Nebular: Extending Nebular Auth Strategies/Tokens

Created on 15 Jun 2019  路  3Comments  路  Source: akveo/nebular

Issue type

I'm submitting a ... (check one with "x")

  • [ ] bug report
  • [ X] feature request

Issue description

I鈥檓 trying to make use of the out of the box Nebular Auth components specifically with Firebase REST-based Auth. Login and register work fine for the most part but I need to make a few changes to get the other functions working correctly. I鈥檓 looking for help/examples on how to do the following:

  1. Change the payload for the requestPassword - firebase needs another field which isn鈥檛 passed
  2. Add a new Token type or change an existing token type. The response from login has other fields besides the token which I need (e.g. the firebase uid) but the simple text token only let鈥檚 me capture the tokenId and I can鈥檛 use the JWT token class as the payload doesn鈥檛 conform to a JWT.

Any examples or direction would be appreciated.

Current behavior:

Expected behavior:

Steps to reproduce:

Related code:

insert short code snippets here

Other information:

npm, node, OS, Browser

Node 10.x, Linux/Mac OSX, Chrome

Angular, Nebular

Angular 8
Nebular 4.0
auth needs info
Source
picture henry74

All 3 comments

Hi @henry74,

  1. Could you give me some details on that field? Probably we can change the flow to allow passing some additional fields.
  2. For example, you can take a look at the OAuth2 token implementation https://github.com/akveo/nebular/blob/master/src/framework/auth/services/token/token.ts#L224 that allows storing JSON strings with arbitrary data.

Also, if you are able to open a PR with the new firebase strategy, that would be a great addition to Nebular.

nnixaa picture nnixaa on 17 Jun 2019

For #1 see here: The payload requires a requestType: "PASSWORD_RESET"; I think ideally all the built-in functions should allow some level of payload shaping to support different REST endpoints.

curl 'https://www.googleapis.com/identitytoolkit/v3/relyingparty/getOobConfirmationCode?key=[API_KEY]' \
-H 'Content-Type: application/json' \
--data-binary '{"requestType":"PASSWORD_RESET","email":"[[email protected]]"}'

Here's the response error I get from using the Nebular default requestPassword implementation:

{
  "error": {
    "code": 400,
    "message": "MISSING_REQ_TYPE",
    "errors": [
      {
        "message": "MISSING_REQ_TYPE",
        "domain": "global",
        "reason": "invalid"
      }
    ]
  }
}

For #2, should I create my own token implementation by extending NbSimpleAuthToken?
Here's an example of the payload returned from login using the Firebase REST API:

{
  "kind": "identitytoolkit#VerifyPasswordResponse",
  "localId": "ZY1rJK0eYLg...",
  "email": "[[email protected]]",
  "displayName": "",
  "idToken": "[ID_TOKEN]",
  "registered": true,
  "refreshToken": "[REFRESH_TOKEN]",
  "expiresIn": "3600"
}

Perhaps a better design approach for all endpoint configuration is to allow injecting key/value pairs into the request payload and handling of any JSON object for responses.

henry74 picture henry74 on 17 Jun 2019

I found this in an older commit. Looks like there was an NbFirebaseAuthProvider at some point - do you know what happened to it?

henry74 picture henry74 on 17 Jun 2019
👀4
Was this page helpful?
0 / 5 - 0 ratings

Related issues

ChristianVega5421 picture ChristianVega5421  路  3Comments
obarazan picture obarazan  路  3Comments
johnsnow20087349 picture johnsnow20087349  路  3Comments
bestasholli picture bestasholli  路  3Comments
aqsdc1 picture aqsdc1  路  3Comments