Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Please support OAuth providers with @Authorized

See original GitHub issue

It would be nice to if we can get some nicer out of the box support or some examples of how to support OAuth providers.

OAuth providers are covered in passport.js who currently support 500+ providers known as strategies. But this would require us using @UseBefore(passport.authenticate(string)) and not the @Authorized() middleware.

The question: What are your recommendations for using @Authorized() with third party OAuth providers like Facebook / Google?

Issue Analytics

State:
Created 4 years ago
Comments:5

Top GitHub Comments

3reactions

DimaITcommented, Sep 4, 2019

@gruckion, it can be implemented with next configuration:

import express from 'express';
import { Action, useExpressServer } from 'routing-controllers';

const app = express();

useExpressServer(app, {
  authorizationChecker: (action: Action) => new Promise<boolean>((resolve, reject) => {
    passport.authenticate('bearer', (err, user) => {
      if (err) {
        return reject(err);
      }
      if (!user) {
        return resolve(false);
      }
      action.request.user = user;
      return resolve(true);
    })(action.request, action.response, action.next);
  }),
  currentUserChecker: (action: Action) => action.request.user,
});

Then you’ll be able to use both @Authorized() and @CurrentUser decorators.

However @UseBefore(passport.authenticate(string)) is not so bad as well.

0reactions

github-actions[bot]commented, Dec 13, 2020

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

Top Results From Across the Web

Connect Apps to Generic OAuth2 Authorization Servers - Auth0

Connect Apps to Generic OAuth2 Authorization Servers ... The most common identity providers are available in Auth0's Dashboard and in the Auth0 Marketplace....

Using OAuth 2.0 for Web Server Applications | Authorization

If prompted, read and accept the API's Terms of Service. Create authorization credentials. Any application that uses OAuth 2.0 to access Google ...

Configure GitLab as an OAuth 2.0 authentication identity ...

Scroll down to the Authorized applications section. The GitLab OAuth 2 applications support scopes, which allow various actions that any given application ...

What is OAuth and How Does it Work? - TechTarget

Learn about OAuth 2.0 (Open Authorization), an open protocol for token-based ... OAuth 1.0's consumer, service provider and user become client, ...

Using OAuth authentication with your application - Zendesk help

This flow is called the authorization code grant flow because you have to get an authorization code before you can request an access...