Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Great work, but could be more flexible #18

Open
dberardo opened this issue Dec 28, 2020 · 5 comments
Open

Great work, but could be more flexible #18

dberardo opened this issue Dec 28, 2020 · 5 comments

Comments

@dberardo
Copy link

I have implemented my own OAuth provider server on a custom domain.

I am able to go through the whole session creation procedure using the auth0 provider and a custom domain, pointing to my own oauth server.

However when the "callback" endpoint is called, i get a 404 error message from the auth0 server saying:

"auth0 responded with a 404 trying to fetch user information"

is it possible to have a custom provider using the goth package??

i find this being a huge limitation which makes the whole API extremely hard to use in production otherwise.
@rzrbld
Copy link
Owner

rzrbld commented Dec 29, 2020

Hi @dberardo OAuth2 standart implementation should support 3 endpoints:

authEndpoint    string = "/authorize"
tokenEndpoint   string = "/token"
endpointProfile string = "/userinfo"

/userinfo in your server could be an /user or /user-info or any other - cause of that you've got auth0 responded with a 404 trying to fetch user information
you can fork goth-provider-wso2 or goth-provider-oauth, change profile endpoint & rebulid.

@energenious-eu
Copy link

Hi @dberardo OAuth2 standart implementation should support 3 endpoints:

authEndpoint    string = "/authorize"
tokenEndpoint   string = "/token"
endpointProfile string = "/userinfo"

/userinfo in your server could be an /user or /user-info or any other - cause of that you've got auth0 responded with a 404 trying to fetch user information
you can fork goth-provider-wso2 or goth-provider-oauth, change profile endpoint & rebulid.

Thanks @rzrbld for your prompt answer.

i was thinking to patch this line in the auth0 provider:

https://github.com/markbates/goth/blob/master/providers/auth0/auth0.go#L100

to basically hardcode the domain to my private auth server. That should work.

However, i am not a go expert so i should figure out how to import this code in the adminio-api source code.

Before going for this approach i wanted to check with the community if a more customizable option was available, but it seems like neither adminio.api, nor goth allow for custom / general purpose Oauth providers ... which really wonders me.

@rzrbld
Copy link
Owner

rzrbld commented Dec 30, 2020

adminio call FetchUser at https://github.com/rzrbld/adminio-api/blob/master/src/oauth/oauth.go#L102
so you can make a stub FetchUser at https://github.com/markbates/goth/blob/master/providers/auth0/auth0.go#L86

@energenious-eu
Copy link

ok, i will give it a try, although i have never programmed in Go in the past.

If i make something useful i can share it in a PR. Will keep you updated

@dberardo
Copy link
Author

dberardo commented Jan 2, 2021

just proposed a stub in here: #19

it works for my setup, but i was not able to test it for auth0.com as i dont have an account there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rzrbld @dberardo @energenious-eu