无法使用access_token从auth0获取用户信息
问题描述 投票:0回答:1
我正在尝试构建一个简单的身份验证库,并且我使用 axios 而不是 auth0 构建的库。我无法使用访问代码获取用户数据。我还使用谷歌提供商进行身份验证。
import axios from 'axios'
export default class Auth {
constructor(
private domain: string,
private client_id: string,
private redirect_uri: string
) {}
startAuthFlow(): string {
const params = new URLSearchParams({
response_type: 'code',
client_id: this.client_id,
redirect_uri: this.redirect_uri,
scope: 'offline_access'
})
const authURI = `https://${this.domain}/authorize?${params.toString()}`
return authURI
}
async handleCallback(code: string) {
return await this.exchangeCodeForToken(code)
}
async getUserInfo(accessToken: string) {
const userInfoEndpoint = `https://${this.domain}/userinfo`
try {
const response = await axios.get(userInfoEndpoint, {
params: {
scope: "openid profile email"
},
headers: {
Authorization: `Bearer ${accessToken}`
}
})
return response.data
} catch (error) {
throw error
}
}
async refreshToken(refresh_token: string) {
const tokenEndpoint = `https://${this.domain}/oauth/token`
const payload = {
grant_type: 'refresh_token',
client_id: this.client_id,
refresh_token
}
try {
const response = await axios.post(tokenEndpoint, payload, {
headers: {
'Content-Type': 'application/json'
}
})
return response.data
} catch (error) {
throw error
}
}
private async exchangeCodeForToken(code: string) {
const tokenEndPoint = `https://${this.domain}/oauth/token`
const payload = {
grant_type: 'authorization_code',
client_id: this.client_id,
client_secret: '[my client secret]',
code,
redirect_uri: this.redirect_uri,
scope: 'openid profile email'
}
try {
const reponse = await axios.post(tokenEndPoint, payload)
const { access_token, id_token, refresh_token } = reponse.data
return { access_token, id_token, refresh_token }
} catch (error) {
throw error
}
}
}
我正在快速应用程序中使用这个库来测试它。
const express = require('express')
const Auth = require('../auth').default
const auth = new Auth('[domain].us.auth0.com', '[client ID]', 'http://localhost:3000/callback')
const app = new express()
app.get('/', (req,res) => {
return res.send('Hello')
})
app.get('/login', (req, res) => {
res.redirect(auth.startAuthFlow())
})
app.get('/callback', async (req, res) => {
const { code } = req.query
try {
const { access_token } = await auth.handleCallback(code)
console.log(access_token)
const user = await auth.getUserInfo(access_token)
console.log("USER: ", user)
res.redirect('/')
} catch (error) {
console.log(error)
return res.status(404).send(error)
}
})
app.listen(3000, () => {
console.log('Server running on port 3000')
})
任何人都可以帮助我为什么我无法获取用户数据吗?我可以在我的 auth0 仪表板中看到用户数据
1个回答
0
投票
投票
你错过了
从
对象中提取了user.name和user.emailuser
您的程序在登录过程后获取用户信息(包括他们的姓名和电子邮件)的功能是正确的。
.envAUTH0_DOMAIN=[your-domain].us.auth0.com
AUTH0_CLIENT_ID=[Your CLIENT ID]
AUTH0_CLIENT_SECRET=[Your CLIENT SECRET]
AUTH0_REDIRECT_URI=http://localhost:3000/callback
PORT=3000
tsconfig.json{
"compilerOptions": {
"target": "es2016",
"module": "commonjs",
"esModuleInterop": true,
"forceConsistentCasingInFileNames": true,
"strict": true,
"skipLibCheck": true
}
}
package.json{
"dependencies": {
"axios": "^1.7.9",
"dotenv": "^16.4.7",
"express": "^4.21.2"
},
"devDependencies": {
"typescript": "^5.7.2"
}
}
clinet.tsimport axios from 'axios'
export default class Auth {
constructor(
private domain: string,
private client_id: string,
private redirect_uri: string,
private client_secret: string
) {}
startAuthFlow(): string {
const params = new URLSearchParams({
response_type: 'code',
client_id: this.client_id,
redirect_uri: this.redirect_uri,
scope: 'openid profile email offline_access'
});
const authURI = `https://${this.domain}/authorize?${params.toString()}`;
return authURI;
}
async handleCallback(code: string) {
return await this.exchangeCodeForToken(code);
}
async getUserInfo(accessToken: string) {
const userInfoEndpoint = `https://${this.domain}/userinfo`;
try {
const response = await axios.get(userInfoEndpoint, {
headers: {
Authorization: `Bearer ${accessToken}`
}
});
return response.data;
} catch (error) {
throw new Error(`Failed to fetch user info: ${error}`);
}
}
async refreshToken(refresh_token: string) {
const tokenEndpoint = `https://${this.domain}/oauth/token`;
const payload = {
grant_type: 'refresh_token',
client_id: this.client_id,
refresh_token
};
try {
const response = await axios.post(tokenEndpoint, payload, {
headers: {
'Content-Type': 'application/json'
}
});
return response.data;
} catch (error) {
throw new Error(`Failed to refresh token: ${error}`);
}
}
private async exchangeCodeForToken(code: string) {
const tokenEndPoint = `https://${this.domain}/oauth/token`;
const payload = {
grant_type: 'authorization_code',
client_id: this.client_id,
client_secret: this.client_secret,
code,
redirect_uri: this.redirect_uri
};
try {
const response = await axios.post(tokenEndPoint, payload, {
headers: {
'Content-Type': 'application/json'
}
});
const { access_token, id_token, refresh_token } = response.data;
return { access_token, id_token, refresh_token };
} catch (error) {
throw new Error(`Failed to exchange code for token: ${error}`);
}
}
}
server.jsrequire('dotenv').config();
const express = require('express');
const Auth = require('./client').default;
const auth = new Auth(
process.env.AUTH0_DOMAIN,
process.env.AUTH0_CLIENT_ID,
process.env.AUTH0_REDIRECT_URI,
process.env.AUTH0_CLIENT_SECRET
);
const app = express();
app.use(express.json());
// CORS Middleware (optional, for frontend integration)
app.use((req, res, next) => {
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept');
next();
});
app.get('/', (req, res) => {
return res.send('Hello, Auth0 Demo!');
});
app.get('/login', (req, res) => {
res.redirect(auth.startAuthFlow());
});
app.get('/callback', async (req, res) => {
const { code } = req.query;
try {
const { access_token } = await auth.handleCallback(code);
const user = await auth.getUserInfo(access_token);
console.log('User Info:', user);
// Extract the user's name and email
const userName = user.name || 'Unknown User';
const userEmail = user.email || 'No email provided';
// Send the response with user details
res.send(`
<h1>Welcome, ${userName}!</h1>
<p>Email: ${userEmail}</p>
<p>User information has been logged to the console.</p>
`);
} catch (error) {
console.error(error);
res.status(500).send('Authentication failed');
}
});
const PORT = process.env.PORT || 3000;
app.listen(PORT, () => {
console.log(`Server running on port ${PORT}`);
});
安装依赖项
npm install
编译client.ts
client.tstsc
奔跑server.js
server.jsnode server.js
通过浏览器登录
http://localhost:3000/login
结果
最新问题
- 如何在Android Kotlin中每5秒致电API?
- Sci-kit学习:研究错误分类的数据
- 如何从C#中的QueryPerformancecount
- 不能将ApplicationSights的度量添加到Azure
- 我如何禁用,在键入点(。)视觉工作室后会自动打印fileStyleUriparSer? 不要误会我的意思,我想要这些建议,但我不希望Visual Studio自动
- 我有一个vba excel模型,我将其分为两个单独的工作簿: 包含模型的所有输入的InputswB, RunnerWB,其中包含大部分VBA代码(以及所有
- 在bash中``读''的目的是什么?您如何使用它?
- 如何在C#中为帐户中创建持久字典?
- 如何从另一个数组的值中生成一个随机数组,其值的总和在预定的范围内? 我有一系列正整数,例如[10,25,40,55,80,110]。 我想能够指定一个范围,例如100-150,并从此预先存在的数组中生成一个新数组,其中新的
- 如何支持更改登录电子邮件与Auth0
- 我正在尝试将JS文件保存在Chrome覆盖文件的指定文件夹中,并且每当我按右键单击然后单击“保存为覆盖”时,该文件就不会保存在文件夹中。 \
- 以下反应组件之间有什么区别? [重复]
- 我们如何在角度测试httpresource? 我喜欢Angular的新httpresource,它做了很多我很久以来一直想要的事情。它确实可以使生活更轻松。 但是,我在用茉莉花测试httpresource时遇到麻烦...
- 如何在.NET应用程序中访问GCP Secret Manager,并配置了代理? 我在Google Cloud Run上托管了一个.NET应用程序,需要访问GCP Secret Manager。我的应用程序可以正常工作,但是当我使用环境变量设置代理时(http ...
- 每个子图旁边的传说,python
- 将GhostPCL与图像转换为PDF
- 我有一个IoT中心和用Python编写的Azure函数应用程序。我希望Azure功能能够触发Hub收到的消息。
- 在运行Django测试之前,加载SQL转储
- 如何在我的React节点项目中添加自定义HLS依赖关系的正确方法? 我想从https://github.com/video-dev/hls.js修改来源,然后将其添加到我的项目中。 我下载了https://github.com/video-dev/hls.js消息来源,进行了一些更改,并运行了NPM Run Build。 t ...
- 有人可以在MaxScript中解释struct定义内部的结构定义。
© www.soinside.com 2019 - 2025. All rights reserved.