因此,我试图将访问令牌保存到Koa中的状态,以备后用,并节省了将其传递给客户端的麻烦。
继Koa的passport oauth2 documentation之后,我正在努力将任何东西坚持到ctx.state
...
Koa /护照oauth2设置:
server.koaApp.use(koaSession(
{
key: sessionKey,
rolling: true,
maxAge: sessionMaxAge,
sameSite: 'none',
secure: true,
// @ts-ignore
domain: undefined
},
server.koaApp,
));
// set up passport sessions here
function createPassport() {
const passport = new KoaPassport();
passport.use(new OAuth2Strategy({
authorizationURL: oauthClientAuthUrl,
tokenURL: oauthClientTokenUrl,
clientID: oauthClientId,
clientSecret: oauthClientSecret,
callbackURL: oauthClientRedirectUrl,
}, function(accessToken, refreshToken, params, profile, cb) {
cb(null, {id: 'somedudesID', accessToken});
}));
passport.serializeUser((user, done) => {
done(null, user);
});
passport.deserializeUser((user, done) => {
done(null, user);
});
return passport;
};
应该设置并读取访问令牌的路由声明:
router.get('/authorize', passport.authenticate('oauth2'), (ctx: any) => {
const { accessToken } = ctx.session.passport.user;
ctx.state.accessToken = accessToken;
ctx.status = 200;
});
router.get('/get-token-from-state', (ctx: any) => {
console.log(ctx.state.accessToken); // undefined
});
问题:
为什么要获取ctx.state.accessToken
时未定义/get-token-from-state
?
我什至还要尝试像这样持久保存访问令牌吗?还有其他方法可以在其他路由中获取accessToke吗?
我有同样烦人的经历。帮助移除koa-session
并将其替换为koa-generic-session
的方法有所帮助。然后我设置了一个内存存储->现在它可以工作了:)
[不确定将令牌存储在内存会话中是否是最好的主意-但现在是我的初稿。它只是与密钥斗篷联系的一个小代码块。
server.js
var app = new Koa();
app.keys = ['keys', 'keykeys'];
var memoryStore = new session.MemoryStore();
// Session
app.use(session({
secret: 'some secret',
resave: false,
saveUninitialized: true,
store: memoryStore
}));
// Passport
const passport = require('./oauth2')
app.use(passport.initialize());
app.use(passport.session());
oauth2.js
const request = require('request');
const passport = require('koa-passport');
const OAuth2Strategy = require('passport-oauth2').Strategy;
const clientId = "b2m";
const clientSecrect = "57ce5bba-f336-417f-b9c2-06157face88f";
OAuth2Strategy.prototype.userProfile = function (accessToken, done) {
var options = {
url: 'http://localhost:8080/auth/realms/master/protocol/openid-connect/userinfo',
headers: {
'User-Agent': 'request',
'Authorization': 'Bearer ' + accessToken,
}
};
request(options, callback);
function callback(error, response, body) {
if (error || response.statusCode !== 200) {
return done(error);
}
var info = JSON.parse(body);
return done(null, info);
}
};
passport.use(new OAuth2Strategy({
authorizationURL: 'http://localhost:8080/auth/realms/master/protocol/openid-connect/auth',
tokenURL: 'http://localhost:8080/auth/realms/master/protocol/openid-connect/token',
clientID: clientId,
clientSecret: clientSecrect,
callbackURL: "http://localhost:3000/callback"
},
function(accessToken, refreshToken, profile, cb) {
console.log('#########################################################');
console.log('Authenticated with OAuth2');
console.log('accessToken', accessToken);
console.log('refreshToken', refreshToken);
var user = {
accessToken: accessToken,
refreshToken: refreshToken,
profile: profile
};
console.log('user', user);
return cb(null, user);
}
));
/* Example: storing user data received from the strategy callback in the session, i.e. in `req.session.passport.user` */
passport.serializeUser(function(user, done) {
done(null, user);
});
/* Example: getting the user data back from session and attaching it to the request object, i.e. to `req.user` */
passport.deserializeUser(function (user, next) {
/*
Example: if only a user identifier is stored in the session, this is where
the full set could be retrieved, e.g. from a database, and passed to the next step
*/
next(null, user);
});
module.exports = passport;