New applications state feature: req.authInfo isn't available in error handler

[plashenkov]

Hi! I'm trying to read the application state in an error handler. It works fine inside a success handler, but inside the error handler req.authInfo is empty. But we may need the state there too to fully handle failure situations on a par with success situation.

Example code:

// Let's suppose our frontend app generates a token and passes it to OAuth flow.
// After either success or failure the app wants to get it back and compare with
// the initial value to check the final callback is legitimate and initiated by the app itself.

app.get(
  '/api/#/facebook',

  function (req, res, next) {
    const options = {
      state: {
        token: req.query.token
      }
    }
    passport.authenticate('facebook', options)(req, res, next)
  }
)

app.get(
  '/api/#/facebook/callback',

  passport.authenticate('facebook', {failWithError: true})

  function (req, res) {
    const params = {
      result: 'success',
      token: req.authInfo.state.token,
    }
    res.redirect('/#?' + (new URLSearchParams(params)).toString())
  },

  function (err, req, res, next) {
    const params = {
      result: 'error',
      message: err.message,
      token: req.authInfo.state.token, // <-- the problem
    }
    res.redirect('/#?' + (new URLSearchParams(params)).toString())
  }
)

[plashenkov]

Just checked another way to handle success and failure situations: passsport.authenticate()'s callback. We don't have req.authInfo there either.