Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

How to send Request's `id_token` cookie in npm-fetch's Request

See original GitHub issue

I’m trying to implement facebook auth, based on passport.js. The very first problem I’ve get with it was with request to GraphQL’s /me after logging in (my access token wasn’t sent to GraphQL by default), but it was easy to do with credentials: 'same-origin' in whatwg-fetch. The issue is that the same doesn’t work from server side (node-fetch doesn’t support using of XMLHttpRequest cookies).

Can you recommend any way to pass id_token cookie through server-side app on backend request? Or, maybe they are some alternatives to fetch or proposed access policy?

Issue Analytics

  • State:closed
  • Created 7 years ago
  • Comments:5 (2 by maintainers)

github_iconTop GitHub Comments

3reactions
koistyacommented, Apr 11, 2016

I think that core/fetch HTTP client utility must be context-aware (regardless of what library you’re using - fetch, superagent, jQuery.ajax), so instead of using a global fetch utility, you would rather need to either instantiate a new instance of it each time you need to render a React app (in src/server.js/get('*', ...) and src/client.js), or you can pass context as an argument, so that fetch('/api/data') becomes fetch(context, '/api/data'). This way you will be able to grab the id_token from cookies during server-side rendering and pass it as part of a context that is passed to the fetch utility. The fetch utility can then send this id_token via Authorize header for example. This same pattern might be used to pass cache object to the HTTP client utility, which would allow to avoid sending any Ajax request on the client during the initial rendering. What do you think?

P.S.: A PR with this feature is more than welcome!

0reactions
ulanicommented, May 27, 2021

@mykhas thank you very much for crating this issue! Unfortunately, we have close it due to inactivity. Feel free to re-open it or join our Discord channel for discussion.

NOTE: The main branch has been updated with React Starter Kit v2, using JAM-style architecture.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Fetch API with Cookie - Stack Overflow
Then calling GET /api/users/ with credentials: 'include' and got 401 unauth, because of no cookies were sent with the request.
Read more >
ID Token and Access Token: What Is the Difference? - Auth0
Learn what ID and access tokens are and how to correctly use them in the OpenID Connect and OAuth context.
Read more >
Using the ID token - Amazon Cognito - AWS Documentation
The ID token is a JSON web token (JWT) that contains claims about the identity of the authenticated user, such as name ,...
Read more >
Verify the Google ID token on your server side | Authentication
After Google returns an ID token, it's submitted by an HTTP POST method ... csrf_token_cookie = self.request.cookies.get('g_csrf_token')
Read more >
Getting an ID Token - OAuth 2.0 Simplified
We build up a POST request to Google's token endpoint containing our app's client ID and secret, as well as the authorization code...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

SyntaxError: Unexpected token ...

Next page

TypeError: Cannot read property 'map' of null