Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Compatibility issues with passport-auth0 #12

Open
aschlumpf opened this issue Feb 28, 2023 · 3 comments
Open

Compatibility issues with passport-auth0 #12

aschlumpf opened this issue Feb 28, 2023 · 3 comments
Labels
bug Something isn't working

Comments

@aschlumpf
Copy link

To Reproduce

Step by step instructions to reproduce the behavior:

  1. Install passport-auth0 and to use with this package.
  2. Attempt to authenticate a user by navigating to /auth/auth0/login.
  3. Get a JS error, "callback is not a function" when the verify function is executed.

Expected behavior

Compatibility with passport-auth0, out-of-the-box or via configuration to get around any unexpected blockers.

Describe the bug

It seems that the package is not compatible with passport-auth0. Auth0 is the identity provider our team is required to use, and it seems like their verify function has a different number of arguments, for the purpose of "ID token validation." You can see their code here: https://github.com/auth0/passport-auth0/blob/master/lib/verifyWrapper.js#L15

Notice that the verifyWrapper takes 5-6 arguments, depending on configuration, while the verify function in this package is expecting 4-5 (reference: https://github.com/apostrophecms/passport-bridge/blob/main/index.js#L167). The difference here is that passport-auth0 has an extraParams parameter, which seems to map to the decoded JWT for the use of ID token validation.

Details

Version of Apostrophe
@apostrophecms-pro/multisite v3.9.4

Version of Node.js:
Node.js v16.16.0

Server Operating System:
macOS 12.5.1

Additional context:

passport-auth0 is not the "official" Node.js plugin for auth0 anymore, but it is still receiving support for fixes. Perhaps the gap here is because of that, I am not sure. If this is an issue I should take up with the passport-auth0 package, let me know, however this is a blocker for my project.

Screenshots
I can provide screenshots, just please contact me directly.
@aschlumpf aschlumpf added the bug Something isn't working label Feb 28, 2023
@aschlumpf
Copy link
Author

I have verified that the argument discrepancy for the verify function is the issue by forking passport-auth0 and running that fork within my CMS.

You can see what I did here: aschlumpf/passport-auth0@56ccb3d

I can try to PR this change into the passport-auth0 project, but it seems like the arguments in the verify function may not be a bug from reading their README: https://github.com/auth0/passport-auth0#customization

@boutell
Copy link
Member

boutell commented Feb 28, 2023

Yes, it is difficult to be compatible with 100% of passport backends because of the (somewhat maddening) lack of standardization on this issue in particular. Modules that follow the same general patterns as the common oauth-based modules written by passport's author will fare best "out of the box."

The best resolution is probably for us to provide a new per-strategy option allowing you to supply a custom function to remap the parameters for success in these situations.

@aschlumpf
Copy link
Author

That makes sense that there are no standards for this issue, I was unsure if there was a standard that passport-auth0 was breaking here. The custom function approach sounds like a good solution for these cases, since I am guessing the most used passport libraries are not breaking this unwritten convention.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@boutell @aschlumpf