Closed JasonWeise closed 4 months ago
I'm trying to replicate it using the strategy to login with GitHub and it works, if you can create a minimal reproduction repo I could take a look.
Also looking at the readme, it seems some of the parameters in the samples don't work and may have changed in v 2.0.0 and the readme not updated. (I am sure they used to work- not related to this issue though, more of an FYI)
Related to that, if you can let me know which ones I can check and update it.
@sergiodxa thanks for taking the time to respond.
As it is a corporate OneLogin account it might be difficult for me to provide the code, would it be possible for you to put up a minimal working example of your GitHub login in a example repo and I can try compare what I might be doing differently to cause this issue on v2.0.0
Thanks for all your hard work, this is truly a great Remix library.
Hey @sergiodxa , would it be possible to create a minimal example project that has this new v2.0.0 OAuth extension working. Doesn't matter what I try I just get constant redirects on the authenticate function that wasn't happening in v1xx
Even the Github one you mentioned previously would be fine, even though we are using OneLogin I can still review your working Github example to see what might need to be further modified.
Thanks as always.
Hi,
I encountered the same issue after updating to v2.0.0. After some investigation, I found that setting codeChallengeMethod
to "plain"
and authenticateWith
to "request_body"
resolved the error for me.
--- ng.ts 2024-05-26 12:00:00.000000000 +0900
+++ ok.ts 2024-05-26 12:00:00.000000000 +0900
@@ -1,20 +1,22 @@
authenticator.use(
new OAuth2Strategy<
User,
{ providers: "keycloak" },
{ id_token: string }
>(
{
clientId: process.env.OIDC_CLIENT_ID,
clientSecret: process.env.OIDC_CLIENT_SECRET,
authorizationEndpoint: process.env.OIDC_AUTHORIZATION_ENDPOINT,
tokenEndpoint: process.env.OIDC_TOKEN_ENDPOINT,
redirectURI: process.env.OIDC_REDIRECT_URI,
+ codeChallengeMethod: "plain",
scopes: ["openid", "email", "profile"],
+ authenticateWith: "request_body",
},
async ({ tokens, profile, context, request }) => {
return await getUser(tokens, profile, context, request);
},
),
"keycloak",
);
Additionally, the README.md states that codeChallengeMethod
and authenticateWith
are optional, but they might be required settings for v2.0.0.
https://github.com/sergiodxa/remix-auth-oauth2/blob/6df15b7b0190e0df690a5ba88fd5f9265e91311d/src/index.ts#L184-L188 https://github.com/sergiodxa/remix-auth-oauth2/blob/6df15b7b0190e0df690a5ba88fd5f9265e91311d/src/index.ts#L264-L274 https://github.com/sergiodxa/remix-auth-oauth2/blob/6df15b7b0190e0df690a5ba88fd5f9265e91311d/src/index.ts#L366-L376 https://github.com/sergiodxa/remix-auth-oauth2/blob/6df15b7b0190e0df690a5ba88fd5f9265e91311d/src/index.ts#L397-L407
I hope this helps!
Hi
After updating to v2.0.0 and modifying the "options" parameters to the new naming convention I now get a constant loop due to the Authenticate function failing:L
All the code is exactlyt the same as before all that was done was upgrade to v2.0.0 and change the parameter names to match the new convention. Have other parts also changed that would cause OIDC flow to stop working? I changed back to v1.11.2 and everything is back to working.
Also looking at the readme, it seems some of the parameters in the samples don't work and may have changed in v 2.0.0 and the readme not updated. (I am sure they used to work- not related to this issue though, more of an FYI)