nodej.js 中的模块 passport-oauth2:授权请求中包含的额外参数
Module passport-oauth2 in nodej.js: extra parameters to be included in the authorization request
我在 node.js 应用程序中实施 Oauth2 身份验证时遇到问题,我需要在授权请求中添加一个额外的参数,但模块只是忽略了 "unknown" 参数。
我的代码附在下面。被忽略的参数是 APIName.
var OAuth2Strategy = require('passport-oauth2').Strategy;
// load the auth variables
var configAuth = require('./auth');
module.exports = function(passport) {
passport.use('ihealth', new OAuth2Strategy({
authorizationURL: 'https://api.ihealthlabs.com:8443/OpenApiV2/OAuthv2/userauthorization/',
tokenURL: 'https://api.ihealthlabs.com:8443/OpenApiV2/OAuthv2/userauthorization/',
clientID: configAuth.iHealthAuth.clientID,
clientSecret: configAuth.iHealthAuth.clientSecret,
callbackURL: configAuth.iHealthAuth.callbackURL,
APIName : 'OpenApiActivity'
},
function(token, refreshToken, profile, done) {
// ...
}
));
};
我知道 APIName 被忽略的原因是我在浏览器中看到 URL:
https://api.ihealthlabs.com:8443/OpenApiV2/OAuthv2/userauthorization/?response_type=code&redirect_uri=SOMEREDIRECTURI&client_id=SOMECLIENTID
我想知道如何启用向授权请求添加额外参数?也许通过覆盖 node_modules/passport_oauth2/lib/strategy.js 中的函数 OAuth2Strategy.prototype.authorizationParams,它在下载的文件中看起来像这样:
/**
* Return extra parameters to be included in the authorization request.
*
* Some OAuth 2.0 providers allow additional, non-standard parameters to be
* included when requesting authorization. Since these parameters are not
* standardized by the OAuth 2.0 specification, OAuth 2.0-based authentication
* strategies can overrride this function in order to populate these parameters
* as required by the provider.
*
* @param {Object} options
* @return {Object}
* @api protected
*/
OAuth2Strategy.prototype.authorizationParams = function(options) {
return {};
};
这次我设法找到了解决方法。也许它会帮助有类似问题的人。
对于解决方案,我没有使用众所周知的模块,例如 passport-oauth2 或 simple-oauth2,而只是使用模块 querystring 来构建请求 URL 和用于进行 HTTP 调用的模块 request。
示例:
var express = require('express');
var router = express.Router();
var request = require('request');
var qs = require('querystring');
var configAuth = require('../config/auth');
var authorization_url_site = configAuth.iHealthAuth.authorizationSite;
var authorization_url_params = {
response_type : 'code',
client_id: configAuth.iHealthAuth.clientID,
redirect_uri: configAuth.iHealthAuth.callbackURL,
APIName : configAuth.iHealthAuth.APIName
};
var authorization_uri = authorization_url_site + '?' + qs.stringify(authorization_url_params);
var token_url_site = configAuth.iHealthAuth.tokenSite;
var token_url_params = {
grant_type : 'authorization_code',
client_id: configAuth.iHealthAuth.clientID,
client_secret: configAuth.iHealthAuth.clientSecret,
redirect_uri: configAuth.iHealthAuth.callbackURL,
code: req.query.code
};
var token_uri = token_url_site + '?' + qs.stringify(token_url_params);
// Initial page redirecting to the login page
router.route('/auth')
.get(function (req, res) {
res.redirect(authorization_uri);
});
// Callback service parsing the authorization token and asking for the access token
router.route('/')
.get(function(req, res) {
request(token_uri, function(err, response, body) {
if(err) {
throw err;
} else {
var data = JSON.parse(body);
// save token to database or file
saveToken(data);
}
});
});
});
module.exports = router;
您可以按如下方式覆盖 OAuth2Strategy.prototype.authorizationParams
var myStrategy = new OAuth2Strategy({
authorizationURL: 'https://api.ihealthlabs.com:8443/OpenApiV2/OAuthv2/userauthorization/',
tokenURL: 'https://api.ihealthlabs.com:8443/OpenApiV2/OAuthv2/userauthorization/',
clientID: configAuth.iHealthAuth.clientID,
clientSecret: configAuth.iHealthAuth.clientSecret,
callbackURL: configAuth.iHealthAuth.callbackURL
},
function(token, refreshToken, profile, done) {
// ...
});
myStrategy.authorizationParams = function(options) {
return {
APIName : 'OpenApiActivity'
};
};
passport.use('ihealth',myStrategy);
对于 Microsoft ADFS OAuth 2,这可用于添加所需的 source 参数;如果希望回调也包含一些特定值,则添加 state 参数。
function(options)中的options调用时可以设置passport.authenticate:
router.get('/auth', passport.authenticate('ihealth', {time: Date.now()}));
我在 node.js 应用程序中实施 Oauth2 身份验证时遇到问题,我需要在授权请求中添加一个额外的参数,但模块只是忽略了 "unknown" 参数。
我的代码附在下面。被忽略的参数是 APIName.
var OAuth2Strategy = require('passport-oauth2').Strategy;
// load the auth variables
var configAuth = require('./auth');
module.exports = function(passport) {
passport.use('ihealth', new OAuth2Strategy({
authorizationURL: 'https://api.ihealthlabs.com:8443/OpenApiV2/OAuthv2/userauthorization/',
tokenURL: 'https://api.ihealthlabs.com:8443/OpenApiV2/OAuthv2/userauthorization/',
clientID: configAuth.iHealthAuth.clientID,
clientSecret: configAuth.iHealthAuth.clientSecret,
callbackURL: configAuth.iHealthAuth.callbackURL,
APIName : 'OpenApiActivity'
},
function(token, refreshToken, profile, done) {
// ...
}
));
};
我知道 APIName 被忽略的原因是我在浏览器中看到 URL:
https://api.ihealthlabs.com:8443/OpenApiV2/OAuthv2/userauthorization/?response_type=code&redirect_uri=SOMEREDIRECTURI&client_id=SOMECLIENTID
我想知道如何启用向授权请求添加额外参数?也许通过覆盖 node_modules/passport_oauth2/lib/strategy.js 中的函数 OAuth2Strategy.prototype.authorizationParams,它在下载的文件中看起来像这样:
/**
* Return extra parameters to be included in the authorization request.
*
* Some OAuth 2.0 providers allow additional, non-standard parameters to be
* included when requesting authorization. Since these parameters are not
* standardized by the OAuth 2.0 specification, OAuth 2.0-based authentication
* strategies can overrride this function in order to populate these parameters
* as required by the provider.
*
* @param {Object} options
* @return {Object}
* @api protected
*/
OAuth2Strategy.prototype.authorizationParams = function(options) {
return {};
};
这次我设法找到了解决方法。也许它会帮助有类似问题的人。
对于解决方案,我没有使用众所周知的模块,例如 passport-oauth2 或 simple-oauth2,而只是使用模块 querystring 来构建请求 URL 和用于进行 HTTP 调用的模块 request。
示例:
var express = require('express');
var router = express.Router();
var request = require('request');
var qs = require('querystring');
var configAuth = require('../config/auth');
var authorization_url_site = configAuth.iHealthAuth.authorizationSite;
var authorization_url_params = {
response_type : 'code',
client_id: configAuth.iHealthAuth.clientID,
redirect_uri: configAuth.iHealthAuth.callbackURL,
APIName : configAuth.iHealthAuth.APIName
};
var authorization_uri = authorization_url_site + '?' + qs.stringify(authorization_url_params);
var token_url_site = configAuth.iHealthAuth.tokenSite;
var token_url_params = {
grant_type : 'authorization_code',
client_id: configAuth.iHealthAuth.clientID,
client_secret: configAuth.iHealthAuth.clientSecret,
redirect_uri: configAuth.iHealthAuth.callbackURL,
code: req.query.code
};
var token_uri = token_url_site + '?' + qs.stringify(token_url_params);
// Initial page redirecting to the login page
router.route('/auth')
.get(function (req, res) {
res.redirect(authorization_uri);
});
// Callback service parsing the authorization token and asking for the access token
router.route('/')
.get(function(req, res) {
request(token_uri, function(err, response, body) {
if(err) {
throw err;
} else {
var data = JSON.parse(body);
// save token to database or file
saveToken(data);
}
});
});
});
module.exports = router;
您可以按如下方式覆盖 OAuth2Strategy.prototype.authorizationParams
var myStrategy = new OAuth2Strategy({
authorizationURL: 'https://api.ihealthlabs.com:8443/OpenApiV2/OAuthv2/userauthorization/',
tokenURL: 'https://api.ihealthlabs.com:8443/OpenApiV2/OAuthv2/userauthorization/',
clientID: configAuth.iHealthAuth.clientID,
clientSecret: configAuth.iHealthAuth.clientSecret,
callbackURL: configAuth.iHealthAuth.callbackURL
},
function(token, refreshToken, profile, done) {
// ...
});
myStrategy.authorizationParams = function(options) {
return {
APIName : 'OpenApiActivity'
};
};
passport.use('ihealth',myStrategy);
对于 Microsoft ADFS OAuth 2,这可用于添加所需的 source 参数;如果希望回调也包含一些特定值,则添加 state 参数。
function(options)中的options调用时可以设置passport.authenticate:
router.get('/auth', passport.authenticate('ihealth', {time: Date.now()}));