Support openID

[tlenclos]

I was trying to use passport-steam which uses OpenID but it seems that it's not supported.

What can I do to add this support ? Add a service open-id ?

[ekryski]

@tlenclos I'd have to look at it. Probably won't have time for a few more days. It's fairly easy to write your own auth service but ya I figure we'd have to create and open-id service. You can look at the OAuth2 service for some inspiration. Totally open to a PR 😄

[tlenclos]

Thanks, I will take a look at it since I really want to try feathers for my next app 👍

[tlenclos]

I tried to implement it but without much success... 😞 this worked with a simple express app but apparently the signature is always wrong when using feathers middleware.

Here is the error I got on the callback URL:

  express:router <anonymous>  : /auth/steam/callback?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fsteamcommunity.com%2Fopenid%2Flogin&openid.claimed_id=http%3A%2F%2Fsteamcommunity.com%2Fopenid%2Fid%2F76561197980867718&openid.identity=http%3A%2F%2Fsteamcommunity.com%2Fopenid%2Fid%2F76561197980867718&openid.return_to=http%3A%2F%2Flocalhost%3A3030%2Fauth%2Fsteam%2Fcallback&openid.response_nonce=2016-04-11T21%3A35%3A33ZDjydlzN%2FPn4xVCdOfdFBRcRzKmE%3D&openid.assoc_handle=1234567890&openid.signed=signed%2Cop_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=eA1IT68yynOIKLPziruAjr00Vec%3D +1ms
  feathers-authentication:middleware An authentication error occurred. +2m { [InternalOpenIDError: Failed to verify assertion]
  name: 'InternalOpenIDError',
  message: 'Failed to verify assertion',
  openidError: { message: 'Invalid signature' } }

Here is my starting implementation if it can help you a little https://github.com/tlenclos/feathers-authentication/commit/d9d8d32f18b625024e800f4446a565a40e3e07ec.

[karljakober]

+1 for this. going to attempt it myself but i doubt it will be that pretty :)

[matt-d-rat]

I'm also needing to add steam authentication for the new project I am working on. Did anyone manage to come up with a solution?

[marshallswain]

This should be possible, now with the 1.0.0-alpha version of feathers-authentication. It's completely integrated with Passport, so any Passport plugin supporting Steam authentication should now work: https://github.com/liamcurry/passport-steam

We literally just released the alpha a few minutes ago.

[marshallswain]

And here's the new OAuth2 plugin for making this happen: https://github.com/feathersjs/feathers-authentication-oauth2

[matt-d-rat]

Wow, now that is good timing! I will try it out today and let you know how it goes.

[marshallswain]

FYI. I noticed the plugin says it uses OpenID 2.0. I didn't actually check to see if the plugin I linked uses OAuth2. It might be an inaccurate assumption.

[ekryski]

It really shouldn't matter. You can implement any passport strategy without the adapter as well. You would just do it the same way you would with Express, as described here: https://github.com/liamcurry/passport-steam.

But instead of calling it like this:

passport.use(new SteamStrategy({
    returnURL: 'http://localhost:3000/auth/steam/return',
    realm: 'http://localhost:3000/',
    apiKey: 'your steam API key'
  },
  function(identifier, profile, done) {
    User.findByOpenID({ openId: identifier }, function (err, user) {
      return done(err, user);
    });
  }
));

app.get('/auth/steam',
  passport.authenticate('steam'),
  function(req, res) {
    // The request will be redirected to Steam for authentication, so
    // this function will not be called.
  });

app.get('/auth/steam/return',
  passport.authenticate('steam', { failureRedirect: '/login' }),
  function(req, res) {
    // Successful authentication, redirect home.
    res.redirect('/');
  });

you call it like this

const feathers = require('feathers');
const auth = require('feathers-authentication');
const app = feathers()

app.configure(auth({ secret: 'supersecret' });

app.passport.use(new SteamStrategy({
    returnURL: 'http://localhost:3000/auth/steam/return',
    realm: 'http://localhost:3000/',
    apiKey: 'your steam API key'
  },
  function(identifier, profile, done) {
    const query = { openId: identifier };
    app.service.find({ query }).then(response) {
      const user = response[0];
      return done(null, user);
    }).catch(done);
  }
));

app.get('/auth/steam', auth.express.authenticate('steam'));

app.get('/auth/steam/return',
  auth.express.authenticate('steam', { failureRedirect: '/login' }),
  function(req, res) {
    // Successful authentication, redirect home.
    res.redirect('/');
  });

[matt-d-rat]

@ekryski that example worked for me using the v1.0.0 release of feathers-authentication. Now I just need to migrate my react-native code to use feathers-authentication-client and I should be all sweet. Thanks for the help.

[matt-d-rat]

@ekryski my front end is react-native and the approach I am taking is very similar to this: https://github.com/sscaff1/hopePing/blob/master/src/scenes/LoginScene.js for my login scene, how would I go about successfully using the example you have provided to get the credentials back to the client app from the server?

I am fairly new to feathersjs so forgive me for the newb question. I am currently getting a routing error from the server error: Route: /auth/steam/return?openid.ns=...........

[ekryski]

@matt-d-rat the new auth client is published now since your comment. It should work. If you are picking up from a Webview that LoginScene solution is expecting a cookie to be there so you'll need to enable cookies explicitly. You can do that like so:

// add this to your auth config
{
  "auth": {
    "cookie": {
      "enabled": true
    }
  }
}

// and configure auth
app.configure(auth(app.get('auth'));

If you have any other problems it's likely going to be a client side issue so probably better to put it in the feathers-authentication-client repo.

Closing as OpenID is now supported.