NodeJS Passport-Steam, OpenID Invalid Return URL

Question

I'm currently building a NodeJS back end with multiple OAuth and OpenID services. I have an issue with Passport-Steam that I just cannot figure out a solution.

Here is my Strategy:

var STEAM_KEY = process.env.STEAM_KEY;

// Use the SteamStrategy within Passport.
passport.use(new SteamStrategy({
    apiKey: STEAM_KEY,
    realm: 'https://player.abc/',
    returnURL: "https://player.abc/api/service/callback/steam"
}, function(identifier, profile, done) {
    done(null, profile);
}));

When looking though the return URL and its parameters the server is receiving the correct URL within the "return_to" parameter and the correct endpoint is called. But I'm getting the following error:

GET /api/service/connect/steam 302 1500.518 ms - 0
{ [InternalOpenIDError: Failed to verify assertion]
  name: 'InternalOpenIDError',
  message: 'Failed to verify assertion',
  openidError: { message: 'Invalid return URL' } 
}

I've tried the following:

Changing to HTTP
Changing API Key (Current domain is set to "player.abc" within Steam Dev)
Changing the return URL completely
Reinstalling passport-steam

Any help would be much appreciated

There is an issue with passport-steam. You can find more details here github.com/liamcurry/passport-steam/issues/37 . — robocat

Vlad LifeStyle Vlad LifeStyle · Accepted Answer · 2017-06-08T14:06:48

You forgot to add

profile.identifier = identifier;

passport.use(new SteamStrategy({
    apiKey: STEAM_KEY,
    realm: 'https://player.abc/',
    returnURL: "https://player.abc/api/service/callback/steam"
}, function(identifier, profile, done) {
    profile.identifier = identifier;
    done(null, profile);
}));

NodeJS Passport-Steam, OpenID Invalid Return URL

1 Answers