Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Custom Claims? #64

Closed
tHBp opened this issue Jun 25, 2018 · 7 comments
Closed

Custom Claims? #64

tHBp opened this issue Jun 25, 2018 · 7 comments
Milestone
v1.2.0

Comments

@tHBp
Copy link

tHBp commented Jun 25, 2018

I'm using Auth0 - Authorization extension and I have configured groups and roles for my application.
After adding users to those groups, I'm not able to access them after authorization. The rule sets groups and roles to user metadata correctly.

Relevant piece of code is here:

app.get("/login", passport.authenticate("auth0", {
        scope: 'openid profile'
    }), function (req, res) {
        // expecting enriched req.user here, but getting basic profile information only
    });
@joshcanhelp
Copy link
Contributor

Anything additional needed in the user profile data that's returned needs to be added as a custom claim.

@joshcanhelp joshcanhelp added this to the v1.2.0 milestone Jul 31, 2019
@aasili-shoprunner
Copy link

I didn't want to create a new issue for this question as this seems to be somewhat similar. If not let me know and I'll create one.

I'm in the middle of moving away from the JS SDK for Auth0 to using Passport. In the JS SDK custom params can be passed with authorize() method (at least we found we can). Would these custom claims be added to the acr_values prop instead? Is there a different recommended way to handle this?

@joshcanhelp
Copy link
Contributor

@aasili-shoprunner - Just to clarify ... you're you moving from auth/node-auth0 to Passport?

If you're not already using Passport and you are still in development mode on your application, you might want to consider auth0/express-openid-connect. That's just about to go into Early Access, meaning the public API is mostly stable and we'll be accepting feedback about usability, extensibility, and the like. Just a heads up!

To answer your question ... acr_values is a specific query parameter. At the moment, this strategy does not support arbitrary URL parameters added to the authorize URL. Is there one specifically we're missing support for?

@aasili-shoprunner
Copy link

@joshcanhelp No i'm migrating from auth0.js v9 to using passport and passport-auth0. In auth0.js when authorizing the client, arbitrary params can be passed into the options object. Those params can be accessed via a rule in Auth0. I was wondering how to get the same behavior in this package. Thanks!

@joshcanhelp
Copy link
Contributor

At the moment, this strategy does not allow arbitrary URL parameters to be sent to the hosted login page. You can see the parameters that are passed through here:

https://github.com/auth0/passport-auth0/blob/master/lib/index.js#L81-L99

If this is a blocker, go ahead and add a new issue in this repo and we'll consider it for a future release.

@aasili-shoprunner
Copy link

Thanks!

It's not a blocker as I can work around it. However do you know why the two libraries differ in this aspect?

@joshcanhelp
Copy link
Contributor

I don't think there is a specific reason one way or the other.

@joshcanhelp joshcanhelp mentioned this issue Feb 3, 2020
Closed
@snyk-bot snyk-bot mentioned this issue May 6, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.2.0
Development

No branches or pull requests
3 participants
@joshcanhelp @tHBp @aasili-shoprunner