Comments (5)
https://github.com/AzureAD/passport-azure-ad
from passport.
@kamilmysliwiec looks like because of this block and they way NestJS Passport wrapper works passport-azure-ad cannot populate proper arguments to the "verify" (aka "validate") method. Because "arity" or number of verify function arguments will be calculated as 0 :( in here: https://github.com/AzureAD/passport-azure-ad/blob/96c7a193737f03a270b4eb0d99ce2d59256da9a9/lib/oidcstrategy.js#L109
import { Injectable } from '@nestjs/common';
import { PassportStrategy } from '@nestjs/passport';
import { OIDCStrategy } from 'passport-azure-ad';
import { configService } from '../config/config.service';
import { ProfileProvider } from '../user/user.types';
import { AuthService } from './auth.service';
@Injectable()
export class AzureAdStrategy extends PassportStrategy(
OIDCStrategy,
'azure-ad',
) {
constructor(private readonly authService: AuthService) {
super(configService.getAzureAdConfig());
}
async validate(iss, sub, profile, accessToken, refreshToken, done: Function) {
try {
const jwt: string = await this.authService.handleOAuthLogin(
accessToken,
refreshToken,
profile.id,
ProfileProvider.AZURE_AD,
);
done(null, {
jwt,
});
} catch (err) {
console.log('Azure AD Strategy failure', err);
done(err, false);
}
}
}
Using above class first argument is either request (if passReqToCallback: true) or profile object and last argument is "done" function.
Not "profile" nor "request" contain the accessToken or refreshToken 🤔
Is it possible to work-around this somehow? Like directly registering Azure-AD with passport as a quick fix for now?
from passport.
Thanks @llhupp, I ended up directly providing the callback function instead of using NestJs strategy:
import passport from 'passport';
import { Injectable, OnModuleInit } from '@nestjs/common';
import { OIDCStrategy } from 'passport-azure-ad';
import { configService } from '../config/config.service';
import { ProfileProvider } from '../user/user.types';
import { AuthService } from './auth.service';
@Injectable()
export class AzureadStrategy extends OIDCStrategy implements OnModuleInit {
onModuleInit() {
passport.use('azuread', this);
}
constructor(private readonly authService: AuthService) {
super(
configService.getAzureadConfig(),
(iss, sub, profile, accessToken, refreshToken, done) => {
try {
return this.authService
.handleOAuthLogin(
accessToken,
refreshToken,
profile.oid,
ProfileProvider.AZUREAD,
)
.then(jwt => {
done(null, {
jwt,
});
})
.catch(err => {
console.log('Azure AD Strategy failure 1', err);
done(err, false);
});
} catch (err) {
console.log('Azure AD Strategy failure 2', err);
done(err, false);
return err;
}
},
);
}
}
from passport.
@aramalipoor In case you're still stuck around this, I'm following a solution where you can hack a custom callback function based on this issue:
https://github.com/AzureAD/passport-azure-ad/issues/424#issue-447820817
from passport.
FYI, I made a proposal to passport-azure-ad to explicitly set the verify callback signature.
With that PR, setting verifyArity: 8
in the options lets you retrieve the tokens.
@Injectable()
export class AzureAdStrategy extends PassportStrategy(OIDCStrategy) {
constructor (private readonly moduleRef: ModuleRef) {
super({
...
passReqToCallback: true,
verifyArity: 8,
})
}
async validate (
request, iss, sub, profile, jwtClaims, access_token, refresh_token, params
): Promise<RequestUser | null> {
...
}
}
from passport.
Related Issues (20)
- passport-steam Guide will be appreciated HOT 1
- How about changing the constructor parameter type of PassportStrategy like this? HOT 1
- validate(payload: any) in Implementing Passport JWT doc it's not correct HOT 2
- AuthGuard on Local Strategy return undefinded HOT 1
- overwhelmed by error logs HOT 6
- Pretty magical thing: request.authInfo = undefined and behavior is very strange HOT 3
- Unable to preserve session in passport v0.6.0 HOT 2
- v10 does not allow typing on custom `getRequest` method in class with extended AuthGuard HOT 1
- AuthGuard does not work with authentication-only strategies HOT 1
- Support for [email protected] HOT 3
- using @Inject(REQUEST) req breaks passport. HOT 4
- Guard Order Scope affects order of execution HOT 2
- Can a new release be pushed? HOT 3
- Nest can't resolve dependencies of the JwtAuthenticationGuard after upgrade 8.1.0 to 8.1.1 HOT 9
- Cannot read properties of undefined (reading 'property') HOT 1
- Using custom passport from a different package causes error HOT 1
- Dependency tree discrepancy HOT 2
- PassportStrategy interface does not contain validate() HOT 2
- The defaultStrategies cannot be set during runtime in the AuthGuard HOT 1
- Typing of the result of getAuthenticateOptions is misleading/incorrect HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from passport.