-
Notifications
You must be signed in to change notification settings - Fork 119
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OAuth User Data Should be included in the success value object #94
Comments
Also I think there is an error with scopes, only one of the scope in the array is getting picked github: GithubAdapter({
clientID: process.env.GITHUB_CLIENT_ID!,
clientSecret: process.env.GITHUB_CLIENT_SECRET!,
scopes: ["user:email", "profile"],
}),
```
Response of oauth (value.tokenset.raw)
```ts
{
access_token: "gggg",
token_type: "bearer",
scope: "user:email",
} |
Am using this currently } else if (value.provider === "github") {
const githubUserResponse = await fetch("https://api.github.com/user", {
headers: {
Authorization: `Bearer ${value.tokenset.access}`,
},
});
const githubUser: GitHubUser = await githubUserResponse.json();
}
Doing this for all oauth provider will be very tedious since all I need is the email and the name from any oauth provider or we could just dump the data on value.extra, so from there anyone can pick what they need |
This might be tricky tho, since we may need to account for each scopes. For instance do we want to get the user's full profile with const response = await fetch("https://api.github.com/user", {
headers: {
Authorization: `Bearer ${value.tokenset.access}`
}
});
const user = await response.json(); or just their emails with scope( const response = await fetch("https://api.github.com/user/emails", {
headers: {
Authorization: `Bearer ${value.tokenset.access}`
}
});
const emails = await response.json(); |
I think just getting the user profile should be enough for most use casess |
Wouldn't forwarding along the access tokens returned by each provider as part of the subjects object suffice? |
the challenge here is there is no consistent spec for just oauth2 to get userinfo - there is for those who implement OIDC i think having to add a fetch in your success handler is a bit annoying but ultimately not a big deal so would probably just ask people to do that instead of assuming what you want to do |
Hmm, I get you know. What if i create a package that does just the fetching of the user profile then maybe we can just give an optional way for people to inject it into the oauth process instead of doing it on success. That will make it more cleaner |
Also I think there is way the go community are handling it, I can do a little digging Because on go side the user profile is been returned for all the oauth providers they support |
I want to suggest we add some basic user info on the oauth provider
at least most people would need the user email, name, id, firstname and lastname
This will make it more easy to adopt for oauth, if anybody is having a more advance use case they can always use the tokens to do that
@thdxr
The text was updated successfully, but these errors were encountered: