Comments (8)
codecowboy
commented on August 22, 2024
Do the params need to be encoded into the web token? If so that won't work for me either. I'd like to connect to the API from the IFTTT Maker channel which doesn't allow manipulation of the Http Headers
from nodebb-plugin-write-api.
julianlam
commented on August 22, 2024
Hi @codecowboy -- the payload values need to be embedded in the web token itself. No manipulation of th HTTP headers is required when using JWT.
from nodebb-plugin-write-api.
codecowboy
commented on August 22, 2024
@julianlam thanks. I was looking at hitting the API from a webhook which is part of the IFTTT Maker channel. Unfortunately I would need to pass the bearer token as part of the request body as there is no provision for encoding a JWT or setting a header.
From lib/node_modules/passport-http-bearer/strategy.js it looks like you have disabled this option somehow:
if (req.body && req.body.access_token) {
if (token) { return this.fail(400); }
token = req.body.access_token;
}
if (req.query && req.query.access_token) {
if (token) { return this.fail(400); }
token = req.query.access_token;
}
if (!token) { return this.fail(this._challenge()); }
Is that the case? tried altering that code but didn't get anywhere.
from nodebb-plugin-write-api.
julianlam
commented on August 22, 2024
I didn't modify http-bearer (you'll notice it's not in the repo files). You'll need to encode the payload in the actual POST payload or GET querystring parameter.
from nodebb-plugin-write-api.
codecowboy
commented on August 22, 2024
Hmmm, I am confused then. I see now that you are pulling in passport-http-bearer as a dependency - apologies.
I guess this comment in that file is just wrong and they took this functionality out:
* The HTTP Bearer authentication strategy authenticates requests based on
* a bearer token contained in the `Authorization` header field, `access_token`
* body parameter, or `access_token` query parameter.
I've tried both access_token in the query string and the post body and it doesn't work.
from nodebb-plugin-write-api.
codecowboy
commented on August 22, 2024
For anyone else having this issue, I also posted here - jaredhanson/passport-http-bearer#42
from nodebb-plugin-write-api.
julianlam
commented on August 22, 2024
@codecowboy Are you still experiencing issues getting the token parsed?
from nodebb-plugin-write-api.
codecowboy
commented on August 22, 2024
@julianlam you can probably close this. I wrote a script which sets the appropriate headers for me.
from nodebb-plugin-write-api.
Related Issues (20)
- Ban/Unban API v2 Endpoints not working
- Is there any api endpoint to send users an email to reset their password?
- Token generation api responses time out HOT 4
- 2FA HOT 11
- Timeout since upgrade with API v2 HOT 6
- This plugin doesn't appear in the list of the write plugins in my admin screen HOT 3
- Easier token revocation HOT 5
- error: Cannot set headers after they are sent to the client HOT 4
- Banned users cannot use write-api even after ban expires
- Create User from Node.js Failure. HOT 3
- Warn or prohibit creation of new user of same username HOT 2
- Follow logic is backwards HOT 1
- [Question] Create Topic as Current User HOT 2
- Access to admin pages with master token HOT 5
- Revoke Session via Write API HOT 1
- Upload functionality has been broken HOT 7
- How to delete user account + content? HOT 3
- Dependency Dashboard
- Please explain what does "Any other data passed in will be saved into the user hash" means HOT 1
- No bearer authentication for Read API HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nodebb-plugin-write-api.