I managed to set up OAuth2 login using passport-oauth2.
In the verify function, I receive an accessToken and a refreshToken. (Equivalent to token and tokenSecret in other examples.)
verify: function(accessToken, refreshToken, profile, done) {
done(null, { username: "Admin"});
}
What is the best way to make this info available to running flows? I need the access token to make further API requests on a REST api that the authenticating service provides.
Should I just save it to a json file on disk?
I'm not using OAuth2 but I also get authentication tokens from another authentication service and I'm saving/retreiving them from the flow context along with their expirancy date.
You can probably do the same with your OAuth2 tokens.
@Barbudor Thanks, but the verify function is defined in settings.js, not in a flow. The question is, how do I transfer the tokens into the active runtime from code running under settings.js.
See this example: Securing Node-RED : Node-RED
Ah ok.
Still, it may be possible that the context functions are available in settings.js.
May be you can try a global.set("token", token) in your verify function ?
Just to point future readers in some kind of direction, here is what I ended up doing. The verify function seems to run at a time, where the flow context is not available, so what I did instead was storing the access token on disk in a json file. Here is the verify function:
verify: (accessToken, refreshToken, profile, done) => {
const fs = require('fs');
fs.writeFile('/data/accesstoken.json', JSON.stringify({ accessToken, refreshToken }),(err) => {
console.log(err);
});
done(null, { username: "my@email.com"});
}
I am using the node red docker container, which has the data folder in the path pointed to in the code above.
Now inside a flow I can set up a watch node to look for changes in that file path and load the new access token automatically after user login. Pretty simple solution and it works fine for my needs.
