependencies * cleaning up middleware and adding debug logs * cleaning up services and adding debug logs * changing options for populate user hook to conform with other options * cleaning up main index file * fixing lint errors * getting example app working * fixing options for populate user middlware * fixing socket logout emitting * restructuring so you can set hooks to construct your token payload if you want to customize it * Default to a session cookie instead of 1 day * Switch to "user" instead of "data" for the response from auth * Make sure we clear the user out of locals so that you don't end up in a weird state. * Allow passing options when creating a JWT. Used to customize the type of token we want to generate (ie. confirmation, password reset, etc.) * setting version * don't throw an error in the decode token middleware * bump version * clearing cookie if use not found. Setting cookie age to same as JWT * bump version * Don’t mix options when signing tokens (#255) Fixes #254. * Attempt to get token right away. (#252) * Attempt to get token right away. This makes it so that we don’t have to wait for an async response in order to start making authenticated requests. * Also set up localStorage. * fix restrict to owner hook methods. Closes #228 * bump version * cookies should get set regardless of whether it was an xhr request if enabled * bumping version * adding migration guide * reorganizing middleware, hooks and services * updaing mocha * updating migration doc of things left to doc/complete * fixing a bunch of the tests and adding tests for all new middleware * cleaning up client side tests. Still failing * getting all tests passing * updating all middleware to not have default and pull from global config * finished consolidating options * bumping version * adding more details to migration guide * fix typo missing 'd' * Fix typo and simplify wording. * normalize the callbackURL If the callbackURL doesn’t begin with a slash, the Passport `authenticate()` call will mess up the URL depending on the referrer’s url. So if the page is `domain.com/auth/github`, the callback URL will become `domain.com/auth/auth/github`. This normalizes the URL so that relative URLs always begin with a leading slash and absolute URLs don’t get touched. * Make sure the provider plugin name doesn't overwrite the OAuth provider name * consistency: `callbackUrl` should be `callbackURL` * Normalize comparison URL & fix typo This performs the same normalization to the comparison URL for the callback (as is done for the callbackURL). Also fixes typo in callbackUrl, updates it to callbackURL. * Always use service lookup. Previously, we were setting up this._tokenService and this._userService in the `setup` function. This was a problem because not all services are registered by the time `setup` runs. In order to continue to allow the passing of either strings or an actual service object, this PR checks if we only have a string reference to the service stored. If so, it uses the `app.service` method of service lookup before attempting to use the service. This also fixes a problem that was occurring when trying to call this._userService or this._tokenService when this was undefined inside the middleware callbacks. * DRY up the dynamic token and user service lookup. This moves the dynamic service lookup to a function to be a bit more DRY. * OAuth require successRedirect with default successHandler If a successHandler hasn’t been passed, then the default `successHandler` will be used. The `successRedirect` will now be required in that scenario. * First cut for authentication middleware (#305) * First cut for authentication middleware * Fix service methods * Allow passing user service and service name * First cut for authentication middleware (#305) * First cut for authentication middleware * Fix service methods * Allow passing user service and service name * Cookies will match jwt expiry by default. (#308) * Cookies will match jwt expiry by default. * Add missing makeExpiry function. * Store config at `app.config` (#312) * Store config at `app.config` * Use app.set to store config. * Add test. * adding instanbul code coverage * Remove permissions hooks and middleware which will be put into feathers-permissions (#307) * Started implementation of more modularized module structure * Some reorganization * Implement Socket new authentication * More reorganization and start of integration tests * eslint fix * More integration tests and cleanup * reogranizing * Applying latest changes and merging with dev other branch * Socket.io authentication tests and login logout event * Improving socket tests and adding Primus * Some cleanup * Better error verification tests * Implement login and logout events for REST authentication (#325) * Fix tests * wip * first cut of auth working with passport. Clean up and tests to do * fixing event middleware resolution * Keep github together * Keep twitter together * getting tests passing. Still a couple more to do * removing unused hooks for now. May bring some back later * fixing lint errors * removing hashPassword hook. It now lives in feathers-authentication-local * adding a migration guide and new features docs * adding more detail to migration doc * cleaning up dependencies * getting tests passing again * adding some more tests. Implementing chained strategies * cleaning up dependencies * finishing integration tests and handling socket logout timeout * cleaning up example app * fixing up example * updating README * updating API docs
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
On this line: https://github.com/feathersjs/feathers-authentication/blob/0.8/src/services/token.js#L144
If you pass in any of the following combinations, you get an error from the
jsonwebtoken
package:data.iss && options.issuer
data.sub && options.subject
data.exp && options.expiresIn
The text was updated successfully, but these errors were encountered: