fynnlyte
commented
2 years ago Pinging @erikgoh - I haven't worked with OAuth yet, but you did - can you give some advice?
Closed fredguth closed 2 years ago
fynnlyte
commented
2 years ago Pinging @erikgoh - I haven't worked with OAuth yet, but you did - can you give some advice?
fredguth
commented
2 years ago A side question: what is a serverScope? I am using Cloudant and I login as admin using IAM env variables.
Is serverScope what we get from CloudantV1.newInstance().getServerInformation?
ErikGoH
commented
2 years ago I can share the config that I had to configure to authenticate with Facebook and Google.
import { OAuth2Strategy as GoogleOAuth2Strategy } from 'passport-google-oauth';
import { Strategy as FacebookAuthStrategy } from 'passport-facebook';
import { Strategy as GoogleTokenStrategy } from 'passport-google-token';
import FacebookTokenStrategy from 'passport-facebook-token';
...
var couchAuth = new CouchAuth({
...
providers: {
google: {
credentials: {
clientID: this.configService.get('GOOGLE_CLIENT_ID'),
clientSecret: this.configService.get('GOOGLE_CLIENT_SECRET'),
audience: [
this.configService.get('GOOGLE_CLIENT_ID'),
this.configService.get('GOOGLE_CLIENT_ID_CORDOVA'),
],
},
options: {
scope: ['email'],
},
template: path.join(
__dirname,
'./templates/oauth/my-custom-secure-auth-callback.ejs',
),
},
facebook: {
credentials: {
clientID: this.configService.get('FACEBOOK_APP_ID'),
clientSecret: this.configService.get('FACEBOOK_APP_SECRET'),
profileFields: ['id', 'displayName', 'name', 'emails'],
fbGraphVersion: 'v3.2',
},
options: {
scope: ['email', 'public_profile'],
},
template: path.join(
__dirname,
'./templates/oauth/my-custom-secure-auth-callback.ejs',
),
},
},
...
});
couchAuth.registerOAuth2('google', GoogleOAuth2Strategy);
couchAuth.registerOAuth2('facebook', FacebookAuthStrategy);
couchAuth.registerTokenProvider('google', GoogleTokenStrategy);
couchAuth.registerTokenProvider('facebook', FacebookTokenStrategy);
But as you mention you need a custom oauth strategy I don't any experience on how to do that, I did a quick search and you could try something like passport-custom.
And when you have your custom strategy you could just register it to couchAuth.
PS: Sorry for the late reply, I left my comment written half-way and got lost in a tab purge.
fredguth
commented
2 years ago Do you have any experience in authenticating with Cloudant? I believe the package cited in the documentation is not the current one. Couch-auth doc cites @clodant/cloudant, but current node sdk is @ibm-cloud/cloudant. I must confess that it is been a while since I used Couchdb and I am little bit worried with the fact that every repo I find was active 4 to 6 years ago. I can't find recent examples. Any help in this direction is very welcome.
ErikGoH
commented
2 years ago I've never used cloudant so I can't help you with that.
You can try to ask in the CouchDB slack to see if anyone has recently used cloudant or has an up to date example. https://couchdb.apache.org/#chat https://join.slack.com/t/couchdb/shared_invite/zt-fa9zim0j-H04m4o_KcLdWeOxEAcwM8g
fredguth
commented
2 years ago Thanks
I am adding an Oauth provider. I was able to authenticate a user with this provider using oauth with postman. Now, I want to configure couch-auth to do it for me.
How do I create a Passport strategy? I am not using facebook, twitter, etc. I am using a very specific oauth provider. To authenticate a user, it expects a post to a specific URL with the following body:
Here, "grant_type":"password" means an "access_token" strategy. I don't get where should I specify all these.