How do I make accessToken and refreshToken from OAuth2 login available to flows?

andersea · 3 May 2022 17:37

I managed to set up OAuth2 login using passport-oauth2.

In the verify function, I receive an accessToken and a refreshToken. (Equivalent to token and tokenSecret in other examples.)

                verify: function(accessToken, refreshToken, profile, done) {
                    done(null, { username: "Admin"});
                }

What is the best way to make this info available to running flows? I need the access token to make further API requests on a REST api that the authenticating service provides.

Should I just save it to a json file on disk?

Barbudor · 4 May 2022 07:46

I'm not using OAuth2 but I also get authentication tokens from another authentication service and I'm saving/retreiving them from the flow context along with their expirancy date.
You can probably do the same with your OAuth2 tokens.

andersea · 4 May 2022 16:34

@Barbudor Thanks, but the verify function is defined in settings.js, not in a flow. The question is, how do I transfer the tokens into the active runtime from code running under settings.js.

See this example: Securing Node-RED : Node-RED

Barbudor · 4 May 2022 17:15

Ah ok.
Still, it may be possible that the context functions are available in settings.js.
May be you can try a global.set("token", token) in your verify function ?

andersea · 25 June 2022 13:41

Just to point future readers in some kind of direction, here is what I ended up doing. The verify function seems to run at a time, where the flow context is not available, so what I did instead was storing the access token on disk in a json file. Here is the verify function:

    verify: (accessToken, refreshToken, profile, done) => {
        const fs = require('fs');
        fs.writeFile('/data/accesstoken.json', JSON.stringify({ accessToken, refreshToken }),(err) => {
            console.log(err);
        });
        done(null, { username: "my@email.com"});
    }

I am using the node red docker container, which has the data folder in the path pointed to in the code above.

Now inside a flow I can set up a watch node to look for changes in that file path and load the new access token automatically after user login. Pretty simple solution and it works fine for my needs.

system · 9 July 2022 13:42

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Node not saving dynamic credentials to cred file Developing Nodes	2	443	4 September 2020
Token in Cred files General	3	111	18 June 2023
Hashing credentials for POST /auth/token General	3	382	5 June 2021
How to implement SSO (Single Sign-On) based on Node-RED and passport-oauth2 Core Development security	5	156	4 March 2024
How to access auth_token General security	3	168	4 June 2023

How do I make accessToken and refreshToken from OAuth2 login available to flows?

Related Topics