问题
I'm using Auth0 and React Native Lock (created and maintained by Auth0) to authenticate users through Google, Facebook, and Twitter. Despite getting my app whitelisted by Twitter and adjusting my Twitter application permissions to request emails, I am not getting back an email in the raw JSON after a Twitter user authenticates. Why?
Twitter whitelisted permissions to retrieve email:
React Native Lock code mostly taken from sample app:
After logging in through Twitter, here is the raw JSON screenshot from Auth0 dashboard. No Twitter email.
回答1:
As of today, August 3rd 2016, it appears that the Auth0 strategy that maps social provider profile information from Twitter to an Auth0 normalized user profile does not contain a mapping for email attribute.
Don't believe this has anything to do with React Native, Lock, or the scope information you provided (although you would not need to explicitly put in email as you have already declared profile which gives you everything).
You can reproduce it by going to the Auth0 Dashboard, and choosing Connections -> Social -> Twitter then hit the Try button.
Screenshots below:
Result:
Email is not provided. Believe this is a conscious choice (rather than a bug) specific to Twitter social connections usage with Auth0 as twitter requires you to make an additional request after login to get just the email.
For example, you could use an Auth0 Rule (available on the dashboard under Rules -> Create Rule). See screenshot below:
NOTE: For this rule to work, your Twitter application must be whitelisted to access email addresses. See the docs associated with this rule for details.
回答2:
Based on https://github.com/auth0/rules/blob/master/rules/get-twitter-email.md,
I got it to work with the following,
function(user, context, callback) {
// NOTE: For this rule to work, your Twitter application must be whitelisted to access email addresses.
// See: https://dev.twitter.com/rest/reference/get/account/verify_credentials
//
// If Twitter does not return an email address, this rule will cause authentication to fail.
// This might not be the desired behavior, so make sure to adapt it to your requirements.
//
// Remember to set the TWITTER_CONSUMER_KEY and TWITTER_CONSUMER_SECRET configuration variables.
var request = require('request');
var oauth = require('oauth-sign');
if (context.connectionStrategy !== 'twitter') {
return callback(null, user, context);
}
var url = 'https://api.twitter.com/1.1/account/verify_credentials.json';
var params = {
include_email: true,
oauth_consumer_key: configuration.TWITTER_CONSUMER_KEY,
oauth_nonce: require('uuid').v4().replace(/-/g, ''),
oauth_signature_method: 'HMAC-SHA1',
oauth_timestamp: Date.now() / 1000 | 0,
oauth_token: user.identities[0].access_token,
oauth_version: '1.0',
};
params.oauth_signature = oauth.hmacsign(
'GET',
url,
params,
configuration.TWITTER_CONSUMER_SECRET,
user.identities[0].access_token_secret
);
var auth = Object.keys(params).sort().map(function(k) {
return k + '="' + oauth.rfc3986(params[k]) + '"';
}).join(', ');
request({
url: url + '?include_email=true',
headers: {
'Authorization': 'OAuth ' + auth
}
}, function(err, resp, body) {
if (err || resp.statusCode !== 200) {
return callback(new Error('Error retrieving email from twitter: ' + body || err));
}
var result;
try {
result = JSON.parse(body);
} catch (e) {
return callback(new Error('Invalid JSON returned by Twitter'));
}
if (!result.email) {
// Might not want to fail in this case
return callback(new Error('Twitter did not return an email address'));
} else {
user.email = result.email;
user.app_metadata = user.app_metadata || {};
// update the app_metadata that will be part of the response
user.app_metadata.social_email = user.email;
// persist the app_metadata update
auth0.users.updateAppMetadata(user.user_id, user.app_metadata)
.then(function(){
callback(null, user, context);
})
.catch(function(err){
callback(err);
});
return callback(null, user, context);
}
});
}
来源:https://stackoverflow.com/questions/37999972/twitter-whitelisted-my-application-so-i-can-retrieve-user-email-but-still-not-g