Skip to content
  • 0 Votes
    1 Posts

    Hi all,

    still continuing on my OAuth2 plugin implementation, I've a problem I can't actually solve and need you valuable advises.

    I've this fragment in my plugin

    OAuth.getStrategy = function (strategies, callback) { winston.verbose('[maxonID] --> OAuth.getStrategy'); if (configOk) { passportOAuth = require('passport-oauth2'); passportOAuth.Strategy.prototype.userProfile = function (accessToken, done) { if (!accessToken) { done(new Error('Missing token, cannot call the userinfo endpoint without it.')); } this._oauth2.useAuthorizationHeaderforGET(true); this._oauth2.get(constants.userRoute, accessToken, function (err, body, res) { if (err) { console.error(err); return done(new Error('Failed to get user info. Exception was previously logged.')); } if (res.statusCode < 200 || res.statusCode > 299) { return done(new Error('Unexpected response from userInfo. [' + res.statusCode + '] [' + body + ']')); } OAuth.validateEntitlement(accessToken, constants.allowedEntitlement, function (err, accessAllowed) { if (err) { return done(err); } if (!accessAllowed) { // Need to find a way to gracefully notify the user and point back to login page return done(new Error('Forum access is not granted. Please contact your representative.')); } try { var json = JSON.parse(body); OAuth.parseUserReturn(json, function (err, profile) { ...

    and I'd like to return the user to the forum login page and notify him about the issue, something like when the password is wrong. Is there a smart way to make it happen from such a plugin without rising an error?

    Thanks a lot for your valuable insights, R.

  • 0 Votes
    12 Posts

    Thanks a lot everybody for the contributions to this discussion!

    Your recommendations were all useful to better understanding the plugin and finally realise a prototype against 10Duke.

    Cheers, R

  • 2 Votes
    1 Posts


    I wrote a tutorial about setting up single sign-on for NodeBB.

    Full disclosure, I wrote it using my employers OAuth server (FusionAuth) as the user identity provider.

    But the plugin and steps should work with any OAuth server. The plugin is here:

  • 0 Votes
    6 Posts

    It seems require('').reqFromSocket(socket) doesn't returns a valid req for AuthController.doLogin.... i want to authenticate via websocket but maybe i will have to do it the old POST way, am i correct?

  • 0 Votes
    5 Posts

    you must forgot to set related informations in admin panel(social authentication)