search

sidebase / nuxt-auth

Authentication built for Nuxt 3! Easily add authentication via OAuth providers, credentials or Email Magic URLs!
https://auth.sidebase.io
MIT License
1.25k stars 162 forks source link

Default behaviour for setting empty string at refreshRequestTokenPointer #833

Closed eerive closed 2 months ago

eerive commented 2 months ago

Describe the feature

Hi, I am trying to integrate this package into our product, which works wonderfully for the initial authorization with our custom backend. The only thing that is giving me a headache right now is the refresh method, as I can't figure out how to 'unset' the refreshRequestTokenPointer.

The case is, the backend I use requires:

POST: /user/refresh
{
   "<refreshToken>"
}

while the logic of refreshRequestTokenPointer requires some value to be set, else it will default to /refreshToken. And setting an empty value will throw an error that it's not allowed.

helpers.mjs
-----
export function jsonPointerSet(obj, pointer, value) {
  const refTokens = Array.isArray(pointer) ? pointer : jsonPointerParse(pointer);
  let nextTok = refTokens[0];
  if (refTokens.length === 0) {
    throw new Error("Can not set the root object");
  }
  for (let i = 0; i < refTokens.length - 1; ++i) { 
... 
...

Is there some way that I can still do it? I can request a change in the backend so it requires a format like { refreshToken: <token> } but that would be a breaking change.

How would you implement this?

Add or change thelength == 0 behaviour like:

  if (refTokens.length === 0) {
    obj = value;
    return;
  }

or by setting refreshRequestTokenPointer: '.' , it will return the value directly?

Additional information

Provider

eerive commented 2 months ago

Just a small update, I dived into the backend code and it seems like that the request body does not make any sense whatsoever. It wants an application/json as header but with only a string as body, so it might be a backend issue from our side.