search

juhanakristian / remix-auth-microsoft

Microsoft authentication strategy for remix-auth
MIT License
37 stars 19 forks source link

How to get profile from session #1

Closed franklinjavier closed 2 years ago

franklinjavier commented 2 years ago

Hi, I'm trying to get the profile from the session, but I don't understand how to do it following the readme. Can you help me, please?

franklinjavier commented 2 years ago

Minimal reproduce:

// auth.server.ts
import { Authenticator } from 'remix-auth'
import { sessionStorage, getSession } from '~/services/session.server'
import { MicrosoftStrategy } from 'remix-auth-microsoft'

export let authenticator = new Authenticator<string>(sessionStorage)

let azdoStrategy = new MicrosoftStrategy(
  {
    clientID: process.env.MS_CLIENT_ID || '',
    clientSecret: process.env.MS_CLIENT_SECRET || '',
    callbackURL: 'http://localhost:3000/auth/microsoft/callback',
    tenant: process.env.MS_TENANT || '',
    prompt: 'select_account'
  },
  async ({ accessToken, extraParams, profile }) => {
    console.log({ accessToken, extraParams, profile }) // profile is ok here, i need to set session here? 
    return { accessToken, extraParams, profile }
  },
)

authenticator.use(azdoStrategy)

// dashboard.tsx
import { LoaderFunction, useLoaderData } from 'remix'
import { getSession } from '~/services/session.server'
import { Layout } from '~/components/Layout'

export interface User {
  email: string
}

export let loader: LoaderFunction = async ({ request }) => {
  const user = await getSession(request.headers.get('Cookie'))
  return { user }
}
export default function Dashboard() {
  let data = useLoaderData()

  return <Layout>{JSON.stringify(data)}</Layout>
}
juhanakristian commented 2 years ago

Hi @franklinjavier and thanks for filing an issue!

The problem seems to be that the library isn't correctly returning extraParams.

I will fix the issue with extraParams soon but in the meanwhile, if you remove the reference to extraParams from your verify callback you should be able to retrieve the profile using getSession or authenticator.isAuthenticated

franklinjavier commented 2 years ago

Now it works, thanks for the tip ;)

const azdoStrategy = new MicrosoftStrategy(
  {
    clientID: process.env.MS_CLIENT_ID || '',
    clientSecret: process.env.MS_CLIENT_SECRET || '',
    callbackURL: 'http://localhost:3000/auth/microsoft/callback', // FIX ME
    tenant: process.env.MS_TENANT || '',
  },
  async ({ profile }) => {
    return profile
  },
)
juhanakristian commented 2 years ago

Actually what seems to happen is that since the return value of the verify callback is stored in the session cookie, if the return value is too big (over 4kb) it can't be saved and the cookie will have the previous value (oauth2:state).

While this is not a bug in remix-auth-microsoft, it is probably something that should be covered in the documentation.

Thanks again for reporting!

franklinjavier commented 2 years ago

Thanks mate

bhargav-simejiya commented 2 years ago

@franklinjavier Can you please share code snippet for required steps to integrate MS login? because I'm not able to open Microsoft sign in dialog

franklinjavier commented 2 years ago

Sure

image image image image image image image
franklinjavier commented 2 years ago

You should add prompt: 'select_account', because the @juhanakristian added this param recently