Jared Hanson

Given that this request occurred in the context of [Passport](https://www.passportjs.org/), and a desire to regenerate the underlying express-session when logging in or out, I'm commenting here to let interested developers...

What error handling middleware is being used on that endpoint?

There's a branch, [txn-stores](https://github.com/jaredhanson/oauth2orize/tree/txn-stores), which is where work is being done to abstract the session requirement, making pluggable transaction stores that don't rely on sessions.

There's now a `txn-stores-3` branch with a pluggable transaction store interface. I will be merging this and publishing to npm as soon as I have test cases. Anyone who wants...

There's a single line change to package.json here. Wouldn't `require` statements in the code also need to be changed to reference the new module (and unreference the old module)?

This would be a good extension to implement as an oauth2orize plugin, similar to [oauth2orize-jwt-bearer](https://github.com/xtuple/oauth2orize-jwt-bearer). I'll take a stab at it, but probably not until it gets a few more...

Could you describe the use case you are addressing with this patch? In most cases, my recommendation when someone needs properties on the `req` object, is to attach them to...

Can you please describe a use case in terms of the OAuth 2.0 protocol?

Can you explain _why_ you need it? Would checking `status == 403` be sufficient?

What headers do you need access to and why? Sent from my iPhone > On Sep 7, 2016, at 11:20 PM, John Michael Ferraris [email protected] wrote: > > I want...