passport-oauth2 icon indicating copy to clipboard operation
passport-oauth2 copied to clipboard

Published 20 hours ago verified publisher icon jaredhanson

Checking for missing accessToken in getOAuthAccessToken breaks some oauth client integrations

Open CaryLandholt opened this issue 3 years ago • 1 comments

With the introduction of a check for missing a accessToken in the getOAuthAccessToken function, some oauth clients break.

For instance, withings doesn't return an accessToken in the accessToken parameter, but returns it in the params parameter.

Here is a sample response from withings.

{
  err: null,
  accessToken: undefined,
  refreshToken: undefined,
  params: {
    status: 0,
    body: {
      userid: 'REDACTED',
      access_token: 'REDACTED',
      refresh_token: 'REDACTED',
      scope: 'REDACTED',
      expires_in: 10800,
      token_type: 'Bearer'
    }
  }
}

CaryLandholt avatar Oct 13 '21 17:10 CaryLandholt

old self._loadUserProfile(accessToken, function(err, profile) {...} new self._loadUserProfile(params, function(err, profile) {...}

MaleWeb avatar Dec 17 '21 10:12 MaleWeb