search

stormpath / express-stormpath

Build simple, secure web applications with Stormpath and Express!
http://docs.stormpath.com/nodejs/express/
Apache License 2.0
325 stars 111 forks source link

Google Scope being passed with commas #539

Closed merkelct closed 7 years ago

merkelct commented 7 years ago

Example &scope=openid,email,profile causing 

Error: invalid_scope
Some requested scopes were invalid. {invalid=[openid,email,profile]}
robertjd commented 7 years ago

Hello @merkelct , can you show us how you are passing the scope values down to our library? I believe it should work like this:

app.use(stormpath.init({
  web: {
    social:{
      google:{
        scope: 'openid email profile'
      }
    }
  }
}));

Thanks, Robert

merkelct commented 7 years ago

I am just following the example here and do not explicitly set the scopes

https://docs.stormpath.com/nodejs/express/latest/social_login.html#google-login

I tried adding what you have above but still get commas on the scopes it works fine fine if manually remove them from the url

app.use(stormpath.init(app, { web: { social:{ google:{ scope: 'openid email profile' } } }, website: true }));

robertjd commented 7 years ago

Can you tell me which version of the express-stormpath module you are using? Thanks.

merkelct commented 7 years ago

"express-stormpath": "^3.1.5",

edjiang commented 7 years ago

I've identified the bug and the cause. Not sure if I personally have enough experience with this section of the codebase to do a fix, but I'll let @robertjd know and we'll get this fixed!

robertjd commented 7 years ago

Hi @merkelct , this is a bug that we need to fix in our library. In the meantime I think you can work around the issue by putting this in your server code:

app.on('stormpath.ready',function () {
  app.get('stormpathConfig').web.social.google.scope = 'openid email profile';
});

That should force-overwrite the incorrect settings that we are pulling from our configuration, can you give this a try and let me know if it works for you?

merkelct commented 7 years ago

Thanks, I will update this morning and report back if the fix works

merkelct commented 7 years ago

FYI just added snippet from above and it worked thanks will keep and eye out for an update

robertjd commented 7 years ago

Thanks @merkelct ! We just released the new 3.1.6 version of this library, which should also fi the problem. Could you try upgrading and let us know if this fixes it too?

merkelct commented 7 years ago

Update worked thanks guys.