oauth-provider-support: Actions.jsx - What is the auth object expected in tryLoggedIn()?

[gastongouron]

Hello! (and thank you for your work on this incredibly nice react wrapper for devise 👍)

I'm currently working on the auth-provider-support branch in order to implement a facebook login on a rails/reactJs project. I noticed the authentication flow goes good, facebook responds to the server with a hash of facebook data, the server creates/finds the resource user, thanks to the uid parameter:

Exemple for existing user logging in through facebook:

User Load (0.7ms)  SELECT  "users".* FROM "users" WHERE "users"."provider" = $1 AND "users"."uid" = $2 ORDER BY "users"."id" ASC LIMIT $3  [["provider", "facebook"], ["uid", "1016096009480261"], ["LIMIT", 1]]

Then, in the omniauth callback controller, the server responds to the client with a status 200 + user resource and request headers specifying what should be the auth_token:

 def facebook
    puts request.env #is always nil... can't figure out why.
    @user = User.from_omniauth(params["accessToken"])
    if @user.persisted?
      sign_in @user, event: :authentication 
      response.set_header('Authorization', @user.confirmation_token) #client expects something else?
      render json: @user, status: :ok 
    else
      session["devise.facebook_data"] = request.env["omniauth.auth"]
      redirect_to new_user_registration_url
    end
  end

The tryLoggedIn function from Actions.jsx is triggered and doesn't seem happy with this token (because it's obviously invalid) and raises:

 bluebird.js:953 Unhandled rejection InvalidTokenError    at Object.<anonymous> 
 (http://localhost:3000/static/js/bundle.js:125011:32)    at __webpack_require__ 
 (http://localhost:3000/static/js/bundle.js:556:30)    at fn 
 (http://localhost:3000/static/js/bundle.js:87:20)    at Object.<anonymous> 
 (http://localhost:3000/static/js/bundle.js:124965:19)    at __webpack_require__ 
 (http://localhost:3000/static/js/bundle.js:556:30)    at fn 
 (http://localhost:3000/static/js/bundle.js:87:20)    at Object.<anonymous> 
 (http://localhost:3000/static/js/bundle.js:124940:21)    at __webpack_require__ 
 (http://localhost:3000/static/js/bundle.js:556:30)    at fn 
 (http://localhost:3000/static/js/bundle.js:87:20)    at Object.<anonymous> 
 (http://localhost:3000/static/js/bundle.js:124894:18)    at __webpack_require__ 
 (http://localhost:3000/static/js/bundle.js:556:30)    at fn 
 (http://localhost:3000/static/js/bundle.js:87:20)    at Object.<anonymous> 
 (http://localhost:3000/static/js/bundle.js:35571:18)    at __webpack_require__ 
 (http://localhost:3000/static/js/bundle.js:556:30)    at fn 
 (http://localhost:3000/static/js/bundle.js:87:20)    at Object.<anonymous> 
 (http://localhost:3000/static/js/bundle.js:33028:15)

Question:
What is the authToken value supposed to be in the context of the tryLoggedIn Method?

const tryLoggedIn = (response, dispatch) => {
  const auth = response.headers.get('authorization'); // I can't figure out which values it expects
  // auth returns the value of @user.confirmation_token 
  if (auth) {
    const [_, authToken] = auth.split(' '); // eslint-disable-line no-unused-vars
    if (authToken) {
      setAuthToken(authToken);
      dispatch({
        type: 'LOGGED_IN',
        payload: authToken
      });
    }
  }
  return response;
};

Notes:

• As you can see, In my case, request.env["omniauth.auth"] is always nil so I have to pass the parameters via params. I don't think it affects the omniauth workflow so far.

• I tried to return various values as authToken, the accessToken provided by facebook, the confirmation_token of the user, also formatted such as "Bearer xxxxxxxxxxxxx" and even tried the warden data... it didn't work but I'm loosing faith.

• As a view for facecbook login, I use the example @timscott provided in this issue: Omniauth Support? #2

• the gems I use are:

gem 'devise'
gem 'devise-jwt'

Thanks for your time, any input truly appreciated

[gastongouron]

Solved by passing devise bearer token, the way indicated here waiting-for-dev/devise-jwt#3.