Here is the scenario I would like to achieve:
-
User authenticated using:
router.get(‘/login’, passport.authenticate(‘auth0’, {
clientID: env.AUTH0_CLIENT_ID,
domain: env.AUTH0_DOMAIN,
redirectUri: env.AUTH0_CALLBACK_URL,
responseType: ‘code’,
audience: ‘https://’ + env.AUTH0_DOMAIN + ‘/userinfo’,
scope: ‘openid profile’}),
function(req, res) {
res.redirect(“/”);
}); -
get the user profile and do some validation:
router.get( ‘/callback’,
passport.authenticate(‘auth0’, {
failureRedirect: ‘/failure’
}),
function(req, res) {
res.redirect(req.session.returnTo || ‘/user’);
}
); -
Send the authorization code received from the authentication process to 3rd party for an Authorization code grant.
The problem is, once my callback is called and this runs
passport.authenticate(‘auth0’, {
failureRedirect: ‘/failure’
}),
the authorization code is already been exchanged and I cannot use it again.
How can I get another code to be used without the need to re authenticate the user again?
I might be looking at this from a wrong way. The dilemma I need to capture the user profile before sending the code to the 3rd party.
Appreciate your help guys been looking at this for the past 2 days