Closed tadeaspetak closed 3 months ago
You will have to create the strategy on the request and use authenticator.use
there to add the strategy.
@sergiodxa - so in 2.0 the callbackURL and ResponseTypes are gone?
type ResponseType = "id_token" | "token" | "id_token token" | "code" | "code id_token" | "code id_token token";
export interface OAuth2StrategyOptions {
authorizationURL: string;
tokenURL: string;
clientID: string;
clientSecret: string;
callbackURL: string;
scope?: string;
responseType?: ResponseType;
useBasicAuthenticationHeader?: boolean;
}
How do we pass the Request
to the strategy so that it has knowledge of the domain?
so in 2.0 the callbackURL and ResponseTypes are gone?
The callbackURL was replaced by redirectURI
which is the name commonly used by providers.
The ResponseType
is not needed anymore, OsloJS takes care of that.
How do we pass the
Request
to the strategy so that it has knowledge of the domain?
The strategy receives the request already, but it doesn't use it to know the domain, what you need to do is to create the strategy instance on a per request basis, e.g.
import { sessionStorage } from "~/session.server"
type User = /* define your type */
function createAuthenticator(request: Request) {
let authenticator = new Authenticator<User>(sessionStorage)
let options: OAuth2StrategyOptions = {
// define the strategy options here, use `request` to access the domain
}
authenticator.use(new OAuth2Strategy(options, verify)
return authenticator
}
Thanks @sergiodxa for the hint. I updated my loaders & actions to create the strategy on each request:
const authenticator = await createAuthenticator(request);
const user = await authenticator.isAuthenticated(request, {
failureRedirect: `/login?returnTo=${pathname}`,
});
First of all, thanks a lot for your work on this library!
I'm trying to incorporate it into our stack and have just hit a crucial issue: I need the
callbackURL
to be dynamic. Our code serves multiple domains and only when the user attempts to authenticate do we know what thecallbackURL
should be. Is this by any chance possible?With
passport
, this was achieved by providing an overridingcallbackURL
during theauthenticate
call, like:Thanks a lot in advance!