passport-oauth2 icon indicating copy to clipboard operation
passport-oauth2 copied to clipboard
verified publisher icon jaredhanson

callback not firing - immediately returning info via res

Open chanpod opened this issue 6 years ago • 2 comments 

passport.use(new OAuth2Strategy({
        authorizationURL: 'http://localhost:3001/oauth2/authorize',
        tokenURL: 'http://localhost:3001/oauth2/token',
        callbackURL: '',
        clientID: 'testID',
        clientSecret: 'secret',

    }, function (accessToken, refreshToken, profile, cb) {
        console.log("Yaay");
        cb();
    }));


app.get('/test', passport.authenticate('oauth2', {session: false}), (req, res) => {    
    res.send("OK");
}

I get a response on the api call, but it's not "OK". It's

{
    "_id": "5dd3dfbe30d93d541cc84917",
    "accessToken": "<token>",
    "accessTokenExpiresAt": "2019-11-19T13:27:42.583Z",
    "refreshToken": "<token>",
    "refreshTokenExpiresAt": "2019-12-03T12:27:42.583Z",
    "client": {
        "id": "testID"
    },
    "user": {
        "username": "testuser"
    },
    "__v": 0
 }

My assumption is the strategy verify callback should fire, and whatever gets passed in the cb function should get returned to the API function. Or at least SOMETHING should happen.

I'm not using sessions. This is a pure API server.

chanpod avatar Nov 19 '19 13:11 chanpod

I got the bearer strategy working. It's callback fires successfully. So it's something specific with this module :(

chanpod avatar Nov 19 '19 13:11 chanpod

I dug through the source code, it seems the _stateStore is defaulting to the NullSateStore class. This causes the library to immediately call the redirect via passport. This ends the request immediately. Does this library require sessions to be enabled?

chanpod avatar Nov 19 '19 16:11 chanpod