我需要使用Google和Facebook令牌对请求进行身份验证。我正在使用护照以及passport-facebook-token和passport-google-token库。
发出请求的客户端是iOS和Android。到目前为止,我只有Facebook身份验证,并且可以正常工作:
const FacebookTokenStrategy = require('passport-facebook-token');
const passport = require('passport')
const { facebook_client_id, facebook_client_secret } = require('../config')
passport.use(new FacebookTokenStrategy({
clientID: facebook_client_id,
clientSecret: facebook_client_secret,
}, function (accessToken, refreshToken, profile, done) {
done(null, profile)
}
));
The middleware:
const passport = require('passport')
require('../config/passport-facebook');
require('../config/passport');
const { INVALID_TOKEN, UNAUTHORIZED } = require('../config/constants')
module.exports = (req, res, next) => {
passport.authenticate(['jwt', 'facebook-token'], function (err, user, info) {
console.log("ERR", err)
if (err) {
if (err.oauthError) {
res
.status(400)
.json({ message: INVALID_TOKEN, status: 400 })
}
} else if (!user) {
res
.status(401)
.json({ message: UNAUTHORIZED, status: 401 })
} else {
req.user = user
next()
}
})(req, res, next);
}
当我尝试在中间件中添加google身份验证策略时,就会出现问题: 因此,以这种方式我总是会收到此错误:
'{"error":{"message":"Bad signature","type":"OAuthException","code":190,"fbtrace_id":"ARQrcaTLIYtkBIs4TIIl49p"}}' } }
如果我在数组中添加“ google-token”,则会出现该错误:(我尝试了数组中所有可能的订单)
module.exports = (req, res, next) => {
passport.authenticate(['google-token', 'jwt', 'facebook-token'], function (err, user, info) {
console.log("ERR", err)
if (err) {
if (err.oauthError) {
res
.status(400)
.json({ message: INVALID_TOKEN, status: 400 })
}
} else if (!user) {
res
.status(401)
.json({ message: UNAUTHORIZED, status: 401 })
} else {
req.user = user
next()
}
})(req, res, next);
}
要提的重要事项是,如果我不理会“ google-token”,就像这样:
module.exports = (req, res, next) => {
passport.authenticate(['google-token'], function (err, user, info) {
console.log("ERR", err)
if (err) {
if (err.oauthError) {
res
.status(400)
.json({ message: INVALID_TOKEN, status: 400 })
}
} else if (!user) {
res
.status(401)
.json({ message: UNAUTHORIZED, status: 401 })
} else {
req.user = user
next()
}
})(req, res, next);
}
它正常工作。
这是我的Google配置:
passport.use(new GoogleTokenStrategy({
clientID: google_client_id,
clientSecret: ''
},
function (accessToken, refreshToken, profile, done) {
return done(err, profile);
}
));