Code Monkey home page Code Monkey logo

Comments (3)

mjangir avatar mjangir commented on June 29, 2024

@dafreaki What exactly your use case is?

from nestjs-hybrid-auth.

icameron avatar icameron commented on June 29, 2024

being able to pass the state of the request i.e a nonce or the referring url basically something that the callback can consume please see https://dev.twitch.tv/docs/authentication/getting-tokens-oauth

Parameter Required? Type Description
client_id Yes String Your app’s registered client ID.
force_verify No Boolean Set to true to force the user to re-authorize your app’s access to their resources. The default is false.
redirect_uri Yes URI Your app’s registered redirect URI. The authorization code is sent to this URI.
response_type Yes String Must be set to code.
scope Yes String A space-delimited list of scopes. The APIs that you’re calling will identify the scopes you must list. You must URL encode the list.
state No String Although optional, you are strongly encouraged to pass a state string to help prevent Cross-Site Request Forgery (CSRF) attacks. The server returns this string to you in your redirect URI (see the state parameter in the fragment portion of the URI). If this string doesn’t match the state string that you passed, ignore the response. The state string should be randomly generated and unique for each OAuth request.


from nestjs-hybrid-auth.

maddygoround avatar maddygoround commented on June 29, 2024

I have modified the Authguard to support dynamic values for state.

  getAuthenticateOptions(context: ExecutionContext): IAuthModuleOptions {
    const request = context.switchToHttp().getRequest()
    return {
      state: Buffer.from(JSON.stringify(request.query)).toString('hex'),
    }
  }

from nestjs-hybrid-auth.

Related Issues (5)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.