Skip to content
  • 0 Votes
    1 Posts
    265 Views
    K

    Hi all,

    still continuing on my OAuth2 plugin implementation, I've a problem I can't actually solve and need you valuable advises.

    I've this fragment in my plugin

    OAuth.getStrategy = function (strategies, callback) { winston.verbose('[maxonID] --> OAuth.getStrategy'); if (configOk) { passportOAuth = require('passport-oauth2'); passportOAuth.Strategy.prototype.userProfile = function (accessToken, done) { if (!accessToken) { done(new Error('Missing token, cannot call the userinfo endpoint without it.')); } this._oauth2.useAuthorizationHeaderforGET(true); this._oauth2.get(constants.userRoute, accessToken, function (err, body, res) { if (err) { console.error(err); return done(new Error('Failed to get user info. Exception was previously logged.')); } if (res.statusCode < 200 || res.statusCode > 299) { return done(new Error('Unexpected response from userInfo. [' + res.statusCode + '] [' + body + ']')); } OAuth.validateEntitlement(accessToken, constants.allowedEntitlement, function (err, accessAllowed) { if (err) { return done(err); } if (!accessAllowed) { // Need to find a way to gracefully notify the user and point back to login page return done(new Error('Forum access is not granted. Please contact your representative.')); } try { var json = JSON.parse(body); OAuth.parseUserReturn(json, function (err, profile) { ...

    and I'd like to return the user to the forum login page and notify him about the issue, something like when the password is wrong. Is there a smart way to make it happen from such a plugin without rising an error?

    Thanks a lot for your valuable insights, R.

  • 0 Votes
    12 Posts
    1k Views
    K

    Thanks a lot everybody for the contributions to this discussion!

    Your recommendations were all useful to better understanding the plugin and finally realise a prototype against 10Duke.

    Cheers, R

  • 2 Votes
    1 Posts
    899 Views
    mooredsM

    Hiya,

    I wrote a tutorial about setting up single sign-on for NodeBB.

    Full disclosure, I wrote it using my employers OAuth server (FusionAuth) as the user identity provider.

    But the plugin and steps should work with any OAuth server. The plugin is here: https://github.com/FusionAuth/nodebb-plugin-fusionauth-oidc

  • 0 Votes
    6 Posts
    1k Views
    C

    It seems require('socket.io').reqFromSocket(socket) doesn't returns a valid req for AuthController.doLogin.... i want to authenticate via websocket but maybe i will have to do it the old POST way, am i correct?

  • 0 Votes
    5 Posts
    2k Views
    E

    you must forgot to set related informations in admin panel(social authentication)