mp3por
commented
6 years ago Hello,
I have the same issue. I am using passport-oauth2-client-password and passport fails very silently when I do not pass client_id or client_secret. Not only does it not warn but it also immediately sends an 401 Unauthorised without calling the given callback with the error making it very hard to understand what is going on or actually handle the error.
I was forced to manually login the user using the callback that could be passed to .authenticate however this is troublesome and also there is a bug there, but I will make a separate issue for it.
Harkit2004
I was having problems using a JWT strategy - I set it up and it looked just like my Local strategy, but it wasn't running.
It looks fine, but it would never run - I'd never see 'Using JWT Strategy' in my console. After a while of digging around, I found that Passport doesn't run the verification callback if it doesn't have the proper information. My mistake is that, after a successful login (using the Local strategy), I was sending the JWT token without a space, like so:
I solved my problem by putting a space after JWT:
And now everything is working as expected. But, it was a very roundabout procedure to debug this. It would be great if there was some kind of warning provided when a strategy is not going to be used because the necessary arguments aren't being provided.
(A few more details here, in case others who have this problem find this issue: https://stackoverflow.com/questions/43091021/getting-401-unauthorized-status-while-authorizing-jwt-token-using-passport-jwt/45272000#45272000)