Auth Callback does not return both access and refresh token #24
Description
I am using passport-azure-ad-oauth2 for SSO authentification.
I am trying to configure a token refresh feature, but I got stuck in adding the token to the response to the client. If I send only the accessToken or the refreshToken, it works.
If I add both, when I check if the request is authentificated, I do not get the user object in the request.
This is the code:
passport-setup.js
// serialize the user.id to save in the cookie session
passport.serializeUser((profile, done) => {
done(null, profile)
})
// deserialize the cookieUserId to user in the database
passport.deserializeUser((profile, done) => {
done(null, profile)
})
const strategy = new AzureOAuth2Strategy({
clientID: config.azureApp.clientID,
clientSecret: config.azureApp.clientSecret,
callbackURL: config.azureApp.callbackUri,
resource: config.azureApp.resource,
tenant: config.azureApp.tenant
},
(accessToken, refreshToken, params, profile, done) =>
azureStrategy(
accessToken,
refreshToken,
params,
profile,
done
)
);
passport.use(strategy)
refresh.use(strategy)
const azureStrategy = require('./passport-azure')
module.exports = strategy
passport-azure.js
module.exports = async function (
accessToken,
refreshToken,
params,
profile,
done
) {
try {
var user = {
accesToken: accessToken,
refresToken: refresToken,
}
return done(null, user) //user is not being passed to request with both tokens
}
catch (error) {
console.log('error on login');
console.log(error)
return done(null, null)
}
}
routes.js
//secured api routes with no redirect
function authorizeApi(req, res, next) {
console.log(req)
if (req.isAuthenticated()) {
return next();
}
else return res.status(401).json({
message : "User Not Authenticated",
user : null,
success: false,
});
console.log('user not auth request')
}
// when login is successful, retrieve user info
router.post("/login/success",authorizeApi, (req, res) => {
res.json({
success: true,
message: "user has successfully been authenticated",
user: req.user,
cookies: req.cookies
});
});
index.js
// define session
app.use(
cookieSession({
name: "session",
keys: [keys.COOKIE_KEY],
maxAge: 24 * 60 * 60 * 1000
})
)
// parse cookies
app.use(cookieParser());
// initalize passport
app.use(passport.initialize());
// deserialize cookie from the browser
app.use(passport.session());
// set up cors to allow us to accept requests from our client
app.use(
cors({
origin: "http://localhost:3000", // allow to server to accept request from different origin
methods: "GET,HEAD,PUT,PATCH,POST,DELETE",
credentials: true, // allow session cookie from browser to pass through
})
);