Skip to content

Auth Bypass should return an access token #17

New issue
New issue
Open
Open
Auth Bypass should return an access token#17
@patch0

Description

@patch0
patch0
opened on Dec 2, 2022

We're using access tokens more and more, but the stubbed RpiAuthBypass module doesn't return a full set of data.

If I log in via profile, I get the following set of data back

{
  "provider": "rpi",
  "uid": "db157643-bf50-4cd4-822a-cc022f128f17",
  "info": {
    "email": "[email protected]",
    "username": "",
    "name": "John Doe",
    "nickname": "John",
    "image": "http://localhost:3002/profile/db157643-bf50-4cd4-822a-cc022f128f17/avatar"
  },
  "credentials": {
    "token": "RXqz8MmncROv8uo-uvkM2HZuYi6jNElWd9rxSUn-32g.5aRhpP4DwV1SsmFwI4LwkERvmGk0hUo2wIf5gosVxrg",
    "expires_at": 1670001627,
    "expires": true
  },
  "extra": {
    "raw_info": {
      "at_hash": "yDbc0aFcNfNXgJ0CgbvZHA",
      "aud": [
        "coderdojo-frontend-dev"
      ],
      "auth_time": 1669998027,
      "country": "United Kingdom",
      "country_code": "GB",
      "email": "[email protected]",
      "email_verified": true,
      "exp": 1670001628,
      "iat": 1669998028,
      "iss": "http://localhost:9001/",
      "jti": "9f010af3-5b73-4b9b-94d3-cf1825163df6",
      "name": "John Doe",
      "nickname": "John",
      "nonce": "",
      "picture": "http://localhost:3002/profile/db157643-bf50-4cd4-822a-cc022f128f17/avatar",
      "postcode": null,
      "profile": "http://localhost:3002/profile",
      "rat": 1669998016,
      "roles": "",
      "sid": "4effdaad-0854-4bab-857c-6451beac60e6",
      "sub": "db157643-bf50-4cd4-822a-cc022f128f17",
      "user": "db157643-bf50-4cd4-822a-cc022f128f17",
      "username": ""
    }
  }
}

If I enable "auth bypass", I get:

{
  "provider": "rpi",
  "uid": "b6301f34-b970-4d4f-8314-f877bad8b150",
  "info": {
    "name": "Web Team",
    "nickname": "Web",
    "email": "[email protected]",
    "username": "webteam",
    "image": "https://www.placecage.com/200/200"
  },
  "extra": {
    "raw_info": {
      "roles": "user",
      "name": "Web Team",
      "nickname": "Web",
      "email": "[email protected]",
      "username": "webteam",
      "country": "United Kingdom",
      "country_code": "GB",
      "postcode": "SW1A 1AA",
      "profile": "https://profile.raspberrypi.org/not/a/real/path",
      "avatar": "https://www.placecage.com/200/200"
    }
  }
}

One of the bits that is missing in the second lot of data (amongst others) is the credentials entry. For bypass to work in coderdojo-frontend (amongst others) the credentials hash is needed.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions