logto icon indicating copy to clipboard operation
logto copied to clipboard

Published 20 hours ago verified publisher icon logto-io

How to correctly access scopes in the nextjs server action situation

Open Haiananan opened this issue 10 months ago • 4 comments

I have configured the Config according to the document.

import { UserScope } from "@logto/next";
export const logtoConfig = {
  endpoint: "https://auth.aice.chat/",
  appId: "ej4nih6c4rm9jql612y5c",
  appSecret: "4BJEw1akolM3zYmTh2CDcfu7idlPXdS1",
  baseUrl: "http://localhost:3000", // Change to your own base URL
  cookieSecret: "T0UoSIiPUIs9pO8Mpu74tRtiWmadwBHI",
  cookieSecure: process.env.NODE_ENV === "production",
  scopes: [
    UserScope.CustomData,
    UserScope.Roles,
    UserScope.Email,
    UserScope.Phone,
    UserScope.Organizations,
    UserScope.OrganizationRoles,
    UserScope.Identities,
    "read:app",  // Already configured in the console.
  ],
  resources: ["http://no.com/api"],
};

However, when I call

getLogtoContext(logtoConfig, {
    getAccessToken,
  });

The result does not include scopes. I also tried using the /oidc/me API, but it didn't return any scopes either.

{
    "sub": "y7xm0wj0jv2p",
    "name": "beyond",
    "picture": null,
    "updated_at": 1713879215359,
    "username": null,
    "created_at": 1713457888679,
    "email": "[email protected]",
    "email_verified": true,
    "phone_number": null,
    "phone_number_verified": false,
    "identities": {},
     ...
}

The above is my test case. How can I retrieve user information with the scopes parameter included?

Haiananan avatar Apr 23 '24 14:04 Haiananan

When you call

getLogtoContext(logtoConfig, {
  getAccessToken,
});

You can also pass the resource indicator as an additional param, like this:

getLogtoContext(logtoConfig, {
  getAccessToken: true,
  resource: 'http://no.com/api'
});

And if you provide the resource when requesting an access token, the access token will be in JWT format, where you can find scopes as a token claim

charIeszhao avatar Apr 28 '24 12:04 charIeszhao

This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] avatar May 13 '24 01:05 github-actions[bot]

This could definitely be clarified in the docs. I just stumbled across this as well while trying to get JWTs for my backend. image

Lennart01 avatar Jul 23 '24 22:07 Lennart01

This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] avatar Aug 19 '24 01:08 github-actions[bot]