Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support openID #154

Closed
tlenclos opened this Issue Apr 8, 2016 · 13 comments

Comments

Projects
None yet
5 participants
@tlenclos
Copy link

tlenclos commented Apr 8, 2016

I was trying to use passport-steam which uses OpenID but it seems that it's not supported.

What can I do to add this support ? Add a service open-id ?

@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Apr 11, 2016

@tlenclos I'd have to look at it. Probably won't have time for a few more days. It's fairly easy to write your own auth service but ya I figure we'd have to create and open-id service. You can look at the OAuth2 service for some inspiration. Totally open to a PR 😄

@ekryski ekryski added this to the 1.0 milestone Apr 11, 2016

@ekryski ekryski added the Feature label Apr 11, 2016

@tlenclos

This comment has been minimized.

Copy link
Author

tlenclos commented Apr 11, 2016

Thanks, I will take a look at it since I really want to try feathers for my next app 👍

@tlenclos

This comment has been minimized.

Copy link
Author

tlenclos commented Apr 11, 2016

I tried to implement it but without much success... 😞 this worked with a simple express app but apparently the signature is always wrong when using feathers middleware.

Here is the error I got on the callback URL:

  express:router <anonymous>  : /auth/steam/callback?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fsteamcommunity.com%2Fopenid%2Flogin&openid.claimed_id=http%3A%2F%2Fsteamcommunity.com%2Fopenid%2Fid%2F76561197980867718&openid.identity=http%3A%2F%2Fsteamcommunity.com%2Fopenid%2Fid%2F76561197980867718&openid.return_to=http%3A%2F%2Flocalhost%3A3030%2Fauth%2Fsteam%2Fcallback&openid.response_nonce=2016-04-11T21%3A35%3A33ZDjydlzN%2FPn4xVCdOfdFBRcRzKmE%3D&openid.assoc_handle=1234567890&openid.signed=signed%2Cop_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=eA1IT68yynOIKLPziruAjr00Vec%3D +1ms
  feathers-authentication:middleware An authentication error occurred. +2m { [InternalOpenIDError: Failed to verify assertion]
  name: 'InternalOpenIDError',
  message: 'Failed to verify assertion',
  openidError: { message: 'Invalid signature' } }

Here is my starting implementation if it can help you a little tlenclos@d9d8d32.

@karljakober

This comment has been minimized.

Copy link

karljakober commented May 6, 2016

+1 for this. going to attempt it myself but i doubt it will be that pretty :)

@ekryski ekryski added the Backlog label May 21, 2016

@matt-d-rat

This comment has been minimized.

Copy link

matt-d-rat commented Nov 16, 2016

I'm also needing to add steam authentication for the new project I am working on. Did anyone manage to come up with a solution?

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented Nov 16, 2016

This should be possible, now with the 1.0.0-alpha version of feathers-authentication. It's completely integrated with Passport, so any Passport plugin supporting Steam authentication should now work: https://github.com/liamcurry/passport-steam

We literally just released the alpha a few minutes ago.

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented Nov 16, 2016

And here's the new OAuth2 plugin for making this happen: https://github.com/feathersjs/feathers-authentication-oauth2

@matt-d-rat

This comment has been minimized.

Copy link

matt-d-rat commented Nov 16, 2016

Wow, now that is good timing! I will try it out today and let you know how it goes.

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented Nov 16, 2016

FYI. I noticed the plugin says it uses OpenID 2.0. I didn't actually check to see if the plugin I linked uses OAuth2. It might be an inaccurate assumption.

@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Nov 16, 2016

It really shouldn't matter. You can implement any passport strategy without the adapter as well. You would just do it the same way you would with Express, as described here: https://github.com/liamcurry/passport-steam.

But instead of calling it like this:

passport.use(new SteamStrategy({
    returnURL: 'http://localhost:3000/auth/steam/return',
    realm: 'http://localhost:3000/',
    apiKey: 'your steam API key'
  },
  function(identifier, profile, done) {
    User.findByOpenID({ openId: identifier }, function (err, user) {
      return done(err, user);
    });
  }
));

app.get('/auth/steam',
  passport.authenticate('steam'),
  function(req, res) {
    // The request will be redirected to Steam for authentication, so
    // this function will not be called.
  });

app.get('/auth/steam/return',
  passport.authenticate('steam', { failureRedirect: '/login' }),
  function(req, res) {
    // Successful authentication, redirect home.
    res.redirect('/');
  });

you call it like this

const feathers = require('feathers');
const auth = require('feathers-authentication');
const app = feathers()

app.configure(auth({ secret: 'supersecret' });

app.passport.use(new SteamStrategy({
    returnURL: 'http://localhost:3000/auth/steam/return',
    realm: 'http://localhost:3000/',
    apiKey: 'your steam API key'
  },
  function(identifier, profile, done) {
    const query = { openId: identifier };
    app.service.find({ query }).then(response) {
      const user = response[0];
      return done(null, user);
    }).catch(done);
  }
));

app.get('/auth/steam', auth.express.authenticate('steam'));

app.get('/auth/steam/return',
  auth.express.authenticate('steam', { failureRedirect: '/login' }),
  function(req, res) {
    // Successful authentication, redirect home.
    res.redirect('/');
  });
@matt-d-rat

This comment has been minimized.

Copy link

matt-d-rat commented Nov 17, 2016

@ekryski that example worked for me using the v1.0.0 release of feathers-authentication. Now I just need to migrate my react-native code to use feathers-authentication-client and I should be all sweet. Thanks for the help.

@matt-d-rat

This comment has been minimized.

Copy link

matt-d-rat commented Nov 17, 2016

@ekryski my front end is react-native and the approach I am taking is very similar to this: https://github.com/sscaff1/hopePing/blob/master/src/scenes/LoginScene.js for my login scene, how would I go about successfully using the example you have provided to get the credentials back to the client app from the server?

I am fairly new to feathersjs so forgive me for the newb question. I am currently getting a routing error from the server error: Route: /auth/steam/return?openid.ns=...........

@ekryski ekryski added this to the 1.0 milestone Nov 21, 2016

@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Nov 21, 2016

@matt-d-rat the new auth client is published now since your comment. It should work. If you are picking up from a Webview that LoginScene solution is expecting a cookie to be there so you'll need to enable cookies explicitly. You can do that like so:

// add this to your auth config
{
  "auth": {
    "cookie": {
      "enabled": true
    }
  }
}

// and configure auth
app.configure(auth(app.get('auth'));

If you have any other problems it's likely going to be a client side issue so probably better to put it in the feathers-authentication-client repo.

Closing as OpenID is now supported.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.