n1ru4l
10/24/2022, 8:29 AMhttps://example.com/auth/org?id=oidc_provider_id
)
3. People visiting this link start the OAuth2 OIDC login flow with the organization specific OIDC provider
4. Users that newly register/log in are automatically added to the specific organization
I am now trying to figure out how to handle this on the SuperTokens Next.js side. Within the getServerSideProps
function of the auth
route I can load the specific integration (id, secret and issuer url) from the database. However, it is unclear to me on how I would then utilize this information with the SuperTokens SDK (since it is a singleton that is initialized once and cannot be initialised per request π€ .
Do you have any pointers here?rp
10/24/2022, 8:40 AMid
in the query params.get
function)n1ru4l
10/24/2022, 8:45 AMrp
10/24/2022, 8:46 AMn1ru4l
10/24/2022, 8:47 AMrp
10/24/2022, 8:47 AMn1ru4l
10/24/2022, 8:47 AMauthorisationUrlGET
override is not used at all π€
I added a simple override with a console.log, and it never shows up
The HTTP call (initiated by supertokens react) to http://localhost:3000/api/auth/authorisationurl?thirdPartyId=org%7Ckekeke
simply gives me {"message":"The third party provider org|kekeke seems to be missing from the backend configs."}
const getOIDCOverrides = () => {
console.log('it is applied for sure');
const override: ThirdPartEmailPasswordTypeInput['override'] = {
apis(originalImplementation) {
return {
...originalImplementation,
async authorisationUrlGET(input) {
console.log(input);
return originalImplementation.authorisationUrlGET!(input);
},
};
},
};
return override;
};
apis
function - it seems like that one is not invokedrp
10/24/2022, 9:52 AMn1ru4l
10/24/2022, 9:54 AMrp
10/24/2022, 9:55 AMn1ru4l
10/24/2022, 9:55 AMrp
10/24/2022, 9:57 AMn1ru4l
10/24/2022, 9:57 AMrp
10/24/2022, 9:59 AMn1ru4l
10/24/2022, 9:59 AMrp
10/24/2022, 10:00 AMn1ru4l
10/24/2022, 10:01 AMrp
10/24/2022, 10:02 AMn1ru4l
10/24/2022, 10:10 AMrp
10/24/2022, 10:10 AMn1ru4l
10/24/2022, 10:10 AMexport const startAuthFlowForOIDCProvider = async (oidcId: string) => {
let authUrl = await getAuthorisationURLWithQueryParamsAndSetState({
providerId: 'org',
authorisationURL: `${env.appBaseUrl}/auth/callback/org`,
});
const url = new URL(authUrl);
url.searchParams.set('oidc_id', oidcId);
authUrl = url.toString();
window.location.assign(authUrl);
};
rp
10/24/2022, 10:14 AMn1ru4l
10/24/2022, 10:15 AMrp
10/24/2022, 10:16 AMn1ru4l
10/24/2022, 12:30 PMthirdPartySignInUpPOST
and authorisationUrlGET
to be preciseauthorisationUrlGET
just relying on the referer
headers seems to be safe enough...thirdPartySignInUpPOST
I need a safe way π€rp
10/24/2022, 12:43 PMthirdPartySignInUpPOST
, it won't work cause the auth code exchange will failn1ru4l
10/24/2022, 1:29 PMrp
10/24/2022, 1:30 PMn1ru4l
10/24/2022, 1:32 PMauthorisationRedirect: {
// this contains info about forming the authorisation redirect URL without the state params and without the redirect_uri param
url: `${oidcConfig.domain}/authorize`,
params: {
client_id: oidcConfig.clientId,
scope: 'openid email',
response_type: 'code',
redirect_uri: `${env.appBaseUrl}/auth/callback/oidc`,
state: oidcConfig.id,
},
},
rp
10/24/2022, 1:33 PMn1ru4l
10/24/2022, 1:39 PMgenerateStateToSendToOAuthProvider
getAuthorisationURLFromBackend
function override options
.
getAuthorisationURLFromBackend(input) {
const maybeId: unknown = input.userContext['oidcId'];
if (typeof maybeId === 'string') {
return originalImplementation.getAuthorisationURLFromBackend({
...input,
options: {
preAPIHook: async options => {
alert('NANI');
const url = new URL(options.url);
url.searchParams.append('oidc_id', maybeId);
return {
...options,
url: url.toString(),
};
},
},
});
}
return originalImplementation.getAuthorisationURLFromBackend(input);
The preAPIHook
seems to never be invokedrp
10/24/2022, 3:14 PMn1ru4l
10/24/2022, 3:32 PMpreAPIHook
overriderp
10/24/2022, 3:36 PMn1ru4l
10/24/2022, 3:37 PMrp
10/24/2022, 3:38 PMnkshah2
10/24/2022, 5:30 PMgetAuthorisationURLFromBackend
. I tried setting up a sample project and the pre api hook works correctly for men1ru4l
10/25/2022, 9:10 AMnkshah2
10/25/2022, 9:50 AMn1ru4l
10/25/2022, 9:50 AMgetAuthorisationURLWithQueryParamsAndSetState
nkshah2
10/25/2022, 9:50 AMn1ru4l
10/25/2022, 9:50 AMnkshah2
10/25/2022, 10:48 AMsupertokens-auth-react
to keep track of progress on thisn1ru4l
10/26/2022, 7:35 AM