Fix for Update an existing entity in verifier #18 (#86)

* Fix for Update an existing entity in verifier \#18 * Fix merge issue
feathersjs · Aug 28, 2018 · 4d3e90b · 4d3e90b
1 parent d2e1c38
commit 4d3e90b
Show file tree

Hide file tree

Showing 3 changed files with 1,259 additions and 1,092 deletions.
diff --git a/packages/authentication-oauth2/lib/index.js b/packages/authentication-oauth2/lib/index.js
@@ -21,6 +21,20 @@ const INCLUDE_KEYS = [
 
 const EXCLUDE_KEYS = ['Verifier', 'Strategy', 'formatter'];
 
+// When the OAuth callback is called, req.user will always be null
+// The following extracts the user from the jwt cookie if present
+// This ensures that the social link happens on an existing user
+function _callbackAuthenticator (config) {
+  return function (req, res, next) {
+    auth.express.authenticate('jwt', config)(req, res, () => {
+      // We have to mark this as unauthenticated even though req.user may be set
+      // because we still need the OAuth strategy to run in next()
+      req.authenticated = false;
+      next();
+    });
+  };
+}
+
 function init (options = {}) {
   return function oauth2Auth () {
     const app = this;
@@ -73,6 +87,7 @@ function init (options = {}) {
     app.get(oauth2Settings.path, auth.express.authenticate(name, omit(oauth2Settings, 'state')));
     app.get(
       oauth2Settings.callbackPath,
+      _callbackAuthenticator(authSettings),
       auth.express.authenticate(name, omit(oauth2Settings, 'state')),
       handler,
       errorHandler,

diff --git a/packages/authentication-oauth2/lib/verifier.js b/packages/authentication-oauth2/lib/verifier.js
@@ -68,6 +68,12 @@ class OAuth2Verifier {
     return this.service.create(entity, { oauth: { provider: name } });
   }
 
+  _setPayloadAndDone (entity, done) {
+    const id = entity[this.service.id];
+    const payload = { [`${this.options.entity}Id`]: id };
+    done(null, entity, payload);
+  }
+
   verify (req, accessToken, refreshToken, profile, done) {
     debug('Checking credentials');
     const options = this.options;
@@ -98,7 +104,7 @@ class OAuth2Verifier {
     // because they are likely "linking" social accounts/profiles.
     if (existing) {
       return this._updateEntity(existing, data)
-        .then(entity => done(null, entity))
+        .then(entity => this._setPayloadAndDone(entity, done))
         .catch(error => error ? done(error) : done(null, error));
     }
 
@@ -107,11 +113,7 @@ class OAuth2Verifier {
       .find({ query })
       .then(this._normalizeResult)
       .then(entity => entity ? this._updateEntity(entity, data) : this._createEntity(data))
-      .then(entity => {
-        const id = Array.isArray(entity) ? entity[0][this.service.id] : entity[this.service.id];
-        const payload = { [`${this.options.entity}Id`]: id };
-        done(null, entity, payload);
-      })
+      .then(entity => this._setPayloadAndDone(entity, done))
       .catch(error => error ? done(error) : done(null, error));
   }
 }