OAuth2Strategy doesnt provide email in user profile


#1

Hi,

I use passport OAuth2Strategy authentication in our application for twitch users login.
But user profile doesn’t contain email address info.

I was reading through forums and I make you sure I verified my email address(test twitch account).

Could somebody help?
Thank you


#2

As in Node JS Passport Strategy?

You may wish to refer to this post

Where I covered the issue more extensivly


#3

I just did a test. The https://id.twitch.tv/oauth2/userinfo endpoint does NOT show email address. You will need to call to the Kraken or Helix API with the correct scope to get the email. So even if you make an updated passport strategy, it won’t pull email.

EDIT: See Barry’s Response. I was just checking an auth token with and without. I didn’t add scopes to the token request.


#4

Hi Both, thanks for help. I found out what was the cause of this issue.

in the example I used https://github.com/twitchdev/authentication-samples/blob/master/node/index.js

the request was done to https://api.twitch.tv/helix/users and this is twitch new API.

But in the example they specify scope user_read and this is twitch API v5.
So I tried to set scope to user:read:email and it deliveres then email address.

passport.use(‘twitch’, new OAuth2Strategy({
authorizationURL: ‘https://id.twitch.tv/oauth2/authorize’,
tokenURL: ‘https://id.twitch.tv/oauth2/token’,
clientID: config.twitch.twitch_client_id,
clientSecret: config.twitch.twitch_secret,
callbackURL: config.twitch.callback_url,
state: true,
scope: ‘user:read:email’,
passReqToCallback: true,
}


#5

THIS INFORMATION IS WRONG

It will if you make the correct claims under openID auth

You don’t need to do that. Please refer to the claims section of OIDC

I construct the following URL to redirect people to:

    var url = oidc_data.authorization_endpoint
        + '?client_id=' + client
        + '&redirect_uri=' + redirect
        + '&response_type=code'
        + '&force_verify=true'
        + '&scope=openid'
        + '&state=' + encodeURIComponent(req.session.state)
        + '&claims=' + JSON.stringify({
            userinfo: {
                email:null,
                email_verified:null,
                picture:null,
                preferred_username:null
            }
        });

Where oidc_data is fetched from https://id.twitch.tv/oauth2/.well-known/openid-configuration

Making a call to oidc_data.userinfo_endpoint I get: