Keycloak Auth Method #118
Comments
|
I am also looking to implement ORY. ORY is a set of open-source projects that focus on building cloud-native authentication (ORY Hydra), authorization (ORY Keto), and user management (ORY Kratos) solutions. |
|
Hey guys, you can open a pr if you want to add a new provider. You can see how we did it for the other strategies 😊 Also, this person would be interested in a steam auth #117 |
|
Yes @adrien2p sure, I'm free to start now. I can do a first example for Keycloak, then @edardev can continue with Ory (it's been a long time since I did Ory 🙈). For steam, I'll need to read first how it works. but I already saw a passport-steam. |
|
Shall we go for a more general openid client using passport-oauth2? That way more people could add their own clients. |
|
Ok, I went with passport-oauth2. This way we can integrate with more clients. You can see a PR #119 |
This seems like a great idea, thanks. I did also notice there is passport-steam (for my case of course), in case it requires something special (but it probably does not) Thanks @adrien2p for mentioning! |
|
Yeah @piereligio. Now'll wait for @adrien2p to merge before I start looking at the steam addon. Or can already do that 🙈 |
I think I would do that pretty easily myself, but honestly I didn't even figure out how to set it up. I tried Facebook by instance, no success logging in a new user. Maybe I'm using the wrong route, I've only followed the guide of the plugin EDIT: Google working fine now |
|
Hey guys, super for the pr 💪 next week ill have more free time and ill be able to look at it, beginning of the week probably. I am still following the thread dont worry 😄 Recap is almost there and I had a lot of work to do this week. Hope you understand guys🤞 |
I'm taking a closer look now, and looks like Steam uses OpenID only, now, not Oauth, for some reason. (I need in particular to use steam login for collecting the steam ID in a reliable way, I don't know if it's possible to integrate this in the plugin) |
|
@piereligio I think it's possible. But we can simply integrate openid and to match with all other openid clients. How about it? |
As long as it will work, I'd be very grateful regardless of what package is used. I was trying with the steam one but I guess it's the same thing. Maybe the generic OpenID one will require some additional parameter to get set up? That wouldn't be a problem if it's clear how to use it. Thanks in advance! [ however I spent today trying to make it work using passport-steam but looks like I cannot make it even start. I'm getting the error: |
|
@piereligio if you are trying locally, either use --preserve-symlink or rm the duplicate passport package in the node modules (depending on your package manger). Only one instance of passport must exists otherwise the strategies are not located in the right one. If the issue does not come from that it would mean that an error occured while loading the plugin and therefore nothing get registered |
Where should I use --preserve-symlink? I've tried running yarn start:custom, which has --preserve-symlink . Error: Unknown authentication strategy "steam.store.medusa-auth-plugin" Like I said earlier, probably I'm doing something wrong, but I really don't understand where. I tried rebuilding both medusa-plugins-custom and medusa-plugin-auth-piereligio. Maybe there is some way I should register new strategies? |
|
The #119 was merged. So I'll start working on the next steps. I check into the code of Because, as for Steam it's illegal to expose email addresses. |
I see it returns SteamID, which could be used as identifier in my case, but I guess Medusa might have trouble with that. Damn 🥲 |
|
@piereligio I wrote a code for this integration. It won't work well, except we change a bit the Edit: Here is the PR #120 |
You totally can still do it. See, there's this method called |
Thank you so much, I'm going to try it ASAP. |
Sure!
Then you'll have the code |
At the risk of looking dumb, 3 final questions:
I hope not to be annoying at this point, the fact is that I tried to install without success. I tried by doing the following steps (starting from having the plugin not installed at all):
Thank you very much |
|
When installing the plugin locally, you can link it and start your backend with the custom entry point that I believe also use the node flag preserve symlink. Second option, in the plugin directory you can use the package manager pack command and then install from the tgz in your backend |
|
Hey there. I don't really understand why, but using 1.8.1 works, 1.8.2 doesn't. I'm not even talking of the locally installed version from @stephane-segning . The issue that emerges is that when I access the routes provided by the plugin, it will be returned { "exists" : false } . EDIT1: maybe it's on my end, since it also happens on 1.8.1 if I install it as a package (I used the tgz installation method). But the issue is even there on another dummy medusa installation I just did. Is there some way to log where the issue is? Can I send some configuration file to see if it makes sense or I've something wrong? |
|
Just to eliminate one thing, could you go in your node modules and remove the node module of medusa auth plugin. Let me know if it persist. Personally i use the tgz and don't have any issues. |
When I changed versions, I always did "yarn remove medusa-plugin-auth" and then installed again with yarn add. In this way the node modules plugin folder was always gone. If you meant that I should try to install tgz and then remove the node module, in this case it will fail launching medusa: it says that it didn't find medusa-plugin-auth. So installing the tgz again (using command yarn add file:packages/medusa-plugin-auth-v1.8.1.tgz ), it fails with the routes in the way I said earlier. It's super weird because 1.8.1 works fine if I use yarn add [email protected], but I encounter this issue on 1.8.2, and on any tgz I try to build and install (including 1.8.1 taken from the releases). Initially I even had this issue on 1.8.1 but it was gone when I fixed my setup on medusa-config.js . EDIT1: I was able to make 1.8.1 work from filesystem using yarn link. Now I'll try to do the same for 1.8.2. |
|
1.8.2 with the steam login modification now works for google and facebook login, but not steam, sadly. But it still returns { "exists" : false } on the steam login route. Is it possible there is some more cache to clean? Or maybe it's because I cannot run yarn build successfully on the plugin? The build fails because of the email being missing in the Steam strategy. Now I'm editing it to return null for the admin login callback (I only need to provide Steam login on the frontstore), and I'll try to build and install again. EDIT: yup, working now. It requires the necessary modifications to the core for allowing logging in using SteamID instead of email though. I might do that myself |
|
what should we do for this one guys? |
Good question. I ended up making the Steam one work, but it has the email limitation, so I generate it based on the steam ID,and use a metadata 'email contact' field for making the user receive the communications when buying. (I prefer keeping the steam IDs, and in this way I'm sure that the steam login will always work) It's pretty hacky, it can't go like this in any plugin ahah |
Hello, nice plugin guys. I want to use it for my next project. But I cannot, because a client want to integrate with his Keycloak SSO. Hence I'm re-openning this again, as I see the previous one (#65) was closed. I can work on that and can implement that feature. I just need to understand why the previous one wasn't approved
The text was updated successfully, but these errors were encountered: