oauth-provider-support: Actions.jsx - What is the auth object expected in tryLoggedIn()?
Closed this issue ยท 1 comments
Hello! (and thank you for your work on this incredibly nice react wrapper for devise ๐)
I'm currently working on the auth-provider-support branch in order to implement a facebook login on a rails/reactJs project. I noticed the authentication flow goes good, facebook responds to the server with a hash of facebook data, the server creates/finds the resource user, thanks to the uid parameter:
Exemple for existing user logging in through facebook:
User Load (0.7ms) SELECT "users".* FROM "users" WHERE "users"."provider" = $1 AND "users"."uid" = $2 ORDER BY "users"."id" ASC LIMIT $3 [["provider", "facebook"], ["uid", "1016096009480261"], ["LIMIT", 1]]
Then, in the omniauth callback controller, the server responds to the client with a status 200 + user resource and request headers specifying what should be the auth_token:
def facebook
puts request.env #is always nil... can't figure out why.
@user = User.from_omniauth(params["accessToken"])
if @user.persisted?
sign_in @user, event: :authentication
response.set_header('Authorization', @user.confirmation_token) #client expects something else?
render json: @user, status: :ok
else
session["devise.facebook_data"] = request.env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
The tryLoggedIn function from Actions.jsx is triggered and doesn't seem happy with this token (because it's obviously invalid) and raises:
bluebird.js:953 Unhandled rejection InvalidTokenError at Object.<anonymous>
(http://localhost:3000/static/js/bundle.js:125011:32) at __webpack_require__
(http://localhost:3000/static/js/bundle.js:556:30) at fn
(http://localhost:3000/static/js/bundle.js:87:20) at Object.<anonymous>
(http://localhost:3000/static/js/bundle.js:124965:19) at __webpack_require__
(http://localhost:3000/static/js/bundle.js:556:30) at fn
(http://localhost:3000/static/js/bundle.js:87:20) at Object.<anonymous>
(http://localhost:3000/static/js/bundle.js:124940:21) at __webpack_require__
(http://localhost:3000/static/js/bundle.js:556:30) at fn
(http://localhost:3000/static/js/bundle.js:87:20) at Object.<anonymous>
(http://localhost:3000/static/js/bundle.js:124894:18) at __webpack_require__
(http://localhost:3000/static/js/bundle.js:556:30) at fn
(http://localhost:3000/static/js/bundle.js:87:20) at Object.<anonymous>
(http://localhost:3000/static/js/bundle.js:35571:18) at __webpack_require__
(http://localhost:3000/static/js/bundle.js:556:30) at fn
(http://localhost:3000/static/js/bundle.js:87:20) at Object.<anonymous>
(http://localhost:3000/static/js/bundle.js:33028:15)
Question:
What is the authToken value supposed to be in the context of the tryLoggedIn Method?
const tryLoggedIn = (response, dispatch) => {
const auth = response.headers.get('authorization'); // I can't figure out which values it expects
// auth returns the value of @user.confirmation_token
if (auth) {
const [_, authToken] = auth.split(' '); // eslint-disable-line no-unused-vars
if (authToken) {
setAuthToken(authToken);
dispatch({
type: 'LOGGED_IN',
payload: authToken
});
}
}
return response;
};
Notes:
-
As you can see, In my case,
request.env["omniauth.auth"]is always nil so I have to pass the parameters via params. I don't think it affects the omniauth workflow so far. -
I tried to return various values as authToken, the accessToken provided by facebook, the confirmation_token of the user, also formatted such as "Bearer xxxxxxxxxxxxx" and even tried the warden data... it didn't work but I'm loosing faith.
-
As a view for facecbook login, I use the example @timscott provided in this issue: #2
-
the gems I use are:
gem 'devise'
gem 'devise-jwt'
Thanks for your time, any input truly appreciated
Solved by passing devise bearer token, the way indicated here waiting-for-dev/devise-jwt#3.