Custom Social Connection - Fetch User Profile Script

amisson · December 31, 2018, 2:54pm

I’ve been trying to get the “Fetch User Profile Script” to work with a custom social connection, and haven’t had any luck. I’m running a local instance of IdentityServer4 as the identity provider. The setup is essentially one of the IdentityServer4 quickstarts, with slight modifications.

When use a hard-coded profile like the first example listed here, I’m able to use the “Try” button, and everything works as expected. When I start to try to plug in in the userinfo endpoint in the “Fetch User Profile Script” from the endpoint is never being called according the the console logs. I am able to see the authorization and token endpoints being called, but the userinfo endpoint is never called. Any help is appreciated!

Is there anything special about the user profile script that I’m missing? Below is some additional information about my setup:

Authorization URL: http://localhost:5000/connect/authorize
Token URL: http://localhost:5000/connect/token
User Profile Script:

function(access_token, ctx, callback){
  
  request({
    method: 'GET',
    url: 'http://localhost:5000/connect/userinfo',
    headers: {
      Authorization: 'Bearer ' + access_token
    }
  }, function(err, resp, body) {
      
      if(err) {
        return callback(err)
      }
      
      if(resp.statusCode !== 200) {
        return callback(new Error('StatusCode:' + r.statusCode));
      }
      
      let profile = {
        user_id: '12377',
        given_name: 'Eugenio',
        family_name: 'Pace',
        email: 'eugenio@mail.com'
      };  
      callback(null, profile);
    });
}

nicolas_sabena · December 31, 2018, 3:05pm

Is the Fetch User Script sample that you provided here the one that works or the one that does not? If this is the one that works, what is the non-working version?

amisson · December 31, 2018, 3:07pm

The one above is the script that does not work. The error I’m getting is:

{
  "error": "invalid_request",
  "error_description": "connect ECONNREFUSED 127.0.0.1:5000"
}

The working script is this:

function(access_token, ctx, callback){
  // call the oauth2 provider and return a profile
  // here we are returning a "mock" profile, you can use this to start with to test the flow.
  var profile = {
    user_id: '123',
    given_name: 'Eugenio',
    family_name: 'Pace',
    email: 'eugenio@mail.com'
  };

  callback(null, profile);
}

nicolas_sabena · December 31, 2018, 6:36pm

Sorry I didn’t notice the URL right away. You are trying to make an HTTP request from Auth0’s service on the cloud to your localhost, which is never going to work.
You’ll only be able to reach a resource that is available on the internet from the Auth0 server where the script runs. /authorize works because it’s requested from the browser, but /token won’t work either when running on localhost.

system · January 30, 2019, 6:36pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.