我希望在验证的afterCallback上验证ID令牌,问题是当验证并有错误时,当我抛出错误时,Nodejs崩溃,如果我不抛出错误,我可以在服务器端console.log它,但我无法将此错误显示给实际客户端。
下面的代码片段app.use(
auth({
issuerBaseURL: process.env.ISSUER_BASE_URL,
baseURL: process.env.BASE_URL,
clientID: process.env.CLIENT_ID,
secret: process.env.SECRET,
clientSecret: process.env.CLIENT_SECRET,
authorizationParams: {
response_type: 'code',
scope: 'openid profile email'
},
authRequired: true,
idpLogout: false,
routes: {
postLogoutRedirect:'/logged-out'
},
afterCallback: async(req, res, session) => {
const claims = jose.JWT.decode(session.id_token); // using jose library to decode JWT
console.log(claims);
let options={ algorithms: ['S256'], audience: process.env.CLIENT_ID, issuer: process.env.ISSUER_BASE_URL, complete: true }
jwt.verify(session.id_token, getKey, options, function (err, decoded) {
if (err) {
console.log(err)
throw new Error(err) //This crashes my service and it is not caught or sent over to the client
}
});
return session;
}
})
);
我已经尝试使用异步和同步功能之间的切换,我试图也res.send当验证错误发生,但这会导致一个错误:不能设置头后,他们被发送到客户端
一旦我添加了一个Try -catch块并删除了jwt.verify进程Can't set headers after they are sent to the client的回调,您将获得此错误,因为您正在发送res.send两个或更多时间到前端客户端,以避免此始终使用return
app.use(
auth({
issuerBaseURL: process.env.ISSUER_BASE_URL,
baseURL: process.env.BASE_URL,
clientID: process.env.CLIENT_ID,
secret: process.env.SECRET,
clientSecret: process.env.CLIENT_SECRET,
authorizationParams: {
response_type: 'code',
scope: 'openid profile email'
},
authRequired: true,
idpLogout: false,
routes: {
postLogoutRedirect:'/logged-out'
},
afterCallback: async(req, res, session) => {
try {
const claims = jose.JWT.decode(session.id_token); // using jose library to decode JWT
let options={ algorithms: ['S256'], audience: process.env.CLIENT_ID, issuer: process.env.ISSUER_BASE_URL, complete: true }
await jwt.verify(session.id_token, getKey, options);
return session;
} catch (error) {
return res.json({
success: false,
message: error.message
})
}
}
})
);