1. 技术文章
  2. Passport-Azure-Ad seems to run asynchronously (still)

Passport-Azure-Ad seems to run asynchronously (still)

こ雲淡風輕ζ 提交于 2019-12-11 16:57:21

问题


The traditional way of running Passport strategies in nodejs express middleware is:

server.get('/api/tasks', passport.authenticate('oauth-bearer', { session: false }));

I am using https://tsed.io, ("typescript express decorators") and referencing this passport strategy it is done like:

class MyCtrl {
    @Get('/api/tasks')
    @UseBefore(passport.authenticate('oauth-bearer', { session: false }))
    get() {
         ...
    } 
}

This works perfectly.

you can also run it as a detached middleware. Something like:

@Post('/search')
@CustomAuth({role: 'admin', scope: ['admin']})
async search(@Req() request: Req, @BodyParams() query: TranslationApiQuery): Promise<TranslationApiModel[]> {
     ...

export function CustomAuth(options = {}): Function {
    return applyDecorators(
        UseAuth(CustomAuthMiddleware), 
         ...

@Middleware()
export class CustomAuthMiddleware implements IMiddleware {
    public use(
        @Req() request: Express.Request, @Res() response: Express.Response, @EndpointInfo() endpoint: EndpointInfo,
        @Next() next: Express.NextFunction) {
              // retrieve options given to the decorator
              const options = endpoint.get(CustomAuthMiddleware) || {};

              Passport.authenticate('oauth-bearer', {session: false}})(request, response, next);
              ...

Which I was trying to use so-as to have access to the roles and scopes defined on the endpoint. But this use of passport.authenticate doesn't work. The https://github.com/AzureAD/passport-azure-ad/blob/dev/lib/bearerstrategy.js uses async.waterfall() and this forces async behaviour. But doesn't return a promise so cannot be waited upon.

I don't understand why the traditional uses of passport.authenticate works. Can someone explain why? Is there an easy way around this (without rewriting bearerstrategy.js)? Could bearerstrategy.js be easily rewritten to allow for both uses?

I originally had this question at Passport-Azure-Ad seems to run asynchronously but I needed to simplify the question. Plus I wrote an answer that proved to be not fully correct but wanted to keep it by adding to the question. Overall it was becoming a mess so it seemed that it was easier to closes that old one and start this one a-new.

来源:https://stackoverflow.com/questions/56453040/passport-azure-ad-seems-to-run-asynchronously-still

标签
node.js
express
azure-active-directory
passport.js
adal.js
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!