feat: social login providers with dynamic instances

32d67ade · NGPixel · a7ddafd4 · 32d67ade · 32d67ade · 32d67ade
Commit 32d67ade authored Aug 30, 2020 by NGPixel
28 changed files
--- a/client/components/admin/admin-users-edit.vue
+++ b/client/components/admin/admin-users-edit.vue
@@ -125,7 +125,7 @@
                v-icon mdi-domain
              v-list-item-content
                v-list-item-title {{$t('admin:users.authProvider')}}
-                v-list-item-subtitle {{ user.providerKey }}
+                v-list-item-subtitle {{ user.providerName }} #[em.caption ({{ user.providerKey }})]
              //- v-list-item-action
              //-   v-img(src='https://static.requarks.io/logo/wikijs.svg', alt='', contain, max-height='32', position='center right')
            template(v-if='user.providerKey === `local`')
@@ -953,6 +953,7 @@ export default {
              name
              email
              providerKey
+              providerName
              providerId
              location
              jobTitle

--- a/client/components/admin/admin-users.vue
+++ b/client/components/admin/admin-users.vue
@@ -57,7 +57,7 @@
                td {{ props.item.id }}
                td: strong {{ props.item.name }}
                td {{ props.item.email }}
-                td {{ props.item.providerKey }}
+                td {{ getStrategyName(props.item.providerKey) }}
                td {{ props.item.createdAt | moment('from') }}
                td
                  span(v-if='props.item.lastLoginAt') {{ props.item.lastLoginAt | moment('from') }}
@@ -131,6 +131,9 @@ export default {
          icon: 'cached'
        })
      }
+    },
+    getStrategyName(key) {
+      return (_.find(this.strategies, ['key', key]) || {}).displayName || key
    }
  },
  apollo: {

--- a/client/components/profile/profile.vue
+++ b/client/components/profile/profile.vue
@@ -161,7 +161,7 @@
                autocomplete='off'
                hide-details
                )
-          v-card-chin
+          v-card-chin(v-if='user.providerKey === `local`')
            v-spacer
            v-btn.px-4(color='purple darken-4', dark, depressed, @click='changePassword', :loading='changePassLoading')
              v-icon(left) mdi-progress-check

--- a/dev/build-arm/Dockerfile
+++ b/dev/build-arm/Dockerfile
 # =========================
 # --- BUILD NPM MODULES ---
 # =========================
-FROM node:12-alpine AS build
+FROM node:14-alpine AS build
 RUN apk add yarn g++ make python --no-cache
@@ -14,7 +14,7 @@ RUN yarn --production --frozen-lockfile --non-interactive --network-timeout 1000
 # ===============
 # --- Release ---
 # ===============
-FROM node:12-alpine
+FROM node:14-alpine
 LABEL maintainer="requarks.io"
 RUN apk add bash curl git openssh gnupg sqlite --no-cache && \

--- a/dev/build/Dockerfile
+++ b/dev/build/Dockerfile
 # ====================
 # --- Build Assets ---
 # ====================
-FROM node:12-alpine AS assets
+FROM node:14-alpine AS assets
 RUN apk add yarn g++ make python --no-cache
@@ -23,10 +23,10 @@ RUN yarn --production --frozen-lockfile --non-interactive
 # ===============
 # --- Release ---
 # ===============
-FROM node:12-alpine
+FROM node:14-alpine
 LABEL maintainer="requarks.io"
-RUN apk add bash curl git openssh gnupg sqlite --no-cache && \
+RUN apk add bash curl git openssh gnupg sqlite pandoc --no-cache && \
    mkdir -p /wiki && \
    mkdir -p /logs && \
    mkdir -p /wiki/data/content && \

--- a/dev/containers/Dockerfile
+++ b/dev/containers/Dockerfile
 # -- DEV DOCKERFILE --
 # -- DO NOT USE IN PRODUCTION! --
-FROM node:12
+FROM node:14
 LABEL maintainer "requarks.io"
 RUN apt-get update && \
-    apt-get install -y bash curl git python make g++ nano openssh-server gnupg && \
+    apt-get install -y bash curl git python make g++ nano openssh-server gnupg pandoc && \
    mkdir -p /wiki
 WORKDIR /wiki

--- a/server/graph/resolvers/user.js
+++ b/server/graph/resolvers/user.js
@@ -23,9 +23,11 @@ module.exports = {
        .select('id', 'email', 'name', 'providerKey', 'createdAt')
    },
    async single(obj, args, context, info) {
+      console.info(WIKI.auth.strategies)
      let usr = await WIKI.models.users.query().findById(args.id)
      usr.password = ''
      usr.tfaSecret = ''
+      usr.providerName = _.get(WIKI.auth.strategies, usr.providerKey).displayName
      return usr
    },
    async profile (obj, args, context, info) {
@@ -37,9 +39,9 @@ module.exports = {
        throw new WIKI.Error.AuthAccountBanned()
      }
-      const providerInfo = _.find(WIKI.data.authentication, ['key', usr.providerKey])
+      const providerInfo = _.get(WIKI.auth.strategies, usr.providerKey, {})
-      usr.providerName = _.get(providerInfo, 'title', 'Unknown')
+      usr.providerName = providerInfo.displayName || 'Unknown'
      usr.lastLoginAt = usr.lastLoginAt || usr.updatedAt
      usr.password = ''
      usr.providerId = ''

--- a/server/graph/schemas/user.graphql
+++ b/server/graph/schemas/user.graphql
@@ -128,6 +128,7 @@ type User {
  name: String!
  email: String!
  providerKey: String!
+  providerName: String
  providerId: String
  isSystem: Boolean!
  isActive: Boolean!

--- a/server/models/users.js
+++ b/server/models/users.js
@@ -163,7 +163,7 @@ module.exports = class User extends Model {
  static async processProfile({ profile, providerKey }) {
    const provider = _.get(WIKI.auth.strategies, providerKey, {})
-    provider.info = _.find(WIKI.data.authentication, ['key', providerKey])
+    provider.info = _.find(WIKI.data.authentication, ['key', provider.stategyKey])
    // Find existing user
    let user = await WIKI.models.users.query().findOne({
@@ -273,7 +273,8 @@ module.exports = class User extends Model {
  static async login (opts, context) {
    if (_.has(WIKI.auth.strategies, opts.strategy)) {
-      const strInfo = _.find(WIKI.data.authentication, ['key', opts.strategy])
+      const selStrategy = _.get(WIKI.auth.strategies, opts.strategy)
+      const strInfo = _.find(WIKI.data.authentication, ['key', selStrategy.strategyKey])
      // Inject form user/pass
      if (strInfo.useForm) {
@@ -283,7 +284,7 @@ module.exports = class User extends Model {
      // Authenticate
      return new Promise((resolve, reject) => {
-        WIKI.auth.passport.authenticate(opts.strategy, {
+        WIKI.auth.passport.authenticate(selStrategy.strategyKey, {
          session: !strInfo.useForm,
          scope: strInfo.scopes ? strInfo.scopes : null
        }, async (err, user, info) => {
@@ -291,7 +292,10 @@ module.exports = class User extends Model {
          if (!user) { return reject(new WIKI.Error.AuthLoginFailed()) }
          try {
-            const resp = await WIKI.models.users.afterLoginChecks(user, context)
+            const resp = await WIKI.models.users.afterLoginChecks(user, context, {
+              skipTFA: !strInfo.useForm,
+              skipChangePwd: !strInfo.useForm
+            })
            resolve(resp)
          } catch (err) {
            reject(err)

--- a/server/modules/authentication/auth0/authentication.js
+++ b/server/modules/authentication/auth0/authentication.js
@@ -13,10 +13,14 @@ module.exports = {
        domain: conf.domain,
        clientID: conf.clientId,
        clientSecret: conf.clientSecret,
-        callbackURL: conf.callbackURL
+        callbackURL: conf.callbackURL,
-      }, async (accessToken, refreshToken, extraParams, profile, cb) => {
+        passReqToCallback: true
+      }, async (req, accessToken, refreshToken, extraParams, profile, cb) => {
        try {
-          const user = await WIKI.models.users.processProfile({ profile, providerKey: 'auth0' })
+          const user = await WIKI.models.users.processProfile({
+            providerKey: req.params.strategy,
+            profile
+          })
          cb(null, user)
        } catch (err) {
          cb(err, null)

--- a/server/modules/authentication/azure/authentication.js
+++ b/server/modules/authentication/azure/authentication.js
@@ -18,18 +18,19 @@ module.exports = {
        responseType: 'id_token',
        responseMode: 'form_post',
        scope: ['profile', 'email', 'openid'],
-        allowHttpForRedirectUrl: WIKI.IS_DEBUG
+        allowHttpForRedirectUrl: WIKI.IS_DEBUG,
-      }, async (iss, sub, profile, cb) => {
+        passReqToCallback: true
+      }, async (req, iss, sub, profile, cb) => {
        const usrEmail = _.get(profile, '_json.email', null) || _.get(profile, '_json.preferred_username')
        try {
          const user = await WIKI.models.users.processProfile({
+            providerKey: req.params.strategy,
            profile: {
              id: profile.oid,
              displayName: profile.displayName,
              email: usrEmail,
              picture: ''
-            },
+            }
-            providerKey: 'azure'
          })
          cb(null, user)
        } catch (err) {

--- a/server/modules/authentication/cas/authentication.js
+++ b/server/modules/authentication/cas/authentication.js
@@ -11,14 +11,19 @@ module.exports = {
    passport.use('cas',
      new CASStrategy({
        ssoBaseURL: conf.ssoBaseURL,
-        serverBaseURL: conf.serverBaseURL
+        serverBaseURL: conf.serverBaseURL,
-      }, (profile, cb) => {
+        passReqToCallback: true
-        WIKI.models.users.processProfile(profile).then((user) => {
+      }, async (req, profile, cb) => {
-          return cb(null, user) || true
+        try {
-        }).catch((err) => {
+          const user = await WIKI.models.users.processProfile({
-          return cb(err, null) || true
+            providerKey: req.params.strategy,
-        })
+            profile
-      }
+          })
-      ))
+          cb(null, user)
+        } catch (err) {
+          cb(err, null)
+        }
+      })
+    )
  }
 }
--- a/server/modules/authentication/discord/authentication.js
+++ b/server/modules/authentication/discord/authentication.js
@@ -15,19 +15,20 @@ module.exports = {
        clientSecret: conf.clientSecret,
        authorizationURL: 'https://discord.com/api/oauth2/authorize?prompt=none',
        callbackURL: conf.callbackURL,
-        scope: 'identify email guilds'
+        scope: 'identify email guilds',
-      }, async (accessToken, refreshToken, profile, cb) => {
+        passReqToCallback: true
+      }, async (req, accessToken, refreshToken, profile, cb) => {
        try {
-		      if (conf.guildId && !_.some(profile.guilds, { id: conf.guildId })) {
+          if (conf.guildId && !_.some(profile.guilds, { id: conf.guildId })) {
            throw new WIKI.Error.AuthLoginFailed()
          }
          const user = await WIKI.models.users.processProfile({
+            providerKey: req.params.strategy,
            profile: {
              ...profile,
              displayName: profile.username,
              picture: `https://cdn.discordapp.com/avatars/${profile.id}/${profile.avatar}.png`
-            },
+            }
-            providerKey: 'discord'
          })
          cb(null, user)
        } catch (err) {

--- a/server/modules/authentication/dropbox/authentication.js
+++ b/server/modules/authentication/dropbox/authentication.js
@@ -14,15 +14,16 @@ module.exports = {
        apiVersion: '2',
        clientID: conf.clientId,
        clientSecret: conf.clientSecret,
-        callbackURL: conf.callbackURL
+        callbackURL: conf.callbackURL,
-      }, async (accessToken, refreshToken, profile, cb) => {
+        passReqToCallback: true
+      }, async (req, accessToken, refreshToken, profile, cb) => {
        try {
          const user = await WIKI.models.users.processProfile({
+            providerKey: req.params.strategy,
            profile: {
              ...profile,
              picture: _.get(profile, '_json.profile_photo_url', '')
-            },
+            }
-            providerKey: 'dropbox'
          })
          cb(null, user)
        } catch (err) {

--- a/server/modules/authentication/facebook/authentication.js
+++ b/server/modules/authentication/facebook/authentication.js
@@ -15,15 +15,16 @@ module.exports = {
        clientSecret: conf.clientSecret,
        callbackURL: conf.callbackURL,
        profileFields: ['id', 'displayName', 'email', 'photos'],
-        authType: 'reauthenticate'
+        authType: 'reauthenticate',
-      }, async (accessToken, refreshToken, profile, cb) => {
+        passReqToCallback: true
+      }, async (req, accessToken, refreshToken, profile, cb) => {
        try {
          const user = await WIKI.models.users.processProfile({
+            providerKey: req.params.strategy,
            profile: {
              ...profile,
              picture: _.get(profile, 'photos[0].value', '')
-            },
+            }
-            providerKey: 'facebook'
          })
          cb(null, user)
        } catch (err) {

--- a/server/modules/authentication/firebase/authentication.js
+++ b/server/modules/authentication/firebase/authentication.js
 /* global WIKI */
 // ------------------------------------
-// GitHub Account
+// Firebase Account
 // ------------------------------------
-const GitHubStrategy = require('passport-github2').Strategy
+// INCOMPLETE / TODO
+const FirebaseStrategy = require('passport-github2').Strategy
 const _ = require('lodash')
 module.exports = {
  init (passport, conf) {
-    passport.use('github',
+    passport.use('firebase',
-      new GitHubStrategy({
+      new FirebaseStrategy({
        clientID: conf.clientId,
        clientSecret: conf.clientSecret,
        callbackURL: conf.callbackURL,
        scope: ['user:email']
-      }, async (accessToken, refreshToken, profile, cb) => {
+      }, async (req, accessToken, refreshToken, profile, cb) => {
        try {
          const user = await WIKI.models.users.processProfile({
+            providerKey: req.params.strategy,
            profile: {
              ...profile,
              picture: _.get(profile, 'photos[0].value', '')
-            },
+            }
-            providerKey: 'github'
          })
          cb(null, user)
        } catch (err) {

--- a/server/modules/authentication/github/authentication.js
+++ b/server/modules/authentication/github/authentication.js
@@ -13,7 +13,8 @@ module.exports = {
      clientID: conf.clientId,
      clientSecret: conf.clientSecret,
      callbackURL: conf.callbackURL,
-      scope: ['user:email']
+      scope: ['user:email'],
+      passReqToCallback: true
    }
    if (conf.useEnterprise) {
@@ -24,14 +25,14 @@ module.exports = {
    }
    passport.use('github',
-      new GitHubStrategy(githubConfig, async (accessToken, refreshToken, profile, cb) => {
+      new GitHubStrategy(githubConfig, async (req, accessToken, refreshToken, profile, cb) => {
        try {
          const user = await WIKI.models.users.processProfile({
+            providerKey: req.params.strategy,
            profile: {
              ...profile,
              picture: _.get(profile, 'photos[0].value', '')
-            },
+            }
-            providerKey: 'github'
          })
          cb(null, user)
        } catch (err) {

--- a/server/modules/authentication/gitlab/authentication.js
+++ b/server/modules/authentication/gitlab/authentication.js
@@ -15,15 +15,16 @@ module.exports = {
        clientSecret: conf.clientSecret,
        callbackURL: conf.callbackURL,
        baseURL: conf.baseUrl,
-        scope: ['read_user']
+        scope: ['read_user'],
-      }, async (accessToken, refreshToken, profile, cb) => {
+        passReqToCallback: true
+      }, async (req, accessToken, refreshToken, profile, cb) => {
        try {
          const user = await WIKI.models.users.processProfile({
+            providerKey: req.params.strategy,
            profile: {
              ...profile,
              picture: _.get(profile, 'avatarUrl', '')
-            },
+            }
-            providerKey: 'gitlab'
          })
          cb(null, user)
        } catch (err) {

--- a/server/modules/authentication/google/authentication.js
+++ b/server/modules/authentication/google/authentication.js
@@ -13,15 +13,16 @@ module.exports = {
      new GoogleStrategy({
        clientID: conf.clientId,
        clientSecret: conf.clientSecret,
-        callbackURL: conf.callbackURL
+        callbackURL: conf.callbackURL,
-      }, async (accessToken, refreshToken, profile, cb) => {
+        passReqToCallback: true
+      }, async (req, accessToken, refreshToken, profile, cb) => {
        try {
          const user = await WIKI.models.users.processProfile({
+            providerKey: req.params.strategy,
            profile: {
              ...profile,
              picture: _.get(profile, 'photos[0].value', '')
-            },
+            }
-            providerKey: 'google'
          })
          cb(null, user)
        } catch (err) {

--- a/server/modules/authentication/keycloak/authentication.js
+++ b/server/modules/authentication/keycloak/authentication.js
@@ -12,28 +12,29 @@ module.exports = {
  init (passport, conf) {
    passport.use('keycloak',
      new KeycloakStrategy({
-	      authorizationURL: conf.authorizationURL,
+        authorizationURL: conf.authorizationURL,
-	      userInfoURL: conf.userInfoURL,
+        userInfoURL: conf.userInfoURL,
        tokenURL: conf.tokenURL,
-	      host: conf.host,
+        host: conf.host,
        realm: conf.realm,
        clientID: conf.clientId,
        clientSecret: conf.clientSecret,
-        callbackURL: conf.callbackURL
+        callbackURL: conf.callbackURL,
-      }, async (accessToken, refreshToken, profile, cb) => {
+        passReqToCallback: true
+      }, async (req, accessToken, refreshToken, profile, cb) => {
        let displayName = profile.username
        if (_.isString(profile.fullName) && profile.fullName.length > 0) {
          displayName = profile.fullName
        }
        try {
          const user = await WIKI.models.users.processProfile({
+            providerKey: req.params.strategy,
            profile: {
              id: profile.keycloakId,
              email: profile.email,
              name: displayName,
              picture: ''
-            },
+            }
-            providerKey: 'keycloak'
          })
          cb(null, user)
        } catch (err) {

--- a/server/modules/authentication/ldap/authentication.js
+++ b/server/modules/authentication/ldap/authentication.js
@@ -28,7 +28,7 @@ module.exports = {
        usernameField: 'email',
        passwordField: 'password',
        passReqToCallback: false
-      }, async (profile, cb) => {
+      }, async (req, profile, cb) => {
        try {
          const userId = _.get(profile, conf.mappingUID, null)
          if (!userId) {
@@ -36,13 +36,13 @@ module.exports = {
          }
          const user = await WIKI.models.users.processProfile({
+            providerKey: req.params.strategy,
            profile: {
              id: userId,
              email: String(_.get(profile, conf.mappingEmail, '')).split(',')[0],
              displayName: _.get(profile, conf.mappingDisplayName, '???'),
              picture: _.get(profile, conf.mappingPicture, '')
-            },
+            }
-            providerKey: 'ldap'
          })
          cb(null, user)
        } catch (err) {

--- a/server/modules/authentication/microsoft/authentication.js
+++ b/server/modules/authentication/microsoft/authentication.js
@@ -14,16 +14,16 @@ module.exports = {
        clientID: conf.clientId,
        clientSecret: conf.clientSecret,
        callbackURL: conf.callbackURL,
-        scope: ['User.Read', 'email', 'openid', 'profile']
+        scope: ['User.Read', 'email', 'openid', 'profile'],
-      }, async (accessToken, refreshToken, profile, cb) => {
+        passReqToCallback: true
-        console.info(profile)
+      }, async (req, accessToken, refreshToken, profile, cb) => {
        try {
          const user = await WIKI.models.users.processProfile({
+            providerKey: req.params.strategy,
            profile: {
              ...profile,
              picture: _.get(profile, 'photos[0].value', '')
-            },
+            }
-            providerKey: 'microsoft'
          })
          cb(null, user)
        } catch (err) {

--- a/server/modules/authentication/oauth2/authentication.js
+++ b/server/modules/authentication/oauth2/authentication.js
@@ -14,13 +14,18 @@ module.exports = {
        tokenURL: conf.tokenURL,
        clientID: conf.clientId,
        clientSecret: conf.clientSecret,
-        callbackURL: conf.callbackURL
+        callbackURL: conf.callbackURL,
-      }, (accessToken, refreshToken, profile, cb) => {
+        passReqToCallback: true
-        WIKI.models.users.processProfile(profile).then((user) => {
+      }, async (req, accessToken, refreshToken, profile, cb) => {
-          return cb(null, user) || true
+        try {
-        }).catch((err) => {
+          const user = await WIKI.models.users.processProfile({
-          return cb(err, null) || true
+            providerKey: req.params.strategy,
-        })
+            profile
+          })
+          cb(null, user)
+        } catch (err) {
+          cb(err, null)
+        }
      })
    )
  }

--- a/server/modules/authentication/oidc/authentication.js
+++ b/server/modules/authentication/oidc/authentication.js
@@ -18,18 +18,19 @@ module.exports = {
        clientSecret: conf.clientSecret,
        issuer: conf.issuer,
        userInfoURL: conf.userInfoURL,
-        callbackURL: conf.callbackURL
+        callbackURL: conf.callbackURL,
-      }, async (iss, sub, profile, cb) => {
+        passReqToCallback: true
+      }, async (req, iss, sub, profile, cb) => {
        try {
          const user = await WIKI.models.users.processProfile({
+            providerKey: req.params.strategy,
            profile: {
              ...profile,
              email: _.get(profile, '_json.' + conf.emailClaim)
-            },
+            }
-            providerKey: 'oidc'
          })
          cb(null, user)
-        } catch(err) {
+        } catch (err) {
          cb(err, null)
        }
      })

--- a/server/modules/authentication/okta/authentication.js
+++ b/server/modules/authentication/okta/authentication.js
@@ -16,15 +16,16 @@ module.exports = {
        clientSecret: conf.clientSecret,
        idp: conf.idp,
        callbackURL: conf.callbackURL,
-        response_type: 'code'
+        response_type: 'code',
-      }, async (accessToken, refreshToken, profile, cb) => {
+        passReqToCallback: true
+      }, async (req, accessToken, refreshToken, profile, cb) => {
        try {
          const user = await WIKI.models.users.processProfile({
+            providerKey: req.params.strategy,
            profile: {
              ...profile,
              picture: _.get(profile, '_json.profile', '')
-            },
+            }
-            providerKey: 'okta'
          })
          cb(null, user)
        } catch (err) {

--- a/server/modules/authentication/saml/authentication.js
+++ b/server/modules/authentication/saml/authentication.js
@@ -22,7 +22,8 @@ module.exports = {
      forceAuthn: conf.forceAuthn,
      providerName: conf.providerName,
      skipRequestCompression: conf.skipRequestCompression,
-      authnRequestBinding: conf.authnRequestBinding
+      authnRequestBinding: conf.authnRequestBinding,
+      passReqToCallback: true
    }
    if (!_.isEmpty(conf.audience)) {
      samlConfig.audience = conf.audience
@@ -37,7 +38,7 @@ module.exports = {
      samlConfig.decryptionPvk = conf.decryptionPvk
    }
    passport.use('saml',
-      new SAMLStrategy(samlConfig, async (profile, cb) => {
+      new SAMLStrategy(samlConfig, async (req, profile, cb) => {
        try {
          const userId = _.get(profile, [conf.mappingUID], null) || _.get(profile, 'nameID', null)
          if (!userId) {
@@ -45,13 +46,13 @@ module.exports = {
          }
          const user = await WIKI.models.users.processProfile({
+            providerKey: req.params.strategy,
            profile: {
              id: userId,
              email: _.get(profile, conf.mappingEmail, ''),
              displayName: _.get(profile, conf.mappingDisplayName, '???'),
              picture: _.get(profile, conf.mappingPicture, '')
-            },
+            }
-            providerKey: 'saml'
          })
          cb(null, user)
        } catch (err) {

--- a/server/modules/authentication/slack/authentication.js
+++ b/server/modules/authentication/slack/authentication.js
@@ -14,15 +14,16 @@ module.exports = {
        clientID: conf.clientId,
        clientSecret: conf.clientSecret,
        callbackURL: conf.callbackURL,
-        team: conf.team
+        team: conf.team,
-      }, async (accessToken, scopes, team, extra, { user: userProfile }, cb) => {
+        passReqToCallback: true
+      }, async (req, accessToken, scopes, team, extra, { user: userProfile }, cb) => {
        try {
          const user = await WIKI.models.users.processProfile({
+            providerKey: req.params.strategy,
            profile: {
              ...userProfile,
              picture: _.get(userProfile, 'image_48', '')
-            },
+            }
-            providerKey: 'slack'
          })
          cb(null, user)
        } catch (err) {

--- a/server/modules/authentication/twitch/authentication.js
+++ b/server/modules/authentication/twitch/authentication.js
@@ -13,15 +13,16 @@ module.exports = {
      new TwitchStrategy({
        clientID: conf.clientId,
        clientSecret: conf.clientSecret,
-        callbackURL: conf.callbackURL
+        callbackURL: conf.callbackURL,
-      }, async (accessToken, refreshToken, profile, cb) => {
+        passReqToCallback: true
+      }, async (req, accessToken, refreshToken, profile, cb) => {
        try {
          const user = await WIKI.models.users.processProfile({
+            providerKey: req.params.strategy,
            profile: {
              ...profile,
              picture: _.get(profile, 'avatar', '')
-            },
+            }
-            providerKey: 'twitch'
          })
          cb(null, user)
        } catch (err) {