node-vault icon indicating copy to clipboard operation
node-vault copied to clipboard
verified publisher icon nodevault

Handling of v1/auth/github/login redirect.

Open edasque opened this issue 8 years ago • 6 comments

I don't really understand how it helps, I was able to get GithubAuth working via just a POST request but I am not sure I understand the example.

I think I understand what the examples does, step by step. It seems to try to auth first but for me it stops there because I don't yet have the token needed for auth so it goes directly to the error handling.

I am guessing it's because your example first enables GitHub auth (and therefore needs a token to do so). If I am correct, I am happy to submit a PR with more comments in the GitHub example.

When I do use vault.githubLogin by itself, it doesn't work because it doesn't follow a 307 that my vault throws at it. I am not sure it's something specific with my vault setup though.

Thank you in advance,

Erik

edasque avatar Apr 14 '17 12:04 edasque

@edasque - I ran across a similar issue. The way I solved the 3xx response was to pass the request options as a field. For example:

vault.githubLogin({
    githubToken,
    requestOptions: {
        followAllRedirects: true
    }
});

owenfarrell avatar Sep 25 '17 18:09 owenfarrell

@kr1sp1n we should consider adding the followAllRedirects: true request option by default, if it makes sense. I didn't do any research in this specific issue, but from my (somewhat limited) knowledge of the vault API, I think it wouldn't hurt to add this.

DaniGuardiola avatar Jan 15 '18 15:01 DaniGuardiola

i have same issue

i think that is not just redirect cuz i think node-vault is basically caller API of Vault and almost API need value of X-Vault-Token in header but this value set only time call vault.auths()

i think it is easy way that fix in handleVaultResponse function check login url and if this request is login, set client.token i will write example under

//that is regular expression to check url of login
if (/\/auth\/[^\/]+\/login/.test(response.request.uri.path)) {
  client.token = response.body.auth.client_token;
}

but i dont sure that is right way :confused:

rkdgusrnrlrl avatar May 12 '18 11:05 rkdgusrnrlrl

I was struggling with this problem with relating to approleLogin().

I was catching a 'Status 307' error and I'm really glad I found this page.

I completely agree that this should be set by default.

liambowers avatar Jul 25 '18 14:07 liambowers

Noted for v1.0

DaniGuardiola avatar Jul 26 '18 10:07 DaniGuardiola

@edasque @liambowers I think PR #93 may solve your problems. It is included since v0.9.3. Please check it out and give feedback. Thanks 🙏

kr1sp1n avatar Nov 29 '18 07:11 kr1sp1n

Stale issue, closing

aviadhahami avatar Nov 10 '22 15:11 aviadhahami