Open dberardo opened 3 years ago
Hi @dberardo OAuth2 standart implementation should support 3 endpoints:
authEndpoint string = "/authorize"
tokenEndpoint string = "/token"
endpointProfile string = "/userinfo"
/userinfo
in your server could be an /user
or /user-info
or any other - cause of that you've got auth0 responded with a 404 trying to fetch user information
you can fork goth-provider-wso2 or goth-provider-oauth, change profile endpoint & rebulid.
Hi @dberardo OAuth2 standart implementation should support 3 endpoints:
authEndpoint string = "/authorize" tokenEndpoint string = "/token" endpointProfile string = "/userinfo"
/userinfo
in your server could be an/user
or/user-info
or any other - cause of that you've gotauth0 responded with a 404 trying to fetch user information
you can fork goth-provider-wso2 or goth-provider-oauth, change profile endpoint & rebulid.
Thanks @rzrbld for your prompt answer.
i was thinking to patch this line in the auth0 provider:
https://github.com/markbates/goth/blob/master/providers/auth0/auth0.go#L100
to basically hardcode the domain to my private auth server. That should work.
However, i am not a go expert so i should figure out how to import this code in the adminio-api source code.
Before going for this approach i wanted to check with the community if a more customizable option was available, but it seems like neither adminio.api, nor goth allow for custom / general purpose Oauth providers ... which really wonders me.
adminio call FetchUser
at https://github.com/rzrbld/adminio-api/blob/master/src/oauth/oauth.go#L102
so you can make a stub FetchUser
at https://github.com/markbates/goth/blob/master/providers/auth0/auth0.go#L86
ok, i will give it a try, although i have never programmed in Go in the past.
If i make something useful i can share it in a PR. Will keep you updated
just proposed a stub in here: #19
it works for my setup, but i was not able to test it for auth0.com as i dont have an account there.
I have implemented my own OAuth provider server on a custom domain.
I am able to go through the whole session creation procedure using the auth0 provider and a custom domain, pointing to my own oauth server.
However when the "callback" endpoint is called, i get a 404 error message from the auth0 server saying:
"auth0 responded with a 404 trying to fetch user information"
is it possible to have a custom provider using the goth package??
i find this being a huge limitation which makes the whole API extremely hard to use in production otherwise.