hsyhhssyy
commented
1 year ago Well, the #8 #9 are all about this.
Closed hsyhhssyy closed 1 year ago
hsyhhssyy
commented
1 year ago Well, the #8 #9 are all about this.
While I was configuring Node-RED to use the passport-keycloak-oauth2-oidc strategy, I found that after this Keycloak's Pull , Keycloak's userinfo endpoint requires your node to explicitly provide the openid scope, otherwise, it will report an error. However, when node-red invokes it, it does not explicitly pass the openid scope. Its default scope is 'email profile roles', which causes an error.
After doing some research, I found that we can actually specify the scope explicitly by configuring it in the parameters, but this parameter is defined in the constructor of the OAuth2Strategy class and is passed through to the OAuth package for use. If other users are searching for 'scope' in this project, it will be difficult for them to find it. They would have to do a search in the other dependent projects to see it.
Therefore, I would like to supplement the 'scope' parameter in the readme, to let users know that they can specify the scope here.