search

oauthjs / node-oauth2-server

Complete, compliant and well tested module for implementing an OAuth2 Server/Provider with express in node.js
https://npmjs.org/package/oauth2-server
MIT License
4.01k stars 931 forks source link

Access to user and client in token generation #279

Open steffansluis opened 8 years ago

steffansluis commented 8 years ago

I am using JWT as access and refresh tokens, and it seems that in version 3.0.0 the generateAccessToken and generateRefreshToken functions no longer have the user and client available, whereas before they were available on the req object. Any reason as to why they are no longer available? I realize that the information is available in the scope of the saveToken function, however that means having to decode the JWT, adding additional info and resigning it.

jaipreet-chhatwal commented 8 years ago

Is it alright , if the validateAccessToken request responds with a token object example { "Valid":"true", "user":"JP", "scope":"read" }

Is this approach not recommended and if yes please mention the reason .

insanehong commented 8 years ago

I want to use node-oauth2-server v3.0.0-b2 with JWT as access and refresh tokens.

but generateAccessToken and generateRefreshToken no longer have parameters of the user and client available.

JWT is standard (RFC 7519) so I want to add as user object and client object in generateAccessToken and generateRefreshToken functions

maxtruxa commented 8 years ago

This is fixed by PR #303.

insanehong commented 8 years ago

@maxtruxa Any news on this? Your PR is Last 2 months

maxtruxa commented 8 years ago

It's not my PR, but if you're interested in the project status see #313. I'm not a maintainer, so I can't tell you when PRs are getting merged in.