3

我正在使用loopback-component-passport通过 google OAuth2Strategy 对用户进行身份验证。除了将“ hd ”或“hostedDomain”参数传递给谷歌外,一切都很好。

我的 provider.json 看起来像这样:

{
 "google-auth": {
 "provider": "google",
 "module": "passport-google-oauth",
 "strategy": "OAuth2Strategy",
 "clientID": "{clientID}",
 "clientSecret": "{clientSecret}",
 "callbackURL": "http://localhost:3000/auth/google/callback",
 "authPath": "/auth/google",
 "callbackPath": "/auth/google/callback",
 "successRedirect": "/auth/account",
 "scope": ["email", "profile"],
 "hd": "domain.tld",
 "link": false
 }
}

...但是没有“hd”参数传递给谷歌:(。

我已经尝试过使用“myClientSecret&hd=domain.tld”的“hack”,但是所有的值在传递它们之前都是 url 编码的,因此字符“&”和“=”被编码并导致错误......

我的 package.json 中的依赖项:

 "cls-hooked": "^4.2.2",
 "compression": "^1.0.3",
 "cors": "^2.5.2",
 "helmet": "^3.12.0",
 "loopback": "^3.0.0",
 "loopback-boot": "^2.27.1",
 "loopback-component-access-groups": "^1.2.0",
 "loopback-component-explorer": "^5.0.0",
 "loopback-component-passport": "^3.6.0",
 "loopback-context": "^3.3.0",
 "passport-google-oauth": "^1.0.0",
 "serve-favicon": "^2.0.1",
 "strong-error-handler": "^2.3.2"

有人有这方面的经验吗?任何人都可以帮忙吗?

4

1 回答 1

1

尝试添加:

"authOptions": {
    "hd": "domain.tld"
}

更多信息: http: //loopback.io/doc/en/lb3/Configuring-providers.json.html#oauth-2

于 2018-04-12T16:11:01.960 回答