wikijs-fork/server/modules/authentication/oidc/authentication.js

58 lines
1.6 KiB
JavaScript
Raw Normal View History

2018-08-04 21:27:55 +00:00
const _ = require('lodash')
/* global WIKI */
// ------------------------------------
// OpenID Connect Account
// ------------------------------------
const OpenIDConnectStrategy = require('passport-openidconnect').Strategy
module.exports = {
init (passport, conf) {
passport.use(conf.key,
2018-08-04 21:27:55 +00:00
new OpenIDConnectStrategy({
authorizationURL: conf.authorizationURL,
tokenURL: conf.tokenURL,
clientID: conf.clientId,
clientSecret: conf.clientSecret,
issuer: conf.issuer,
userInfoURL: conf.userInfoURL,
callbackURL: conf.callbackURL,
passReqToCallback: true
}, async (req, iss, sub, profile, cb) => {
try {
const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: {
...profile,
email: _.get(profile, '_json.' + conf.emailClaim)
}
})
if (conf.mapGroups) {
const groups = _.get(profile, '_json.' + conf.groupsClaim)
if (groups) {
const groupIDs = Object.values(WIKI.auth.groups)
.filter(g => groups.includes(g.name))
.map(g => g.id)
for (let groupID of groupIDs) {
await user.$relatedQuery('groups').relate(groupID)
}
}
}
cb(null, user)
} catch (err) {
cb(err, null)
}
2018-08-04 21:27:55 +00:00
})
)
},
logout (conf) {
if (!conf.logoutURL) {
return '/'
} else {
return conf.logoutURL
}
2018-08-04 21:27:55 +00:00
}
}