I am trying to setup a simple example of 3rd party authentication in a localhost parse server using GitHub. I read the parse guide, the wiki, as well as old issues and websites (pre- and post- the opensourcing of parse). Almost everything is working, but the last part: the link between the GitHub access token and the Parse.User.
Here's my client and server code.
Client code (using hello.js for connecting with github and getting the access_token):
<html>
<body>
<script src="src/hello.polyfill.js"></script>
<script src="src/hello.js"></script>
<script src="src/modules/github.js"></script>
<script src="https://npmcdn.com/parse/dist/parse.min.js"></script>
<button onclick="hello('github').login()">Login with GitHub</button>
<div id='profile'></div>
<script>
const parseClientID = "[MY_PARSE_APP_ID]";
const githubClientID = "[MY_GITHUB_APP_ID]";
Parse.initialize(parseClientID);
Parse.setURL = "http://localhost:1337/parse";
var provider = {
authenticate(options) {if (options.success) {options.success(this, {});}},
restoreAuthentication(authData) {},
getAuthType() {return 'github';},
deauthenticate() {}
};
let authData = {authData: {access_token: 'REPLACED_ON_THE_FLY', id: githubClientID}};
hello.init({github: githubClientID}, {
oauth_proxy: 'http://localhost:3000/proxy',
redirect_uri: 'http://localhost:3000/redirect'
});
// after loging in, when github calls back, this part of the code tries to
// link the github data with a Parse.User
hello.on('auth.login', (auth) => {
authData.authData.access_token = auth.authResponse.access_token;
var user = new Parse.User();
user._linkWith(provider, authData).then(usr=>console.log(usr), err=>console.log(err));
});
</script>
</body>
</html>
Server code (nothing fancy, standard parse-server route, and oauthshim to talk with hello.js):
var createError = require('http-errors');
var express = require('express');
var path = require('path');
var cookieParser = require('cookie-parser');
var ParseServer = require('parse-server').ParseServer;
var oauthshim = require('oauth-shim');
var app = express();
app.get('/', (req, res) => {res.render('index');});
app.get('/redirect', (req, res) => {res.render('redirect');});
var api = new ParseServer({
"appId": "[MY_PARSE_APP_ID]",
"masterKey": "[MY_PARSE_MASTER_KEY]",
"appName": "connect",
"databaseURI": "mongodb://127.0.0.1:27017/parse",
"serverURL": "http://localhost:1337/parse",
"auth": {"github": {"id":"[MY_GITHUB_APP_ID]","access_token":"spaceholder"}}
});
app.use('/parse', api);
oauthshim.init([{
client_id: '[MY_GITHUB_APP_ID]',
client_secret: '[MY_GITHUB_SECRET]',
grant_url: 'https://github.com/login/oauth/access_token',
domain: 'http://localhost:3000/redirect'
}]);
app.use('/proxy', oauthshim);
app.listen(1337, function() {console.log('parse-server running on port 1337.');});
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');
app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
app.use(function(req, res, next) { next(createError(404));});
app.use(function(err, req, res, next) {
res.locals.message = err.message;
res.locals.error = req.app.get('env') === 'development' ? err : {};
res.status(err.status || 500);
res.render('error');
});
module.exports = app;
The client displays a single "login" button. On clicking, it connects to github, gets an access token, which is then used to user._linkWith().
At this point, I get this error in the Web console:
error: Github auth is invalid for this user. code=101, message=Github auth is invalid for this user.
I think that I'm not writing the auth object properly, but I can't figure out how to do it just from the Custom Authentication section of the Guide in the parse-server website (https://docs.parseplatform.org/parse-server/guide/#oauth-and-3rd-party-authentication).
Thank you in advance !
I have implemented the github login but not in the same way you did but I think it should work the process should be the same.
You need to get the access token and next with the token get the github user id at https://api.github.com/user. And finaly call the _linkWith method.
On the server side you don't need to add auth configuration. your server should be :
var api = new ParseServer({
"appId": "[MY_PARSE_APP_ID]",
"masterKey": "[MY_PARSE_MASTER_KEY]",
"appName": "connect",
"databaseURI": "mongodb://127.0.0.1:27017/parse",
"serverURL": "http://localhost:1337/parse",
});
And on client client side you don't need to configure the provider. Just call _linkWith like that :
hello.on('auth.login', (auth) => {
// get the github user id before
const authData = {
id: 'your github user id'
access_token: 'your access token'
}
const user = new Parse.User()
return user._linkWith('github', { authData }).then(user => {
// do what you want with user
})
Hope this will help you.
Related
I have implemented instagram oauth using passport and passport-instagram package in nodejs.
Below is my code.
require("dotenv").config();
const express = require("express");
const app = express();
const passport = require("passport");
const InstagramStrategy = require("passport-instagram").Strategy;
const ExpressSession = require("express-session");
app.use(passport.initialize());
app.use(
ExpressSession({
resave: false,
saveUninitialized: true,
secret: "mylittlesecret",
})
);
app.use(passport.session());
// Serialize user data to store in the session
passport.serializeUser(function(user, done) {
done(null, user);
});
// Deserialize user data from the session
passport.deserializeUser(function(obj, done) {
done(null, obj);
});
passport.use(
new InstagramStrategy({
clientID: "Instagram_client_id",
clientSecret: "Instagram_client_secret",
callbackURL: "https://d5d0-115-xxx-xx-179.ngrok.io/auth/instagram/callback",
},
function(accessToken, refreshToken, profile, cb) {
process.nextTick(function() {
return cb(null, profile);
});
}
)
);
// Instagram login route
app.get(
"/auth/instagram",
passport.authenticate("instagram", {
scope: [
"pages_show_list",
"user_media",
"user_profile",
"instagram_basic",
"instagram_content_publish",
"instagram_manage_comments",
"instagram_manage_insights",
"pages_read_engagement",
],
})
);
// Instagram callback route
app.get(
"/auth/instagram/callback",
passport.authenticate("instagram", {
failureRedirect: "/error",
}),
(req, res) => {
res.redirect("/profile");
}
);
app.get("/profile", (req, res) => {
res.send("Proile");
});
app.get("/error", (req, res) => {
res.send("error");
});
const PORT = process.env.PORT;
app.get("/", (req, res) => {
res.send("Home");
});
app.listen(PORT, () => {
console.log(`Server is running at ${PORT}`);
});
I have created a consumer facebook app in developers platform and added product of Instagram basic display api , in basic display api valid oauth redirect uri , i have entered : https://d5d0-115-xxx-xx-179.ngrok.io/auth/instagram/callback url which i have declared in my code and
and in deauthroize callback url : https://dd9b-115-xxx-xx-179.ngrok.io/auth/instagram/
I have also added tester insatgram account also
When i hit /auth/instagram route this is taking me to instagram login, after completing all the steps im recieving error like this,
InternalOAuthError: failed to fetch user profile
at /Users/vivekgupta/Desktop/AdosphereServices/instalogin/node_modules/passport-instagram/lib/strategy.js:80:28
at passBackControl (/Users/vivekgupta/Desktop/AdosphereServices/instalogin/node_modules/oauth/lib/oauth2.js:132:9)
at IncomingMessage.<anonymous> (/Users/vivekgupta/Desktop/AdosphereServices/instalogin/node_modules/oauth/lib/oauth2.js:157:7)
at IncomingMessage.emit (node:events:402:35)
at endReadableNT (node:internal/streams/readable:1343:12)
at processTicksAndRejections (node:internal/process/task_queues:83:21)
Please help me with this ,
Thank You In advance.
I have a vue-node application and want to authenticate the users with zapier authentication API.
I tried using the below API but it takes account_id parameter which I don’t know how to get.
"account_id": 19907586,
https://zapier.com/api/v3/login
I could not find any official documentation of any API that can authenticate users with their zapier credentials, how can I do this ?
Where can I find an API to authenticate zapier users ?
You can try this :
const axios = require('axios')
const { URLSearchParams } = require('url')
const { ZAPIER_API_KEY } = process.env
const zapierApi = axios.create({
baseURL: 'https://api.zapier.com',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
Accept: 'application/json',
},
})
const params = new URLSearchParams()
params.append('api_key', ZAPIER_API_KEY)
const authenticate = async () => {
const response = await zapierApi.post('/v1/authenticate', params)
return response.data
}
module.exports = {
authenticate,
}
I want to do what the MS Graph sample node app is doing in its integrationTests.js, but that test doesn't work. Here's what I've tried:
Followed the quick start for creating a node.js app.
Ran the app. Ensured it worked by sending an e-mail.
Modified the test Checking that the sample can send an email to use my account parameters.
Tried to run the test. It fails with 403: insufficient scope. The call to get the token returned scopes, but lacked Mail.Send.
In the post data for the call to login.microsoftonline.com, I added "scope: 'Mail.Send'"
I still receive a valid token, and the return scope includes Mail.Send, but when I try to post with that token, I get 400: cannot POST /beta/me/sendMail
I tried adding scope (Mail.Send) in the query string and as a header (thought I saw that somewhere), but it made no difference.
I added the Mail.Send permission (under "Application Permissions") for the app in the application registration portal.
I compared the token (using https://jwt.ms) from my test call to the call from the app when it works. I see no real difference. They both contain the Mail.Send scope.
Here is the code (which is only slightly different from what's in the sample):
// in graphHelper.js
function postSendMail(accessToken, message, callback) {
request
.post('https://graph.microsoft.com/beta/me/sendMail')
//.post('https://graph.microsoft.com/beta/me/sendMail?scope=Mail.Send') // nope
.send(message)
.set('Authorization', 'Bearer ' + accessToken)
.set('Content-Type', 'application/json')
.set('Content-Length', message.length)
.set('scope', 'Mail.Send') // nope
.end((err, res) => {
callback(err, res);
});
}
describe('Integration', function () { // mocha
var accessToken;
var scope;
const config = getConfig();
// My account variables in testConfig.json file
function getConfig() {
var configFilePath = path.join(__dirname, 'testConfig.json');
return JSON.parse(fs.readFileSync(configFilePath, { encoding: 'utf8' }));
}
function getAccessToken(done) {
var postData = querystring.stringify(
{
grant_type: 'password',
//grant_type: 'client_id', // not supported
//grant_type: 'authorization_code', // This assumes you've requested an auth code.
resource: 'https://graph.microsoft.com/',
scope: 'Mail.Send',
client_id: config.test_client_id_v2,
client_secret: config.test_client_secret_v2,
username: config.test_username,
password: config.test_password
}
);
var postOptions = {
host: 'login.microsoftonline.com',
port: 443,
path: '/common/oauth2/token',
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': Buffer.byteLength(postData)
}
};
var postRequest = https.request(postOptions, function (res) {
var data = '';
res.setEncoding('utf8');
res.on('data', function (chunk) {
data += chunk;
});
res.on('end', function () {
const response = JSON.parse(data);
accessToken = response.access_token;
scope = response.scope;
done();
});
});
postRequest.on('error', function (e) {
console.log('Error: ' + e.message);
done(e);
});
postRequest.write(postData);
postRequest.end();
}
before( // eslint-disable-line no-undef
function (done) {
getAccessToken(done);
}
);
it('Checking that the sample can send an email',
function (done) {
var postBody = emailer.generateMailBody(config.test_name, config.test_username);
graphHelper.postSendMail(
accessToken, scope,
JSON.stringify(postBody),
function (error) {
assert(error === null, `The sample failed to send an email: ${error}`);
done();
});
}
);
});
In my angular 5 application, I am having the get and post requests which are as follows:
Get request:
constructor(private httpClient:HttpClient){
this.httpClient.get(this.url_string,{ withCredentials: true }).subscribe(data => {
this.name = data; }) }
Post Request:
this.httpClient.post(this.url_string,this.data_request,{ withCredentials: true }).subscribe(
data => {
//doing something with data});
In the backend I am using Node service with node-sspi for fetching the username from request.
Node Service :
var express = require('express');
var app = express();
var http = require('http');
var bodyParser = require('body-parser');
const fs = require('fs');
app.use(function(req, res, next) { //allow cross origin requests
res.setHeader("Access-Control-Allow-Methods", "POST, PUT, OPTIONS, DELETE, GET");
res.header("Access-Control-Allow-Origin", "http://localhost/Sample");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json());
app.use(function (req, res, next) {
var nodeSSPI = require('node-sspi')
var nodeSSPIObj = new nodeSSPI({
retrieveGroups: true
})
nodeSSPIObj.authenticate(req, res, function(err){
res.finished || next()
})
})
app.get('/sign', function fnn(request, response) {
response.send(request.connection.user);
});
app.post('/upload', function fnn1(request, response) {
//doing something
});
My question is all the get request are working fine. But when i use post request I got Error 401 (Unauthorized User).
Some More Info:
I am deploying my angular app using ng buid --prod --base-href /Sample/
and deployed it on IIS on default Site
And on the Same machine I had deployed my Node Service using NSSM.
Please guide me where I am wrong.
Thanks in Advance.
After the user authenticates using Passport's Facebook Strategy, I want to render a form with the user's personal information. I am using the fbgraph module to access the Facebook API. But I have to require it in both site.js to retrieve his personal information and authentication.js to set the accessToken. Is there an elegant way to deal with this?
index.js
var authentication = require ('./authentication');
var site = require('./site');
app.get('/form-fb', site.form_fb);
app.get('/auth/facebook', authentication.authenticate_fb);
app.get('/auth/facebook/callback', authentication.callback_fb);
site.js
var fbgraph = require ('fbgraph');
exports.form_fb = function (req, res){
fbgraph.get("me?fields=first_name,last_name,email,birthday,gender", function (err, fbres) {
res.render('form-fb', fbres);
});
};
authentication.js
var passport = require('passport');
var fbgraph = require ('fbgraph');
var FacebookStrategy = require('passport-facebook').Strategy;
var db = require ('./db');
passport.use(new FacebookStrategy({
clientID: FACEBOOK_APP_ID,
clientSecret: FACEBOOK_APP_SECRET,
callbackURL: FACEBOOK_APP_CALLBACKURL
},
function(accessToken, refreshToken, profile, done) {
fbgraph.setAccessToken(accessToken);
db.User.findOne({'accounts.uid': profile.id, 'accounts.provider': 'facebook'}, function (err, oldUser){
if (oldUser){
console.log('Existing user: ' + oldUser.first_name);
done(null, oldUser);
} else {
var newUser = new db.User();
var account = {provider: "facebook", uid: profile.id};
newUser.accounts.push(account);
newUser.save(function(err) {
if (err) {throw err};
console.log ('New user: ' + profile.name.givenName);
done (null, newUser);
});
}
});
}
));
exports.authenticate_fb = passport.authenticate('facebook', {scope: FACEBOOK_APP_SCOPE});
exports.callback_fb = passport.authenticate('facebook', { successRedirect: '/form-fb',
failureRedirect: '/login' });