[openid support] passport-steam not working because callback doesn't match

[embiem]

I tried using passport-steam as Strategy, but it doesn't work, because the callback used in passport-strategies.js mismatches what passport-steam uses.

At least that is what I think might be the reason. I'm going to have another look at it this week, but would greatly appreciate any help.

Cheers!

[iaincollins]

Oh no!

That's weird, I haven't see that before! I thought that was a fixed list of arguments defined as part of the Passport API as everything had been consistent so far.

Hmm I'll think of a way to handle this.

Thanks for raising it!

[embiem]

I think it has something to do with steam auth being OpenID and Facebook, Twitter etc. generally use oAuth.

Another problem with OpenID is, that it doesn't return an email, which is currently needed in next-auth, right?

[iaincollins]

Ah, thanks I'd completely missed it was using OpenID and not oAuth!

Looking at a few examples and the official Passport documentation it looks like it shouldn't be hard to support OpenID as well, the only real difference is it is missing a parameter - it doesn't return a RefreshToken, just an AccessToken – which messes up what next-auth is expecting the order of parameters passed to the callback to be.

This should be relatively easy to accommodate and I'm going to make adding support for OpenID connections a feature request.

Regarding the email, yes it does need a unique email address property for each user, but it's okay if the service doesn't return one.

Some services don't (including Twitter, unless you explicitly enable it) in which case you can return something like ${profile.id}@${service}.localdomain in the getProfile() method for that function. You can also regex for this in the UI (e.g. look for *@twitter.localdomain) to prompt users to provide a real address after sign in, so they can recover their account later if they every lose access to their oAuth provider account (e.g. if are locked out, or if they delete that account).

[datenpate]

@iaincollins are you already working on supporting OpenID? I am working on it right now, but it will introduce some alternative routes to stay close to the oid standard.

[ghost]

Any update? I'm currently my own IdentityServer using OpenID connect. I'm now in the process of making a dashboard app and would like to use the Hybrid Flow in order to authenticate user's into the dashboard.

Cheers!

[LoriKarikari]

v2 has released now and doesn't use passport.js anymore.