medusa-auth-plugin not fetching google strategy names | Medusa Community | Page 1

twilit plover Jan 3, 2024, 3:49 PM

#

I have set up the plugin according to the docs: https://medusa-plugins.vercel.app/authentication/google, however when trying to log in with an admin via google, it tells me the user already exists.
When I log the strategyNames at the comparison of the validateAdminCallBack method, it tells me the strategyNames are undefined.

All the other strategyNames are defined, expect for the Google strategyNames.

{
  auth0: {
     admin: 'auth0.admin.medusa-auth-plugin',
    store: 'auth0.store.medusa-auth-plugin'
   },
   facebook: {
     admin: 'facebook.admin.medusa-auth-plugin',
    store: 'facebook.store.medusa-auth-plugin'
   },
   google: { admin: undefined, store: undefined },
   linkedin: {
     admin: 'linkedin.admin.medusa-auth-plugin',
     store: 'linkedin.store.medusa-auth-plugin'
  },
  firebase: {
    admin: 'firebase.admin.medusa-auth-plugin',
    store: 'firebase.store.medusa-auth-plugin'
   },
   azure_oidc: {
     admin: 'azure-oidc.admin.medusa-auth-plugin',
     store: 'azure-oidc.store.medusa-auth-plugin'
}
 }

worldly delta Jan 3, 2024, 5:16 PM

#

which version are you using? I think we already resolve a similar discussion in the past. Also, don't forget that you need to change the strict mode for admin, cause if the user already exists through email/pass then he wont be able to use another provider unless you set it explicitly in the metadata. All that is mentionned in the doc in the behavior section btw

twilit plover Jan 4, 2024, 8:33 AM

#

Hi Adrien, I am using the latest version (1.8.3). I have used the default set up from the docs, can you set the strict mode per admin or store?

#

Could you also explain why the google strategyNames end up being undefined in this configuration?

worldly delta Jan 4, 2024, 8:44 AM

#

which version of medusa are you using? you can indeed set the strict mode admin | store | none | all a per the documentation. If this strategy is undefined it probably meens that something when wrong during loading it.

twilit plover Jan 4, 2024, 8:46 AM

#

I am using medusa version 1.19.0

#

google: {
            clientID: GoogleClientId,
            clientSecret: GoogleClientSecret,
 
            admin: {
                callbackUrl:`${BACKEND_URL}/admin/auth/google/cb`,
                failureRedirect: `${ADMIN_URL}/login`,
 
                // The success redirect can be overriden from the client by adding a query param `?redirectTo=your_url` to the auth url
                // This query param will have the priority over this configuration
                successRedirect: `${ADMIN_URL}/`,
            },
 
            store: {
                callbackUrl:`${BACKEND_URL}/store/auth/google/cb`,
                failureRedirect: `${STORE_URL}/login`,
 
                // The success redirect can be overriden from the client by adding a query param `?redirectTo=your_url` to the auth url
                // This query param will have the priority over this configuration
                successRedirect: `${STORE_URL}/`,
 
           
            }
        }
    }

#

Is it also possible to the set the strict mode for inside the admin and store?

worldly delta Jan 4, 2024, 8:55 AM

#

no the strict is for all strategy at the top level of the options

twilit plover Jan 4, 2024, 8:58 AM

#

So if I want to use it for customer and admin, which strict mode should I use?

worldly delta Jan 4, 2024, 8:59 AM

#

strict mode is not meant to decide if you want to use it for customer and/or admin. I suggest you to read the doc about it

twilit plover Jan 4, 2024, 9:00 AM

#

https://medusa-plugins.vercel.app/authentication/google, I have read the docs. However I could not find an explicit explanation for it.

worldly delta Jan 4, 2024, 9:00 AM

#

you can read the default behaviour section

#

basically, by default, the admin need to auth first with email/pass to not allow everybody to register to your admin which could be a breach, then usually you would create a ui component to allow to assign social auth for your admins. the default behaviour for the store is that the customer can only use the auth provider that has been used for the account creation. the strict mode allow to bypass those constraints

twilit plover Jan 4, 2024, 9:05 AM

#

Ah alright, so the default mode is what I am looking for.

#

When I used the default mode, without setting a strict mode, it still gives me an error regarding the admin login

worldly delta Jan 4, 2024, 9:06 AM

#

the default is set to all, which means strict for all

#

what is the error you are getting?

twilit plover Jan 4, 2024, 9:07 AM

#

Admin with email x already exists

#

I have set the metadata to contain the auth provider, but the comparison seems to fail on the strategy name being undefined

worldly delta Jan 4, 2024, 9:08 AM

#

/**
* When set to admin | store | all, will only allow the user to authenticate using the provider
* that has been used to create the account on the domain that strict is set to.
*
* @default 'all'
*/

#

what is the value of strategyName in the google/admin#getGoogleAdminAuthRouter ?

twilit plover Jan 4, 2024, 9:15 AM

#

undefined

worldly delta Jan 4, 2024, 9:17 AM

#

are you sure, cause it is a constant value 🤔

#

this one

twilit plover Jan 4, 2024, 9:21 AM

#

I have tried again, it gives me google.admin.medusa-auth-plugin_google

worldly delta Jan 4, 2024, 9:26 AM

#

so thats the value you are lookingfor

twilit plover Jan 4, 2024, 9:28 AM

#

Yes, but in the validateAdminCallback the strategyName variable is undefined

worldly delta Jan 4, 2024, 9:28 AM

#

sounds weird, it comes from the one you logged above

#

can you log the one in the getLoadAdminStrategy

twilit plover Jan 4, 2024, 9:29 AM

#

When I look at the plugin files in my project the files are different from github. Let me show you an example

worldly delta Jan 4, 2024, 9:29 AM

#

it shouldbe the same value

twilit plover Jan 4, 2024, 9:30 AM

#

async function validateAdminCallback(profile, { container, strategyErrorIdentifier, strict, }) {
    var _a, _b;
    const userService = container.resolve('userService');
    const email = (_b = (_a = profile.emails) === null || _a === void 0 ? void 0 : _a[0]) === null || _b === void 0 ? void 0 : _b.value;
    if (!email) {
        throw new medusa_core_utils_1.MedusaError(medusa_core_utils_1.MedusaError.Types.NOT_ALLOWED, `Your ${capitalize(strategyErrorIdentifier)} account does not contains any email and cannot be used`);
    }
    const user = await userService.retrieveByEmail(email).catch(() => void 0);
    if (user) {
        strict !== null && strict !== void 0 ? strict : (strict = 'all');
        if ((strict === 'all' || strict === 'admin') &&
            (!user.metadata || user.metadata[types_1.AUTH_PROVIDER_KEY] !== types_1.strategyNames[strategyErrorIdentifier].admin)) {
            throw new medusa_core_utils_1.MedusaError(medusa_core_utils_1.MedusaError.Types.INVALID_DATA, `Admin with email ${email} already exists`);
        }
    }
    else {
        throw new medusa_core_utils_1.MedusaError(medusa_core_utils_1.MedusaError.Types.NOT_ALLOWED, `Unable to authenticate the user with the email ${email}`);
    }
    return { id: user.id };
}

#

This is what the validateAdminCallback method looks like in the files in the medusa-plugin-auth folder of my node_modules

worldly delta Jan 4, 2024, 9:31 AM

#

let me look

#

ok, let me push a new version, something seems to have gone wrong

twilit plover Jan 4, 2024, 9:45 AM

#

Ah alright, let me know if the new version is available 😄

worldly delta Jan 4, 2024, 9:52 AM

#

In the new version I ll push, the configuration has changed a little bit, the doc is not yet up to date. basically now the options are thisexport type AuthOptions = AuthProvider & ProviderOptions; so when using multiple providers, you can pass an array of providers. This allow you to have multiple provider similar provider but you can provide a different identifier

#

1.9.0 is pushed. the new options type is https://github.com/adrien2p/medusa-plugins/blob/main/packages/medusa-plugin-auth/src/types/index.ts#L25

GitHub

medusa-plugins/packages/medusa-plugin-auth/src/types/index.ts at ma...

A collection of awesome plugins for medusa :rocket: - adrien2p/medusa-plugins

twilit plover Jan 4, 2024, 9:58 AM

#

Amazing, I will try again!

worldly delta Jan 4, 2024, 9:59 AM

#

one sec

#

don't forget to specify the type as well

#

I ve got an issue, i ll come back later to you

worldly delta Jan 4, 2024, 10:28 AM

#

you can use the 1.9.1 the options looks like this

{
    resolve: "medusa-plugin-auth",
    /** @type {import('medusa-plugin-auth')} */
    options: [{
      type: "google",
      strict: "none",
      identifier: "google",
      clientID:
        "...",
      clientSecret: "...",
      admin: {
        callbackUrl: "http://localhost:9000/admin/auth/google/cb",

        failureRedirect: "http://localhost:7001/login",
        successRedirect: "http://localhost:7001/",

        authPath: "/admin/auth/google",
        authCallbackPath: "/admin/auth/google/cb",
      },
      store: {
        callbackUrl: "http://localhost:9000/store/auth/google/cb",

        failureRedirect: "http://localhost:8000/account/login",
        successRedirect: "http://localhost:8000/",

        authPath: "/store/auth/google",
        authCallbackPath: "/store/auth/google/cb",
      },
    },
    {
      type: "facebook",
      strict: "none",
      identifier: "facebook",
      clientID: "...",
      clientSecret: "...",
      admin: {
        callbackUrl: "http://localhost:9000/admin/auth/facebook/cb",

        failureRedirect: "http://localhost:7001/login",
        successRedirect: "http://localhost:7001/",

        authPath: "/admin/auth/facebook",
        authCallbackPath: "/admin/auth/facebook/cb",
      },
    }],
  },

twilit plover Jan 4, 2024, 10:46 AM

#

Yes, that seems to do the trick for me!

#medusa-auth-plugin not fetching google strategy names