nodej.js中的模块passport-oauth2:要包含在授权请求中的额外参数

时间:2015-09-02 16:00:11

标签: javascript node.js oauth-2.0

我在node.js应用程序中实现Oauth2身份验证时遇到问题,我需要在授权请求中添加一个额外的参数,但模块只是忽略了" unknown"参数。

我的代码附在下面。被忽略的参数是APIName

var OAuth2Strategy = require('passport-oauth2').Strategy;

// load the auth variables
var configAuth = require('./auth');

module.exports = function(passport) {

    passport.use('ihealth', new OAuth2Strategy({
            authorizationURL: 'https://api.ihealthlabs.com:8443/OpenApiV2/OAuthv2/userauthorization/',
            tokenURL: 'https://api.ihealthlabs.com:8443/OpenApiV2/OAuthv2/userauthorization/',
            clientID: configAuth.iHealthAuth.clientID,
            clientSecret: configAuth.iHealthAuth.clientSecret,
            callbackURL: configAuth.iHealthAuth.callbackURL,
            APIName : 'OpenApiActivity'
        },
        function(token, refreshToken, profile, done) {

            // ...

        }
    ));
};

我知道APIName被忽略的原因是我在浏览器中看到了这个网址:

https://api.ihealthlabs.com:8443/OpenApiV2/OAuthv2/userauthorization/?response_type=code&redirect_uri=SOMEREDIRECTURI&client_id=SOMECLIENTID

我想知道如何在授权请求中添加额外的参数?也许通过覆盖OAuth2Strategy.prototype.authorizationParams中的函数node_modules/passport_oauth2/lib/strategy.js,在donwloaded文件中看起来像这样:

/**
 * Return extra parameters to be included in the authorization request.
 *
 * Some OAuth 2.0 providers allow additional, non-standard parameters to be
 * included when requesting authorization.  Since these parameters are not
 * standardized by the OAuth 2.0 specification, OAuth 2.0-based authentication
 * strategies can overrride this function in order to populate these parameters
 * as required by the provider.
 *
 * @param {Object} options
 * @return {Object}
 * @api protected
 */
OAuth2Strategy.prototype.authorizationParams = function(options) {
  return {};
};

2 个答案:

答案 0 :(得分:4)

您可以按以下方式覆盖OAuth2Strategy.prototype.authorizationParams 

 var myStrategy = new OAuth2Strategy({
        authorizationURL: 'https://api.ihealthlabs.com:8443/OpenApiV2/OAuthv2/userauthorization/',
        tokenURL: 'https://api.ihealthlabs.com:8443/OpenApiV2/OAuthv2/userauthorization/',
        clientID: configAuth.iHealthAuth.clientID,
        clientSecret: configAuth.iHealthAuth.clientSecret,
        callbackURL: configAuth.iHealthAuth.callbackURL
    },
    function(token, refreshToken, profile, done) {
        // ...
    });

    myStrategy.authorizationParams = function(options) {
      return {
        APIName : 'OpenApiActivity'
      };
    };

    passport.use('ihealth',myStrategy);

对于Microsoft ADFS OAuth 2,这可用于添加所需的source参数;如果有人希望回调也包含一些特定值,则添加state参数。

调用options时可以设置function(options)中的passport.authenticate

router.get('/auth', passport.authenticate('ihealth', {time: Date.now()}));

答案 1 :(得分:0)

在这段时间里,我设法找到了解决方法。也许它会帮助有类似问题的人。

对于解决方案,我没有使用众所周知的模块,例如[1, 2, 3]passport-oauth2,而只使用模块simple-oauth2来构建请求URL和模块{{ 1}}用于进行HTTP调用。

示例:

querystring
相关问题
最新问题