sails-oauth2-api icon indicating copy to clipboard operation
sails-oauth2-api copied to clipboard

Published 20 hours ago verified publisher icon lucj

JWT support

Open kavuri opened this issue 8 years ago • 4 comments

I am trying to implement jwt support in sails-oauth2-api and trying to implement the seamless user registration (if the user does not exist in the local db) I have added a check in isTrustedClient.js to verify if the grant_type is 'urn:ietf:params:oauth:grant-type:jwt-bearer'. From here onwards, I wanted to use https://github.com/xtuple/oauth2orize-jwt-bearer along with https://github.com/xtuple/passport-oauth2-jwt-bearer

Can you provide some pointers on the structure of the code and where I can go about implementing this? Once I am done, I can create a PR

kavuri avatar Jul 04 '17 06:07 kavuri

Update: I have added support for JWT to verify the jwt token and also create a user if user does not exist. But I see that the jwt server.exchange('urn:ietf:params:oauth:grant-type:jwt-bearer', jwtBearer(function(client, data, signature, done) method does not get invoked in the flow as mentioned here: https://github.com/xtuple/oauth2orize-jwt-bearer Any clue?

kavuri avatar Jul 05 '17 08:07 kavuri

@kavuri I've never used this one before. What is the headers you sent in the request that should trigger the exchange ?

lucj avatar Jul 05 '17 09:07 lucj

@lucj the header is this urn:ietf:params:oauth:grant-type:jwt-bearer

kavuri avatar Jul 05 '17 09:07 kavuri

@lucj I can create the PR, I need help in creating the flow. Currently, I have plugged the jwt verification in the isTrustedClient.js, but then it does not go to the access token generation once all the verification is complete

kavuri avatar Jul 05 '17 09:07 kavuri