liz/wikijs-fork
liz/wikijs-fork
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: social login providers with dynamic instances

Browse Source
This commit is contained in:
NGPixel 2020-08-30 01:36:17 -04:00
parent a7ddafd4aa
commit 32d67adee1
28 changed files with 147 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
client/components/admin/admin-users-edit.vue
View File

@ -125,7 +125,7 @@
v-icon mdi-domain v-icon mdi-domain
v-list-item-content v-list-item-content
v-list-item-title {{$t('admin:users.authProvider')}} v-list-item-title {{$t('admin:users.authProvider')}}
v-list-item-subtitle {{ user.providerKey }} v-list-item-subtitle {{ user.providerName }} #[em.caption ({{ user.providerKey }})]
//- v-list-item-action //- v-list-item-action
//- v-img(src='https://static.requarks.io/logo/wikijs.svg', alt='', contain, max-height='32', position='center right') //- v-img(src='https://static.requarks.io/logo/wikijs.svg', alt='', contain, max-height='32', position='center right')
template(v-if='user.providerKey === `local`') template(v-if='user.providerKey === `local`')
@ -953,6 +953,7 @@ export default {
name name
email email
providerKey providerKey
providerName
providerId providerId
location location
jobTitle jobTitle

5
client/components/admin/admin-users.vue
View File

@ -57,7 +57,7 @@
td {{ props.item.id }} td {{ props.item.id }}
td: strong {{ props.item.name }} td: strong {{ props.item.name }}
td {{ props.item.email }} td {{ props.item.email }}
td {{ props.item.providerKey }} td {{ getStrategyName(props.item.providerKey) }}
td {{ props.item.createdAt | moment('from') }} td {{ props.item.createdAt | moment('from') }}
td td
span(v-if='props.item.lastLoginAt') {{ props.item.lastLoginAt | moment('from') }} span(v-if='props.item.lastLoginAt') {{ props.item.lastLoginAt | moment('from') }}
@ -131,6 +131,9 @@ export default {
icon: 'cached' icon: 'cached'
}) })
} }
},
getStrategyName(key) {
return (_.find(this.strategies, ['key', key]) || {}).displayName || key
} }
}, },
apollo: { apollo: {

2
client/components/profile/profile.vue
View File

@ -161,7 +161,7 @@
autocomplete='off' autocomplete='off'
hide-details hide-details
) )
v-card-chin v-card-chin(v-if='user.providerKey === `local`')
v-spacer v-spacer
v-btn.px-4(color='purple darken-4', dark, depressed, @click='changePassword', :loading='changePassLoading') v-btn.px-4(color='purple darken-4', dark, depressed, @click='changePassword', :loading='changePassLoading')
v-icon(left) mdi-progress-check v-icon(left) mdi-progress-check

4
dev/build-arm/Dockerfile
View File

@ -1,7 +1,7 @@
# ========================= # =========================
# --- BUILD NPM MODULES --- # --- BUILD NPM MODULES ---
# ========================= # =========================
FROM node:12-alpine AS build FROM node:14-alpine AS build
RUN apk add yarn g++ make python --no-cache RUN apk add yarn g++ make python --no-cache
@ -14,7 +14,7 @@ RUN yarn --production --frozen-lockfile --non-interactive --network-timeout 1000
# =============== # ===============
# --- Release --- # --- Release ---
# =============== # ===============
FROM node:12-alpine FROM node:14-alpine
LABEL maintainer="requarks.io" LABEL maintainer="requarks.io"
RUN apk add bash curl git openssh gnupg sqlite --no-cache && \ RUN apk add bash curl git openssh gnupg sqlite --no-cache && \

6
dev/build/Dockerfile
View File

@ -1,7 +1,7 @@
# ==================== # ====================
# --- Build Assets --- # --- Build Assets ---
# ==================== # ====================
FROM node:12-alpine AS assets FROM node:14-alpine AS assets
RUN apk add yarn g++ make python --no-cache RUN apk add yarn g++ make python --no-cache
@ -23,10 +23,10 @@ RUN yarn --production --frozen-lockfile --non-interactive
# =============== # ===============
# --- Release --- # --- Release ---
# =============== # ===============
FROM node:12-alpine FROM node:14-alpine
LABEL maintainer="requarks.io" LABEL maintainer="requarks.io"
RUN apk add bash curl git openssh gnupg sqlite --no-cache && \ RUN apk add bash curl git openssh gnupg sqlite pandoc --no-cache && \
mkdir -p /wiki && \ mkdir -p /wiki && \
mkdir -p /logs && \ mkdir -p /logs && \
mkdir -p /wiki/data/content && \ mkdir -p /wiki/data/content && \

4
dev/containers/Dockerfile
View File

@ -1,11 +1,11 @@
# -- DEV DOCKERFILE -- # -- DEV DOCKERFILE --
# -- DO NOT USE IN PRODUCTION! -- # -- DO NOT USE IN PRODUCTION! --
FROM node:12 FROM node:14
LABEL maintainer "requarks.io" LABEL maintainer "requarks.io"
RUN apt-get update && \ RUN apt-get update && \
apt-get install -y bash curl git python make g++ nano openssh-server gnupg && \ apt-get install -y bash curl git python make g++ nano openssh-server gnupg pandoc && \
mkdir -p /wiki mkdir -p /wiki
WORKDIR /wiki WORKDIR /wiki

6
server/graph/resolvers/user.js
View File

@ -23,9 +23,11 @@ module.exports = {
.select('id', 'email', 'name', 'providerKey', 'createdAt') .select('id', 'email', 'name', 'providerKey', 'createdAt')
}, },
async single(obj, args, context, info) { async single(obj, args, context, info) {
console.info(WIKI.auth.strategies)
let usr = await WIKI.models.users.query().findById(args.id) let usr = await WIKI.models.users.query().findById(args.id)
usr.password = '' usr.password = ''
usr.tfaSecret = '' usr.tfaSecret = ''
usr.providerName = _.get(WIKI.auth.strategies, usr.providerKey).displayName
return usr return usr
}, },
async profile (obj, args, context, info) { async profile (obj, args, context, info) {
@ -37,9 +39,9 @@ module.exports = {
throw new WIKI.Error.AuthAccountBanned() throw new WIKI.Error.AuthAccountBanned()
} }
const providerInfo = _.find(WIKI.data.authentication, ['key', usr.providerKey]) const providerInfo = _.get(WIKI.auth.strategies, usr.providerKey, {})
usr.providerName = _.get(providerInfo, 'title', 'Unknown') usr.providerName = providerInfo.displayName || 'Unknown'
usr.lastLoginAt = usr.lastLoginAt || usr.updatedAt usr.lastLoginAt = usr.lastLoginAt || usr.updatedAt
usr.password = '' usr.password = ''
usr.providerId = '' usr.providerId = ''

1
server/graph/schemas/user.graphql
View File

@ -128,6 +128,7 @@ type User {
name: String! name: String!
email: String! email: String!
providerKey: String! providerKey: String!
providerName: String
providerId: String providerId: String
isSystem: Boolean! isSystem: Boolean!
isActive: Boolean! isActive: Boolean!

12
server/models/users.js
View File

@ -163,7 +163,7 @@ module.exports = class User extends Model {
static async processProfile({ profile, providerKey }) { static async processProfile({ profile, providerKey }) {
const provider = _.get(WIKI.auth.strategies, providerKey, {}) const provider = _.get(WIKI.auth.strategies, providerKey, {})
provider.info = _.find(WIKI.data.authentication, ['key', providerKey]) provider.info = _.find(WIKI.data.authentication, ['key', provider.stategyKey])
// Find existing user // Find existing user
let user = await WIKI.models.users.query().findOne({ let user = await WIKI.models.users.query().findOne({
@ -273,7 +273,8 @@ module.exports = class User extends Model {
static async login (opts, context) { static async login (opts, context) {
if (_.has(WIKI.auth.strategies, opts.strategy)) { if (_.has(WIKI.auth.strategies, opts.strategy)) {
const strInfo = _.find(WIKI.data.authentication, ['key', opts.strategy]) const selStrategy = _.get(WIKI.auth.strategies, opts.strategy)
const strInfo = _.find(WIKI.data.authentication, ['key', selStrategy.strategyKey])
// Inject form user/pass // Inject form user/pass
if (strInfo.useForm) { if (strInfo.useForm) {
@ -283,7 +284,7 @@ module.exports = class User extends Model {
// Authenticate // Authenticate
return new Promise((resolve, reject) => { return new Promise((resolve, reject) => {
WIKI.auth.passport.authenticate(opts.strategy, { WIKI.auth.passport.authenticate(selStrategy.strategyKey, {
session: !strInfo.useForm, session: !strInfo.useForm,
scope: strInfo.scopes ? strInfo.scopes : null scope: strInfo.scopes ? strInfo.scopes : null
}, async (err, user, info) => { }, async (err, user, info) => {
@ -291,7 +292,10 @@ module.exports = class User extends Model {
if (!user) { return reject(new WIKI.Error.AuthLoginFailed()) } if (!user) { return reject(new WIKI.Error.AuthLoginFailed()) }
try { try {
const resp = await WIKI.models.users.afterLoginChecks(user, context) const resp = await WIKI.models.users.afterLoginChecks(user, context, {
skipTFA: !strInfo.useForm,
skipChangePwd: !strInfo.useForm
})
resolve(resp) resolve(resp)
} catch (err) { } catch (err) {
reject(err) reject(err)

10
server/modules/authentication/auth0/authentication.js
View File

@ -13,10 +13,14 @@ module.exports = {
domain: conf.domain, domain: conf.domain,
clientID: conf.clientId, clientID: conf.clientId,
clientSecret: conf.clientSecret, clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL callbackURL: conf.callbackURL,
}, async (accessToken, refreshToken, extraParams, profile, cb) => { passReqToCallback: true
}, async (req, accessToken, refreshToken, extraParams, profile, cb) => {
try { try {
const user = await WIKI.models.users.processProfile({ profile, providerKey: 'auth0' }) const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile
})
cb(null, user) cb(null, user)
} catch (err) { } catch (err) {
cb(err, null) cb(err, null)

9
server/modules/authentication/azure/authentication.js
View File

@ -18,18 +18,19 @@ module.exports = {
responseType: 'id_token', responseType: 'id_token',
responseMode: 'form_post', responseMode: 'form_post',
scope: ['profile', 'email', 'openid'], scope: ['profile', 'email', 'openid'],
allowHttpForRedirectUrl: WIKI.IS_DEBUG allowHttpForRedirectUrl: WIKI.IS_DEBUG,
}, async (iss, sub, profile, cb) => { passReqToCallback: true
}, async (req, iss, sub, profile, cb) => {
const usrEmail = _.get(profile, '_json.email', null) || _.get(profile, '_json.preferred_username') const usrEmail = _.get(profile, '_json.email', null) || _.get(profile, '_json.preferred_username')
try { try {
const user = await WIKI.models.users.processProfile({ const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: { profile: {
id: profile.oid, id: profile.oid,
displayName: profile.displayName, displayName: profile.displayName,
email: usrEmail, email: usrEmail,
picture: '' picture: ''
}, }
providerKey: 'azure'
}) })
cb(null, user) cb(null, user)
} catch (err) { } catch (err) {

19
server/modules/authentication/cas/authentication.js
View File

@ -11,14 +11,19 @@ module.exports = {
passport.use('cas', passport.use('cas',
new CASStrategy({ new CASStrategy({
ssoBaseURL: conf.ssoBaseURL, ssoBaseURL: conf.ssoBaseURL,
serverBaseURL: conf.serverBaseURL serverBaseURL: conf.serverBaseURL,
}, (profile, cb) => { passReqToCallback: true
WIKI.models.users.processProfile(profile).then((user) => { }, async (req, profile, cb) => {
return cb(null, user) || true try {
}).catch((err) => { const user = await WIKI.models.users.processProfile({
return cb(err, null) || true providerKey: req.params.strategy,
profile
}) })
cb(null, user)
} catch (err) {
cb(err, null)
} }
)) })
)
} }
} }

9
server/modules/authentication/discord/authentication.js
View File

@ -15,19 +15,20 @@ module.exports = {
clientSecret: conf.clientSecret, clientSecret: conf.clientSecret,
authorizationURL: 'https://discord.com/api/oauth2/authorize?prompt=none', authorizationURL: 'https://discord.com/api/oauth2/authorize?prompt=none',
callbackURL: conf.callbackURL, callbackURL: conf.callbackURL,
scope: 'identify email guilds' scope: 'identify email guilds',
}, async (accessToken, refreshToken, profile, cb) => { passReqToCallback: true
}, async (req, accessToken, refreshToken, profile, cb) => {
try { try {
if (conf.guildId && !_.some(profile.guilds, { id: conf.guildId })) { if (conf.guildId && !_.some(profile.guilds, { id: conf.guildId })) {
throw new WIKI.Error.AuthLoginFailed() throw new WIKI.Error.AuthLoginFailed()
} }
const user = await WIKI.models.users.processProfile({ const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: { profile: {
...profile, ...profile,
displayName: profile.username, displayName: profile.username,
picture: `https://cdn.discordapp.com/avatars/${profile.id}/${profile.avatar}.png` picture: `https://cdn.discordapp.com/avatars/${profile.id}/${profile.avatar}.png`
}, }
providerKey: 'discord'
}) })
cb(null, user) cb(null, user)
} catch (err) { } catch (err) {

9
server/modules/authentication/dropbox/authentication.js
View File

@ -14,15 +14,16 @@ module.exports = {
apiVersion: '2', apiVersion: '2',
clientID: conf.clientId, clientID: conf.clientId,
clientSecret: conf.clientSecret, clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL callbackURL: conf.callbackURL,
}, async (accessToken, refreshToken, profile, cb) => { passReqToCallback: true
}, async (req, accessToken, refreshToken, profile, cb) => {
try { try {
const user = await WIKI.models.users.processProfile({ const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: { profile: {
...profile, ...profile,
picture: _.get(profile, '_json.profile_photo_url', '') picture: _.get(profile, '_json.profile_photo_url', '')
}, }
providerKey: 'dropbox'
}) })
cb(null, user) cb(null, user)
} catch (err) { } catch (err) {

9
server/modules/authentication/facebook/authentication.js
View File

@ -15,15 +15,16 @@ module.exports = {
clientSecret: conf.clientSecret, clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL, callbackURL: conf.callbackURL,
profileFields: ['id', 'displayName', 'email', 'photos'], profileFields: ['id', 'displayName', 'email', 'photos'],
authType: 'reauthenticate' authType: 'reauthenticate',
}, async (accessToken, refreshToken, profile, cb) => { passReqToCallback: true
}, async (req, accessToken, refreshToken, profile, cb) => {
try { try {
const user = await WIKI.models.users.processProfile({ const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: { profile: {
...profile, ...profile,
picture: _.get(profile, 'photos[0].value', '') picture: _.get(profile, 'photos[0].value', '')
}, }
providerKey: 'facebook'
}) })
cb(null, user) cb(null, user)
} catch (err) { } catch (err) {

16
server/modules/authentication/firebase/authentication.js
View File

@ -1,28 +1,30 @@
/* global WIKI */ /* global WIKI */
// ------------------------------------ // ------------------------------------
// GitHub Account // Firebase Account
// ------------------------------------ // ------------------------------------
const GitHubStrategy = require('passport-github2').Strategy // INCOMPLETE / TODO
const FirebaseStrategy = require('passport-github2').Strategy
const _ = require('lodash') const _ = require('lodash')
module.exports = { module.exports = {
init (passport, conf) { init (passport, conf) {
passport.use('github', passport.use('firebase',
new GitHubStrategy({ new FirebaseStrategy({
clientID: conf.clientId, clientID: conf.clientId,
clientSecret: conf.clientSecret, clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL, callbackURL: conf.callbackURL,
scope: ['user:email'] scope: ['user:email']
}, async (accessToken, refreshToken, profile, cb) => { }, async (req, accessToken, refreshToken, profile, cb) => {
try { try {
const user = await WIKI.models.users.processProfile({ const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: { profile: {
...profile, ...profile,
picture: _.get(profile, 'photos[0].value', '') picture: _.get(profile, 'photos[0].value', '')
}, }
providerKey: 'github'
}) })
cb(null, user) cb(null, user)
} catch (err) { } catch (err) {

9
server/modules/authentication/github/authentication.js
View File

@ -13,7 +13,8 @@ module.exports = {
clientID: conf.clientId, clientID: conf.clientId,
clientSecret: conf.clientSecret, clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL, callbackURL: conf.callbackURL,
scope: ['user:email'] scope: ['user:email'],
passReqToCallback: true
} }
if (conf.useEnterprise) { if (conf.useEnterprise) {
@ -24,14 +25,14 @@ module.exports = {
} }
passport.use('github', passport.use('github',
new GitHubStrategy(githubConfig, async (accessToken, refreshToken, profile, cb) => { new GitHubStrategy(githubConfig, async (req, accessToken, refreshToken, profile, cb) => {
try { try {
const user = await WIKI.models.users.processProfile({ const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: { profile: {
...profile, ...profile,
picture: _.get(profile, 'photos[0].value', '') picture: _.get(profile, 'photos[0].value', '')
}, }
providerKey: 'github'
}) })
cb(null, user) cb(null, user)
} catch (err) { } catch (err) {

9
server/modules/authentication/gitlab/authentication.js
View File

@ -15,15 +15,16 @@ module.exports = {
clientSecret: conf.clientSecret, clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL, callbackURL: conf.callbackURL,
baseURL: conf.baseUrl, baseURL: conf.baseUrl,
scope: ['read_user'] scope: ['read_user'],
}, async (accessToken, refreshToken, profile, cb) => { passReqToCallback: true
}, async (req, accessToken, refreshToken, profile, cb) => {
try { try {
const user = await WIKI.models.users.processProfile({ const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: { profile: {
...profile, ...profile,
picture: _.get(profile, 'avatarUrl', '') picture: _.get(profile, 'avatarUrl', '')
}, }
providerKey: 'gitlab'
}) })
cb(null, user) cb(null, user)
} catch (err) { } catch (err) {

9
server/modules/authentication/google/authentication.js
View File

@ -13,15 +13,16 @@ module.exports = {
new GoogleStrategy({ new GoogleStrategy({
clientID: conf.clientId, clientID: conf.clientId,
clientSecret: conf.clientSecret, clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL callbackURL: conf.callbackURL,
}, async (accessToken, refreshToken, profile, cb) => { passReqToCallback: true
}, async (req, accessToken, refreshToken, profile, cb) => {
try { try {
const user = await WIKI.models.users.processProfile({ const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: { profile: {
...profile, ...profile,
picture: _.get(profile, 'photos[0].value', '') picture: _.get(profile, 'photos[0].value', '')
}, }
providerKey: 'google'
}) })
cb(null, user) cb(null, user)
} catch (err) { } catch (err) {

9
server/modules/authentication/keycloak/authentication.js
View File

@ -19,21 +19,22 @@ module.exports = {
realm: conf.realm, realm: conf.realm,
clientID: conf.clientId, clientID: conf.clientId,
clientSecret: conf.clientSecret, clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL callbackURL: conf.callbackURL,
}, async (accessToken, refreshToken, profile, cb) => { passReqToCallback: true
}, async (req, accessToken, refreshToken, profile, cb) => {
let displayName = profile.username let displayName = profile.username
if (_.isString(profile.fullName) && profile.fullName.length > 0) { if (_.isString(profile.fullName) && profile.fullName.length > 0) {
displayName = profile.fullName displayName = profile.fullName
} }
try { try {
const user = await WIKI.models.users.processProfile({ const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: { profile: {
id: profile.keycloakId, id: profile.keycloakId,
email: profile.email, email: profile.email,
name: displayName, name: displayName,
picture: '' picture: ''
}, }
providerKey: 'keycloak'
}) })
cb(null, user) cb(null, user)
} catch (err) { } catch (err) {

6
server/modules/authentication/ldap/authentication.js
View File

@ -28,7 +28,7 @@ module.exports = {
usernameField: 'email', usernameField: 'email',
passwordField: 'password', passwordField: 'password',
passReqToCallback: false passReqToCallback: false
}, async (profile, cb) => { }, async (req, profile, cb) => {
try { try {
const userId = _.get(profile, conf.mappingUID, null) const userId = _.get(profile, conf.mappingUID, null)
if (!userId) { if (!userId) {
@ -36,13 +36,13 @@ module.exports = {
} }
const user = await WIKI.models.users.processProfile({ const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: { profile: {
id: userId, id: userId,
email: String(_.get(profile, conf.mappingEmail, '')).split(',')[0], email: String(_.get(profile, conf.mappingEmail, '')).split(',')[0],
displayName: _.get(profile, conf.mappingDisplayName, '???'), displayName: _.get(profile, conf.mappingDisplayName, '???'),
picture: _.get(profile, conf.mappingPicture, '') picture: _.get(profile, conf.mappingPicture, '')
}, }
providerKey: 'ldap'
}) })
cb(null, user) cb(null, user)
} catch (err) { } catch (err) {

10
server/modules/authentication/microsoft/authentication.js
View File

@ -14,16 +14,16 @@ module.exports = {
clientID: conf.clientId, clientID: conf.clientId,
clientSecret: conf.clientSecret, clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL, callbackURL: conf.callbackURL,
scope: ['User.Read', 'email', 'openid', 'profile'] scope: ['User.Read', 'email', 'openid', 'profile'],
}, async (accessToken, refreshToken, profile, cb) => { passReqToCallback: true
console.info(profile) }, async (req, accessToken, refreshToken, profile, cb) => {
try { try {
const user = await WIKI.models.users.processProfile({ const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: { profile: {
...profile, ...profile,
picture: _.get(profile, 'photos[0].value', '') picture: _.get(profile, 'photos[0].value', '')
}, }
providerKey: 'microsoft'
}) })
cb(null, user) cb(null, user)
} catch (err) { } catch (err) {

17
server/modules/authentication/oauth2/authentication.js
View File

@ -14,13 +14,18 @@ module.exports = {
tokenURL: conf.tokenURL, tokenURL: conf.tokenURL,
clientID: conf.clientId, clientID: conf.clientId,
clientSecret: conf.clientSecret, clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL callbackURL: conf.callbackURL,
}, (accessToken, refreshToken, profile, cb) => { passReqToCallback: true
WIKI.models.users.processProfile(profile).then((user) => { }, async (req, accessToken, refreshToken, profile, cb) => {
return cb(null, user) || true try {
}).catch((err) => { const user = await WIKI.models.users.processProfile({
return cb(err, null) || true providerKey: req.params.strategy,
profile
}) })
cb(null, user)
} catch (err) {
cb(err, null)
}
}) })
) )
} }

11
server/modules/authentication/oidc/authentication.js
View File

@ -18,18 +18,19 @@ module.exports = {
clientSecret: conf.clientSecret, clientSecret: conf.clientSecret,
issuer: conf.issuer, issuer: conf.issuer,
userInfoURL: conf.userInfoURL, userInfoURL: conf.userInfoURL,
callbackURL: conf.callbackURL callbackURL: conf.callbackURL,
}, async (iss, sub, profile, cb) => { passReqToCallback: true
}, async (req, iss, sub, profile, cb) => {
try { try {
const user = await WIKI.models.users.processProfile({ const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: { profile: {
...profile, ...profile,
email: _.get(profile, '_json.' + conf.emailClaim) email: _.get(profile, '_json.' + conf.emailClaim)
}, }
providerKey: 'oidc'
}) })
cb(null, user) cb(null, user)
} catch(err) { } catch (err) {
cb(err, null) cb(err, null)
} }
}) })

9
server/modules/authentication/okta/authentication.js
View File

@ -16,15 +16,16 @@ module.exports = {
clientSecret: conf.clientSecret, clientSecret: conf.clientSecret,
idp: conf.idp, idp: conf.idp,
callbackURL: conf.callbackURL, callbackURL: conf.callbackURL,
response_type: 'code' response_type: 'code',
}, async (accessToken, refreshToken, profile, cb) => { passReqToCallback: true
}, async (req, accessToken, refreshToken, profile, cb) => {
try { try {
const user = await WIKI.models.users.processProfile({ const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: { profile: {
...profile, ...profile,
picture: _.get(profile, '_json.profile', '') picture: _.get(profile, '_json.profile', '')
}, }
providerKey: 'okta'
}) })
cb(null, user) cb(null, user)
} catch (err) { } catch (err) {

9
server/modules/authentication/saml/authentication.js
View File

@ -22,7 +22,8 @@ module.exports = {
forceAuthn: conf.forceAuthn, forceAuthn: conf.forceAuthn,
providerName: conf.providerName, providerName: conf.providerName,
skipRequestCompression: conf.skipRequestCompression, skipRequestCompression: conf.skipRequestCompression,
authnRequestBinding: conf.authnRequestBinding authnRequestBinding: conf.authnRequestBinding,
passReqToCallback: true
} }
if (!_.isEmpty(conf.audience)) { if (!_.isEmpty(conf.audience)) {
samlConfig.audience = conf.audience samlConfig.audience = conf.audience
@ -37,7 +38,7 @@ module.exports = {
samlConfig.decryptionPvk = conf.decryptionPvk samlConfig.decryptionPvk = conf.decryptionPvk
} }
passport.use('saml', passport.use('saml',
new SAMLStrategy(samlConfig, async (profile, cb) => { new SAMLStrategy(samlConfig, async (req, profile, cb) => {
try { try {
const userId = _.get(profile, [conf.mappingUID], null) || _.get(profile, 'nameID', null) const userId = _.get(profile, [conf.mappingUID], null) || _.get(profile, 'nameID', null)
if (!userId) { if (!userId) {
@ -45,13 +46,13 @@ module.exports = {
} }
const user = await WIKI.models.users.processProfile({ const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: { profile: {
id: userId, id: userId,
email: _.get(profile, conf.mappingEmail, ''), email: _.get(profile, conf.mappingEmail, ''),
displayName: _.get(profile, conf.mappingDisplayName, '???'), displayName: _.get(profile, conf.mappingDisplayName, '???'),
picture: _.get(profile, conf.mappingPicture, '') picture: _.get(profile, conf.mappingPicture, '')
}, }
providerKey: 'saml'
}) })
cb(null, user) cb(null, user)
} catch (err) { } catch (err) {

9
server/modules/authentication/slack/authentication.js
View File

@ -14,15 +14,16 @@ module.exports = {
clientID: conf.clientId, clientID: conf.clientId,
clientSecret: conf.clientSecret, clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL, callbackURL: conf.callbackURL,
team: conf.team team: conf.team,
}, async (accessToken, scopes, team, extra, { user: userProfile }, cb) => { passReqToCallback: true
}, async (req, accessToken, scopes, team, extra, { user: userProfile }, cb) => {
try { try {
const user = await WIKI.models.users.processProfile({ const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: { profile: {
...userProfile, ...userProfile,
picture: _.get(userProfile, 'image_48', '') picture: _.get(userProfile, 'image_48', '')
}, }
providerKey: 'slack'
}) })
cb(null, user) cb(null, user)
} catch (err) { } catch (err) {

9
server/modules/authentication/twitch/authentication.js
View File

@ -13,15 +13,16 @@ module.exports = {
new TwitchStrategy({ new TwitchStrategy({
clientID: conf.clientId, clientID: conf.clientId,
clientSecret: conf.clientSecret, clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL callbackURL: conf.callbackURL,
}, async (accessToken, refreshToken, profile, cb) => { passReqToCallback: true
}, async (req, accessToken, refreshToken, profile, cb) => {
try { try {
const user = await WIKI.models.users.processProfile({ const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: { profile: {
...profile, ...profile,
picture: _.get(profile, 'avatar', '') picture: _.get(profile, 'avatar', '')
}, }
providerKey: 'twitch'
}) })
cb(null, user) cb(null, user)
} catch (err) { } catch (err) {