Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix Github provider #159

Merged
merged 1 commit into from
Apr 28, 2018
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 4 additions & 3 deletions docs/providers/github.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,8 @@
auth: {
strategies: {
github: {
client_id: '...'
client_id: '...',
client_secret: '...'
},
}
}
Expand All @@ -22,7 +23,7 @@ this.$auth.loginWith('github')

💁 This provider is based on [oauth2 scheme](../schemes/oauth2.md) and supports all scheme options.

### Obtaining `client_id`
### Obtaining `client_id` and `client_secret`

This option is **REQUIRED**. To obtain one, create your app in [Create a new Oauth APP](https://github.com/settings/applications/new) and use provided "Client ID".
This option is **REQUIRED**. To obtain one, create your app in [Create a new Oauth APP](https://github.com/settings/applications/new) and use provided "Client ID" and "Client Secret".

6 changes: 3 additions & 3 deletions lib/providers/_utils.js
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,8 @@ function addAuthorize (strategy) {
// Set response_type to code
strategy.response_type = 'code'

// Json parser
const jsonMiddleware = bodyParser.json()
// Form data parser
const formMiddleware = bodyParser.urlencoded()
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This line is affecting all providers! If formMiddleware is required we can add an optional parameter like addAuthorize(strategy, { json: true } = {}) and conditionally use either form for json middleware

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Currently, the addAuthorize function is only called by the github provider. The problem is the _handleCallback method in the oauth2 scheme. It looks like it used to send json data but at some point was changed to send form data. Whenever this was changed, the serverMiddleware was not updated to use the form middleware. Currently, I could not get the github provider to work without this change.

As a side not, this was an issue I ran into with the laravel.passport provider as well and was a major reason I did not use the addAuthorize function. If we also had the authorization request send the full req.body instead of just req.body.code it could potentially be reused for the laravel.passport provider.


// Register endpoint
this.options.serverMiddleware.unshift({
Expand All @@ -32,7 +32,7 @@ function addAuthorize (strategy) {
return next()
}

jsonMiddleware(req, res, () => {
formMiddleware(req, res, () => {
const { code } = req.body

if (!code) {
Expand Down