Skip to content

Latest commit

 

History

History
executable file
·
859 lines (654 loc) · 23.3 KB

Providers.md

File metadata and controls

executable file
·
859 lines (654 loc) · 23.3 KB

If you want to write your own provider please see the section at the bottom of this page.

Existing Providers

Each provider may specify configuration options that are unique. Any of these unique options are documented here and must be provided during strategy creation. See the API Documentation for all other options.

ArcGIS Online

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    provider: 'arcgisonline',
    orgId: profile.orgId,
    username: profile.username,
    displayName: profile.fullName,
    name: {
        first: profile.firstName,
        last: profile.lastName
    },
    email: profile.email,
    role: profile.role,
    raw: profile
};

Auth0

Provider Documentation

  • scope: not applicable
  • config:
    • domain: Your Auth0 domain name, such as example.auth0.com or example.eu.auth0.com
  • auth: /authorize
  • token: /oauth/token

To authenticate a user with a specific identity provider directly, use providerParams. For example:

providerParams: {
    connection: 'Username-Password-Authentication'
}

The default profile response will look like this:

credentials.profile = {
    id: profile.user_id,
    email: profile.email,
    displayName: profile.name,
    name: {
        first: profile.given_name,
        last: profile.family_name
    },
    raw: profile
};

Specific fields may vary depending on the identity provider used. For more information, refer to the documentation on user profiles.

Azure Active Directory

Provider Documentation

  • scope: defaults to ['openid','offline_access', 'profile']
  • config:
    • tenantId: The tenant ID from the Azure AD application instance which is present in the authorization URL
  • auth: 'https://login.microsoftonline.com/'+ tenantId +'/oauth2/authorize'
  • token: 'https://login.microsoftonline.com/'+ tenantId +'/oauth2/token'

The default response would look like this in the profile object obtained

credentials.profile = {
    id: profile.oid,
    displayName: profile.name,
    email: profile.upn || profile.email,
    raw: profile
};

Bitbucket

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: profile.uuid,
    username: profile.username,
    displayName: profile.display_name,
    raw: profile
};

DigitalOcean

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: profile.account.uuid,
    email: profile.account.email,
    status: profile.account.status,
    dropletLimit: profile.account.droplet_limit,
    raw: profile.account
};

Discord

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: profile.id,
    discriminator: profile.discriminator,
    username: profile.username,
    email: profile.email,
    mfa_enabled: profile.mfa_enabled,
    verified: profile.verified,
    avatar: {
        id: profile.avatar,
        url: 'https://discordapp.com/api/users/' + profile.id + '/avatars/' + profile.avatar + '.jpg'
    },
    raw: profile
};

Dropbox

Provider Documentation

The default profile response will look like this:

// default profile response from dropbox

Facebook

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: profile.id,
    username: profile.username,
    displayName: profile.name,
    name: {
        first: profile.first_name,
        last: profile.last_name,
        middle: profile.middle_name
    },
    email: profile.email,
    raw: profile
};

Fitbit

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: profile.user.encodedId,
    displayName: profile.user.displayName,
    name: profile.user.fullName
};

Foursquare

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: profile.id,
    displayName: profile.firstName + ' ' + profile.lastName,
    name: {
        first: profile.firstName,
        last: profile.lastName
    },
    email: profile.contact.email,
    raw: profile
};

Github

Provider Documentation

  • scope: Defaults to ['user:email']
  • config:
    • uri: Point to your github enterprise uri. Defaults to https://github.com.
  • auth: /login/oauth/authorize
  • token: /login/oauth/access_token

The default profile response will look like this:

credentials.profile = {
    id: profile.id,
    username: profile.login,
    displayName: profile.name,
    email: profile.email,
    raw: profile
};

GitLab

Provider Documentation

  • scope: No default scope.
  • config:
    • uri: Point to your gitlab uri. Defaults to https://gitlab.com.
  • auth: /oauth/authorize
  • token: /oauth/token

The default profile response will look like this:

// Defaults to gitlab response (https://gitlab.com/help/api/users.md#current-user)

Google

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: profile.id,
    displayName: profile.name,
    name: {
        given_name: profile.given_name,
        family_name: profile.family_name
    },
    email: profile.email,
    raw: profile
};

Google Plus

Provider Documentation

You must also enable the Google+ API in your profile. Go to APIs & Auth, then APIs and under Social APIs click Google+ API and enable it.

The default profile response will look like this:

credentials.profile = {
    id: profile.id,
    displayName: profile.displayName,
    name: profile.name,
    emails: profile.emails,
    raw: profile
};

Instagram

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: params.user.id,
    username: params.user.username,
    displayName: params.user.full_name,
    raw: params.user
};

// if extendedProfile is true then raw will have access to all the information

LinkedIn

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: profile.id,
    name: {
        first: profile.firstName,
        last: profile.lastName
    },
    email: profile.email,
    headline: profile.headline,
    raw: profile
};

You can request additional profile fields by setting the fields option of providerParams. All possible fields are described in the Basic Profile Fields documentation (see an example on this page under Requesting additional profile fields).

Here is an example of a custom strategy configuration:

providerParams: {
    fields: ':(id,first-name,last-name,positions,picture-url,picture-urls::(original),email-address)'
}

Medium

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: profile.data.id,
    username: profile.data.username,
    displayName: profile.data.name,
    raw: profile.data
};

Meetup

Provider Documentation

The default profile response will look like this:

// Defaults to meetup response (http://www.meetup.com/meetup_api/docs/2/member/#get)

Microsoft Live

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: profile.id,
    username: profile.username,
    displayName: profile.name,
    name: {
        first: profile.first_name,
        last: profile.last_name
    },
    email: profile.emails && (profile.emails.preferred || profile.emails.account),
    raw: profile
};

Mixer

Provider Documentation

The default profile response will look like this:

//Default profile response from Mixer

Nest

Provider Documentation

The default profile response will look like this:

// According to the official docs, no user data is available via the Nest
// OAuth service. Therefore, there is no `profile`.

Phabricator

Provider Documentation

  • scope: Defaults to ['whoami']
  • config:
    • uri: URI of phabricator instance
  • auth: /oauthserver/auth/
  • token: /oauthserver/token/

The default profile response will look like this:

credentials.profile = {
    id: profile.result.phid,
    username: profile.result.userName,
    displayName: profile.result.realName,
    email: profile.result.primaryEmail,
    raw: profile
};

Pinterest

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: profile.data.id,
    username: profile.data.username,
    name: {
        first: profile.data.first_name,
        last: profile.data.last_name
    },
    raw: profile
};

Reddit

Provider Documentation

The default profile response will look like this:

// Defaults to reddit response

Slack

Provider Documentation

To authenticate user in a specific team, use providerParams. For example:

providerParams: {
    team: 'T0XXXXXX'
}

The default profile response will look like this:

credentials.profile = {
  scope: params.scope,
  access_token: params.access_token,
  user: params.user,
  user_id: params.user_id
}

// credentials.profile.raw will contain all of the keys sent by Slack for the `auth.test` method

Spotify

Provider Documentation

Read more about the Spotify Web API's Authorization Flow here: https://developer.spotify.com/web-api/authorization-guide/

The default profile response will look like this:

credentials.profile = {
  id: profile.id,
  username: profile.id,
  displayName: profile.display_name,
  email: profile.email,
  raw: profile
}

trakt.tv

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    username: profile.username,
    private: profile.private,
    joined_at: profile.joined_at,
    name: profile.name,
    vip: profile.vip,
    ids: profile.ids,
    location: profile.location,
    about: profile.about,
    gender: profile.gender,
    age: profile.age,
    images: profile.images
};

Twitter

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: params.user_id,
    username: params.screen_name
};

// credentials.profile.raw will contain extendedProfile if enabled

Vk

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: profile.uid,
    displayName: profile.first_name + ' ' + profile.last_name,
    name: {
        first: profile.first_name,
        last: profile.last_name
    },
    raw: profile
};

Yahoo

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: profile.profile.guid,
    displayName: profile.profile.givenName + ' ' + profile.profile.familyName,
    name: {
        first: profile.profile.givenName,
        last: profile.profile.familyName
    },
    raw: profile
};

Tumblr

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    username: profile.response.user.name,
    raw: profile.response.user
};

Twitch

Provider Documentation

The default profile response will look like this:

// default profile response from Twitch

Salesforce

Provider Documentation

  • scope: not applicable
  • config:
    • uri: Point to your Salesforce org. Defaults to https://login.salesforce.com
    • extendedProfile: Request for more profile information. Defaults to true
    • identityServiceProfile: Determines if the profile information fetch uses the Force.com Identity Service. Defaults to false (UserInfo Endpoint)
  • auth: /services/oauth2/authorize
  • token: /services/oauth2/token

The default profile response will look like this: UserInfo Response

credentials.profile = {
    "sub": "https://login.salesforce.com/id/00Dx0000000A9y0EAC/005x0000000UnYmAAK",
    "user_id": "005x0000000UnYmAAK",
    "organization_id": "00Dx0000000A9y0EAC",
    "preferred_username": "user@ example.com",
    "nickname": "user",
    "name": "Pat Patterson",
    "email": "user@ example.com",
    "email_verified": true,
    "given_name": "Pat",
    "family_name": "Patterson",
    ...
}

The Force.com Identity profile response will look like this: Force.com Identity Response

credentials.profile = {
    "id":"https://login.salesforce.com/id/00D50000000IZ3ZEAW/00550000001fg5OAAQ",
    "asserted_user":true,
    "user_id":"00550000001fg5OAAQ",
    "organization_id":"00D50000000IZ3ZEAW",
    "username":"user@ example. com",
    "nick_name":"user1.2950476911907334E12",
    "display_name":"Sample User",
    "email":"user@ example. com",
    "email_verified": true,
    "first_name": "Sample",
    "last_name": "User",
    ...
}

Stripe

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: profile.id,
    legalName: profile.business_name,
    displayName: profile.display_name,
    email: profile.email,
    raw: profile
};

Office 365

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: profile.Id,
    displayName: profile.DisplayName,
    email: profile.EmailAddress,
    raw: profile
};

Okta

Provider Documentation

The default profile response will look like this:

credentials.profile = {
    id: profile.sub,
    username: profile.email,
    displayName: profile.nickname,
    firstName: profile.given_name,
    lastName: profile.family_name,
    email: profile.email,
    raw: profile
};

WordPress

Provider Documentation

  • scope: Defaults to 'global'
  • auth: /oauth2/authorize
  • token: /oauth2/token

The default profile response will look like this:

credentials.profile = {
    id: profile.ID,
    username: profile.username,
    displayName: profile.display_name,
    raw: profile
};

Writing a new provider

When writing a new provider see existing implementations (in lib/providers) for reference as well as any documentation provided by your provider. You may want to support uri or extendedProfile options depending on your needs.