-
-
Notifications
You must be signed in to change notification settings - Fork 179
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sending specific state while calling passport.authenticate #77
Comments
I've got the exact same issue. It appears that regardless of what is passed through in the options parameter of the .authenticate() call, the state parameter is ignored and randomly generated by the library: https://github.com/jaredhanson/passport-openidconnect/blob/master/lib/state/session.js#L42 |
Same issue here. Is it possible to use the StateStore in conjunction w/ other state params that app might need to round trip? |
got same issue while trying to implement the solution provided in this comment jaredhanson/passport-oauth2#96 (comment) |
Got the same issue trying to use custom state |
Any updates ? |
I have the same issue |
Same! |
any update? |
I just struggled with this and found that the data is actually passed back but is listed under the property authInfo. So the given callback request post authentication middleware looks like this: try {
const { state } = req.authInfo; // <----------- THIS PROPERTY IS NOT 'query' but 'authInfo'
const { returnTo } = JSON.parse(Buffer.from(state, 'base64').toString());
if (typeof returnTo === 'string' && returnTo.startsWith('/')) {
return res.redirect(returnTo)
}
} catch {
// just redirect normally below
} |
I was also lost in finding the Going to leave this article written by @jaredhanson as a reference: |
Hi All,
I am sending a particular state parameter with the authenticate call as below. But that state is changed to a random string. How do I send a specific state and retrieve it after the callback url is called. Basically what I want is, I have couple of parameters based on which I will redirect to different routes. those i am trying to pass as state parameters, but they are changed to some random string and they are lost. How do I retrieve them. Thanks.
passport.authenticate('oidc', { state: JSON.stringify({ tab: 'placement' }) })
const passport = require('passport');
const OidcStrategy = require('passport-openidconnect').Strategy;
app.use(
session({
secret: crypto.randomBytes(64).toString('hex').substring(0, 20),
resave: true,
saveUninitialized: true,
})
);
app.use(passport.initialize());
app.use(passport.session());
passport.use(
'oidc',
new OidcStrategy(
{
issuer: 'xxxx',
authorizationURL: 'xxxx',
tokenURL: 'xxxx',
userInfoURL: 'xxxx',
clientID: 'xxxx',
clientSecret: 'xxxxx',
callbackURL: 'xxxxx',
scope: 'profile groups',
nonce: crypto
.randomBytes(64)
.toString('hex')
.substring(0, 20),
},
(issuer, sub, profile, accessToken, refreshToken, params, done) => {
)
);
app.use('/login',passport.authenticate('oidc', { state: JSON.stringify({ tab: 'placement' }) }) )`
The text was updated successfully, but these errors were encountered: