added req in getUserInfo, add warning should jwt user is not as expected

Author: WilsonLe

examples/google.ts

@@ -23,7 +23,7 @@ export const googleOAuth = OAuth2Plugin({
     "https://www.googleapis.com/auth/userinfo.profile",
   ],
   providerAuthorizationUrl: "https://accounts.google.com/o/oauth2/v2/auth",
-  getUserInfo: async (accessToken: string) => {
+  getUserInfo: async (accessToken: string, req: PayloadRequest) => {
     const response = await fetch(
       "https://www.googleapis.com/oauth2/v3/userinfo",
       { headers: { Authorization: `Bearer ${accessToken}` } },

examples/zitadel.ts

@@ -28,7 +28,7 @@ export const zitadelOAuth = OAuth2Plugin({
     "urn:zitadel:iam:user:metadata",
   ],
   providerAuthorizationUrl: process.env.ZITADEL_AUTHORIZATION_URL || "",
-  getUserInfo: async (accessToken: string) => {
+  getUserInfo: async (accessToken: string, req: PayloadRequest) => {
     const response = await fetch(process.env.ZITADEL_USERINFO_ENDPOINT || "", {
       headers: { Authorization: `Bearer ${accessToken}` },
     });

src/auth-strategy.ts

@@ -51,7 +51,12 @@ export const createAuthStrategy = (
       let user: User | null = null;
 
       if (pluginOptions.useEmailAsIdentity) {
-        if (typeof jwtUser.email !== "string") return { user: null };
+        if (typeof jwtUser.email !== "string") {
+          payload.logger.warn(
+            "Using email as identity but no email is found in jwt token",
+          );
+          return { user: null };
+        }
         const usersQuery = await payload.find({
           collection: userCollection,
           where: { email: { equals: jwtUser.email } },
@@ -67,7 +72,12 @@ export const createAuthStrategy = (
           user = usersQuery.docs[0] as unknown as User;
         }
       } else {
-        if (typeof jwtUser[subFieldName] !== "string") return { user: null };
+        if (typeof jwtUser[subFieldName] !== "string") {
+          payload.logger.warn(
+            `No ${subFieldName} found in jwt token. Make sure the jwt token contains the ${subFieldName} field`,
+          );
+          return { user: null };
+        }
         const usersQuery = await payload.find({
           collection: userCollection,
           where: { [subFieldName]: { equals: jwtUser[subFieldName] } },

src/types.ts

@@ -70,8 +70,9 @@ export interface PluginTypes {
    * This function should return a promise that resolves to the user
    * information that will be stored in database.
    * @param accessToken Access token obtained from OAuth provider
+   * @param req PayloadRequest object
    */
-  getUserInfo: (accessToken: string) => Promise<any> | any;
+  getUserInfo: (accessToken: string, req: PayloadRequest) => Promise<any> | any;
 
   /**
    * Scope for the OAuth provider.
@@ -118,16 +119,21 @@ export interface PluginTypes {
    * tokenEndpoint, clientId, clientSecret, redirectUri, code.
    *
    * Reference: `defaultGetToken` in `src/default-get-token.ts`
+   * @param code Code obtained from the OAuth provider, used to exchange for access token
+   * @param req PayloadRequest object
    */
   getToken?: (code: string, req: PayloadRequest) => string | Promise<string>;
 
   /**
    * Redirect users after successful login.
+   * @param req PayloadRequest object
    */
   successRedirect: (req: PayloadRequest) => string | Promise<string>;
 
   /**
    * Redirect users after failed login.
+   * @param req PayloadRequest object
+   * @param error Error object
    */
   failureRedirect: (
     req: PayloadRequest,