search

trailsjs / sails-auth

Passport-based User Authentication system for sails.js applications. Designed to work well with the sails-permissions module.
https://www.npmjs.org/package/sails-auth
MIT License
266 stars 141 forks source link

How to include hostedDomain param in Google Oauth2 #103

Closed dottodot closed 8 years ago

dottodot commented 8 years ago

When using passport-google-oauth there are extra params that you can use for example hostedDomain so you can restrict access to a particular google app domain as described here.

However I can't work out how to include this param, I have tried the following but I doesn't work.

// config/passport.js

var _ = require('lodash');
var _super = require('sails-permissions/config/passport');

_.merge(exports, _super);
_.merge(exports, {
  passport: {
    google: {
      name: 'Google',
      protocol: 'oauth2',
      strategy: require('passport-google-oauth').OAuth2Strategy,
      callback: '/api/auth/google/callback',
      options: {
        hostedDomain: 'example.com',
        clientID: 'CLIENT_ID',
        clientSecret: 'CLIENT_SECRET',
        scope: ['profile', 'email', 'https://www.googleapis.com/auth/drive']
      }
    }
  }
});

I've also tried it outside of options and that doesn't work either.

mnickell commented 8 years ago

I had the same issue. I fixed it by editing the endpoint method in api/services/passport.js, specifically setting options to be the provider options, rather than always set to { }

endpoint: function (req, res) {
    var strategies = sails.config.passport;
    var provider = req.param('provider');
    // var options = { };
    var options = strategies[provider].options || {};

    if (!strategies.hasOwnProperty(provider)) {
        return res.redirect('/login');
    }

    if (strategies[provider].hasOwnProperty('scope')) {
        options.scope = strategies[provider].scope;
    }
    this.authenticate(provider, options)(req, res, req.next);
}
dottodot commented 8 years ago

Works great thanks for your help.