Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Provide the failure-redirect route to ensureAuthenticated dynamically #25

Open
2 of 9 tasks
dimapx opened this issue May 21, 2019 · 0 comments
Open
2 of 9 tasks

Comments

@dimapx
Copy link

dimapx commented May 21, 2019

I'm submitting this issue for the package(s):

I'm submitting a:

  • Bug report
  • Feature request
  • Other (Describe below)

Current behavior

When using oidc.ensureAuthenticated as a middlewear, you support a redirectTo param to redirect a user to a (dynamically set) route after a successful authentication callback. When oidc.ensureAuthenticated fails the authentication attempt (due to a missing/invalid/expired cookie etc.), it always redirects the request to the pre-configured fixed routes.login.path route.

Expected behavior

I'd like to be able to dynamically set a route to go to upon a failed authentication callback (e.g. via a new failedRedirectTo param on oidc.ensureAuthenticated).

Minimal reproduction of the problem with instructions

A standard usage of oidc.ensureAuthenticated as a middlewear on any route, e.g. -

server.all('/someRoute', oidc.ensureAuthenticated());

Extra information about the use case/user story you are trying to implement

Consider the following scenario - we want to know what is the original target route of a user that attempts to login but has no session. Eventually when the user is able to login, we want to seamlessly navigate him to his original target route.

If there was a theoretical failedRedirectTo param, I could dynamically "persist" the original target route (dynamically extracted from req.originalUrl for example) via a query param like so:

oidc.ensureAuthenticated({ failedRedirectTo: `/login?nextUrl=${originalTargetRoute}` })

This would redirect the request to our login page with the added nextUrl query param, such that eventually when the user is authenticated, he will be navigated inside the app to his original target route (obviously it will be different route for different users).

Environment

  • Package Version: Package Version: 2.0.0
  • Node version (node -v): 8.x, 10.x
@denysoblohin-okta denysoblohin-okta transferred this issue from okta/okta-oidc-js Nov 3, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant