search

jaredhanson / passport-oauth2

OAuth 2.0 authentication strategy for Passport and Node.js.
https://www.passportjs.org/packages/passport-oauth2/?utm_source=github&utm_medium=referral&utm_campaign=passport-oauth2&utm_content=about
MIT License
605 stars 343 forks source link

Checking for missing accessToken in getOAuthAccessToken breaks some oauth client integrations #148

Open CaryLandholt opened 3 years ago

CaryLandholt commented 3 years ago

With the introduction of a check for missing a accessToken in the getOAuthAccessToken function, some oauth clients break.

For instance, withings doesn't return an accessToken in the accessToken parameter, but returns it in the params parameter.

Here is a sample response from withings.

{
  err: null,
  accessToken: undefined,
  refreshToken: undefined,
  params: {
    status: 0,
    body: {
      userid: 'REDACTED',
      access_token: 'REDACTED',
      refresh_token: 'REDACTED',
      scope: 'REDACTED',
      expires_in: 10800,
      token_type: 'Bearer'
    }
  }
}
MaleWeb commented 2 years ago

old self._loadUserProfile(accessToken, function(err, profile) {...} new self._loadUserProfile(params, function(err, profile) {...}