Closed bobr69 closed 6 years ago
mawie81
commented
7 years ago After a quick look I could not find much about a required resource parameter - except on Azure.
If it works for you with the parameter then maybe a way around this would be to extend the config in here with additional params for each request.
aguynamedben
commented
6 years ago @bobr69 I think I may have fixed this with https://github.com/mawie81/electron-oauth2/pull/34 (currently on master, but not in the current version 3.0.0). The Google OAuth2 API also allows custom variables in the authorization code request (i.e. prompt=consent)
If you're on master, you can now do this to pass additional parameters in the authorization code request. Note the additionalAuthCodeRequestData entry in options.
const config = {
clientId: process.env.GOOGLE_DRIVE_CLIENT_ID,
clientSecret: process.env.GOOGLE_DRIVE_CLIENT_SECRET,
authorizationUrl: process.env.GOOGLE_DRIVE_AUTH_URL,
tokenUrl: process.env.GOOGLE_DRIVE_TOKEN_URL,
useBasicAuthorizationHeader: false,
redirectUri: process.env.GOOGLE_DRIVE_REDIRECT_URL,
};
const windowParams = {
autoHideMenuBar: true,
webPreferences: {
nodeIntegration: false,
}
}
const options = {
scope: 'https://www.googleapis.com/auth/drive.metadata.readonly',
accessType: 'offline',
// Requires being on master, will be in electron-oauth v3.1.0
additionalAuthCodeRequestData: {
prompt: 'consent',
},
};
const myApiOauth = electronOauth2(config, windowParams);You should be able to pass your resource parameter the same way. additionalAuthCodeRequestData add parameters to the authorization code step of OAuth2 (the initial HTTP request), not the access token step (the subsequent HTTP request).
aguynamedben
commented
6 years ago @bobr69 Let me know if this works for what you're doing and I can figure out how to release of v3.1.0 of electron-oauth2.
devszr
commented
6 years ago I tried using the master branch with an Azure B2C AD instance and it worked. Only issue I had was, redirect_uri being null/undefined during the invocation of getAccessToken. It was solved by explicitly providing a redirectUri in oauthConfig.
The setup I tested is below and the documentation for oauth2 flow I followed is at Azure AD B2C oauth2 Docs
Hope this helps in making a 3.1.0 release (soon?)!
var oauthConfig = {
clientId: 'XXXXXXXXXXXXXX',
authorizationUrl: 'https://login.microsoftonline.com/XXXXXXXXXXX/oauth2/v2.0/authorize',
useBasicAuthorizationHeader: false,
// Note: without this here, the getAccessToken(opts) method gets a null redirect_uri
redirectUri: 'urn:ietf:wg:oauth:2.0:oob',
tokenUrl:'https://login.microsoftonline.com/XXXXXXXXXXXX/oauth2/v2.0/token?p=XXXXXXXXXXX'
};
const oauthExtraOptions = {
scope: 'XXXXXXXXXXXXXXXXXXX',
response_type: 'code',
additionalAuthCodeRequestData: {
p:'XXXXXXXXXXXXXXXXXXXXXXXXX',
response_mode:'query'
},
additionalTokenRequestData:{
scope:'https://XXXXXXXXXXXXXXXXXXXXXXXXXXXX'
}
};
const windowParams = {
alwaysOnTop: true,
autoHideMenuBar: true,
webPreferences: {
nodeIntegration: false
}
};
const azureB2COAuth = electronOauth2(oauthConfig, windowParams);
azureB2COAuth.getAccessToken(oauthExtraOptions)
.then(token => {
/// do stuff
}, err => {
console.log('Error while getting token', err);
});
});
I tried to authenticate against Azure AD and ran into some errors.
I'm not sure if it was the right way, but I had to add
, resource: config.resourceafter line 87 in your index.js, because Azure needed the resource attribute in the request body to request an authorization code. (See Use the authorization code to request an access token)
This was necessary to use a config like this:
var config = { clientId: '111', clientSecret: 'xxx', authorizationUrl: 'https://login.microsoftonline.com/common/oauth2/authorize?', tokenUrl: 'https://login.microsoftonline.com/common/oauth2/token', useBasicAuthorizationHeader: false, redirectUri: 'http://localhost', resource: 'https://graph.windows.net/' };Did I miss something, or is this attribute Azure-specific?