Skip to content

Commit 5f56862

Browse files
YasharFYasharF
authored
fix: switch to passport's internal state generator
1 parent dc157dc commit 5f56862

File tree

1 file changed

+12
-17
lines changed

1 file changed

+12
-17
lines changed

config/passport.js

Lines changed: 12 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,3 @@
1-
const crypto = require('node:crypto');
21
const passport = require('passport');
32
const refresh = require('passport-oauth2-refresh');
43
const { Strategy: LocalStrategy } = require('passport-local');
@@ -27,10 +26,6 @@ passport.deserializeUser(async (id, done) => {
2726
}
2827
});
2928

30-
function generateState() {
31-
return crypto.randomBytes(16).toString('hex');
32-
}
33-
3429
/**
3530
* Sign in using Email and Password.
3631
*/
@@ -267,7 +262,7 @@ passport.use(
267262
callbackURL: `${process.env.BASE_URL}/auth/facebook/callback`,
268263
profileFields: ['name', 'email', 'link', 'locale', 'timezone', 'gender'],
269264
scope: ['public_profile', 'email'],
270-
state: generateState(),
265+
state: true,
271266
passReqToCallback: true,
272267
},
273268
async (req, accessToken, refreshToken, params, profile, done) => {
@@ -308,7 +303,7 @@ passport.use(
308303
clientID: process.env.GITHUB_ID,
309304
clientSecret: process.env.GITHUB_SECRET,
310305
callbackURL: `${process.env.BASE_URL}/auth/github/callback`,
311-
state: generateState(),
306+
state: true,
312307
passReqToCallback: true,
313308
scope: ['user:email'],
314309
},
@@ -357,7 +352,7 @@ passport.use(
357352
consumerKey: process.env.X_KEY,
358353
consumerSecret: process.env.X_SECRET,
359354
callbackURL: `${process.env.BASE_URL}/auth/x/callback`,
360-
state: generateState(),
355+
state: true,
361356
passReqToCallback: true,
362357
},
363358
async (req, accessToken, tokenSecret, profile, done) => {
@@ -401,7 +396,7 @@ const googleStrategyConfig = new GoogleStrategy(
401396
scope: ['profile', 'email', 'https://www.googleapis.com/auth/drive.metadata.readonly', 'https://www.googleapis.com/auth/spreadsheets.readonly'],
402397
accessType: 'offline',
403398
prompt: 'consent',
404-
state: generateState(),
399+
state: true,
405400
passReqToCallback: true,
406401
},
407402
async (req, accessToken, refreshToken, params, profile, done) => {
@@ -443,7 +438,7 @@ const linkedinStrategyConfig = new OAuth2Strategy(
443438
clientSecret: process.env.LINKEDIN_SECRET,
444439
callbackURL: `${process.env.BASE_URL}/auth/linkedin/callback`,
445440
scope: ['openid', 'profile', 'email'].join(' '),
446-
state: generateState(),
441+
state: true,
447442
passReqToCallback: true,
448443
},
449444
async (req, accessToken, refreshToken, params, profile, done) => {
@@ -498,7 +493,7 @@ const microsoftStrategyConfig = new OAuth2Strategy(
498493
// Note: To get a refresh token, add 'offline_access' to the scope list.
499494
// Trade-off: Users will see a permission approval screen every time they login with 'offline_access' in scope.
500495
scope: ['openid', 'profile', 'email', 'User.Read'].join(' '),
501-
state: generateState(),
496+
state: true,
502497
passReqToCallback: true,
503498
},
504499
async (req, accessToken, refreshToken, params, profile, done) => {
@@ -548,7 +543,7 @@ const twitchStrategyConfig = new TwitchStrategy(
548543
clientSecret: process.env.TWITCH_CLIENT_SECRET,
549544
callbackURL: `${process.env.BASE_URL}/auth/twitch/callback`,
550545
scope: ['user:read:email', 'channel:read:subscriptions', 'moderator:read:followers'],
551-
state: generateState(),
546+
state: true,
552547
passReqToCallback: true,
553548
},
554549
async (req, accessToken, refreshToken, params, profile, done) => {
@@ -591,7 +586,7 @@ passport.use(
591586
consumerKey: process.env.TUMBLR_KEY,
592587
consumerSecret: process.env.TUMBLR_SECRET,
593588
callbackURL: '/auth/tumblr/callback',
594-
state: generateState(),
589+
state: true,
595590
passReqToCallback: true,
596591
},
597592
async (req, token, tokenSecret, profile, done) => {
@@ -658,7 +653,7 @@ passport.use(
658653
apiKey: process.env.STEAM_KEY,
659654
returnURL: `${process.env.BASE_URL}/auth/steam/callback`,
660655
profile: true,
661-
state: generateState(),
656+
state: true,
662657
},
663658
async (req, identifier, profile, done) => {
664659
const steamId = identifier.match(/\d+$/)[0];
@@ -712,7 +707,7 @@ const quickbooksStrategyConfig = new OAuth2Strategy(
712707
clientSecret: process.env.QUICKBOOKS_CLIENT_SECRET,
713708
callbackURL: `${process.env.BASE_URL}/auth/quickbooks/callback`,
714709
scope: ['com.intuit.quickbooks.accounting'],
715-
state: generateState(),
710+
state: true,
716711
passReqToCallback: true,
717712
},
718713
async (req, accessToken, refreshToken, params, profile, done) => {
@@ -738,7 +733,7 @@ const traktStrategyConfig = new OAuth2Strategy(
738733
clientID: process.env.TRAKT_ID,
739734
clientSecret: process.env.TRAKT_SECRET,
740735
callbackURL: `${process.env.BASE_URL}/auth/trakt/callback`,
741-
state: generateState(),
736+
state: true,
742737
passReqToCallback: true,
743738
},
744739
async (req, accessToken, refreshToken, params, profile, done) => {
@@ -798,7 +793,7 @@ const discordStrategyConfig = new OAuth2Strategy(
798793
clientSecret: process.env.DISCORD_CLIENT_SECRET,
799794
callbackURL: `${process.env.BASE_URL}/auth/discord/callback`,
800795
scope: ['identify', 'email'].join(' '),
801-
state: generateState(),
796+
state: true,
802797
passReqToCallback: true,
803798
},
804799
async (req, accessToken, refreshToken, params, profile, done) => {

0 commit comments

Comments
 (0)