feat: social login providers with dynamic instances
This commit is contained in:
parent
a7ddafd4aa
commit
32d67adee1
@ -125,7 +125,7 @@
|
||||
v-icon mdi-domain
|
||||
v-list-item-content
|
||||
v-list-item-title {{$t('admin:users.authProvider')}}
|
||||
v-list-item-subtitle {{ user.providerKey }}
|
||||
v-list-item-subtitle {{ user.providerName }} #[em.caption ({{ user.providerKey }})]
|
||||
//- v-list-item-action
|
||||
//- v-img(src='https://static.requarks.io/logo/wikijs.svg', alt='', contain, max-height='32', position='center right')
|
||||
template(v-if='user.providerKey === `local`')
|
||||
@ -953,6 +953,7 @@ export default {
|
||||
name
|
||||
email
|
||||
providerKey
|
||||
providerName
|
||||
providerId
|
||||
location
|
||||
jobTitle
|
||||
|
@ -57,7 +57,7 @@
|
||||
td {{ props.item.id }}
|
||||
td: strong {{ props.item.name }}
|
||||
td {{ props.item.email }}
|
||||
td {{ props.item.providerKey }}
|
||||
td {{ getStrategyName(props.item.providerKey) }}
|
||||
td {{ props.item.createdAt | moment('from') }}
|
||||
td
|
||||
span(v-if='props.item.lastLoginAt') {{ props.item.lastLoginAt | moment('from') }}
|
||||
@ -131,6 +131,9 @@ export default {
|
||||
icon: 'cached'
|
||||
})
|
||||
}
|
||||
},
|
||||
getStrategyName(key) {
|
||||
return (_.find(this.strategies, ['key', key]) || {}).displayName || key
|
||||
}
|
||||
},
|
||||
apollo: {
|
||||
|
@ -161,7 +161,7 @@
|
||||
autocomplete='off'
|
||||
hide-details
|
||||
)
|
||||
v-card-chin
|
||||
v-card-chin(v-if='user.providerKey === `local`')
|
||||
v-spacer
|
||||
v-btn.px-4(color='purple darken-4', dark, depressed, @click='changePassword', :loading='changePassLoading')
|
||||
v-icon(left) mdi-progress-check
|
||||
|
@ -1,7 +1,7 @@
|
||||
# =========================
|
||||
# --- BUILD NPM MODULES ---
|
||||
# =========================
|
||||
FROM node:12-alpine AS build
|
||||
FROM node:14-alpine AS build
|
||||
|
||||
RUN apk add yarn g++ make python --no-cache
|
||||
|
||||
@ -14,7 +14,7 @@ RUN yarn --production --frozen-lockfile --non-interactive --network-timeout 1000
|
||||
# ===============
|
||||
# --- Release ---
|
||||
# ===============
|
||||
FROM node:12-alpine
|
||||
FROM node:14-alpine
|
||||
LABEL maintainer="requarks.io"
|
||||
|
||||
RUN apk add bash curl git openssh gnupg sqlite --no-cache && \
|
||||
|
@ -1,7 +1,7 @@
|
||||
# ====================
|
||||
# --- Build Assets ---
|
||||
# ====================
|
||||
FROM node:12-alpine AS assets
|
||||
FROM node:14-alpine AS assets
|
||||
|
||||
RUN apk add yarn g++ make python --no-cache
|
||||
|
||||
@ -23,10 +23,10 @@ RUN yarn --production --frozen-lockfile --non-interactive
|
||||
# ===============
|
||||
# --- Release ---
|
||||
# ===============
|
||||
FROM node:12-alpine
|
||||
FROM node:14-alpine
|
||||
LABEL maintainer="requarks.io"
|
||||
|
||||
RUN apk add bash curl git openssh gnupg sqlite --no-cache && \
|
||||
RUN apk add bash curl git openssh gnupg sqlite pandoc --no-cache && \
|
||||
mkdir -p /wiki && \
|
||||
mkdir -p /logs && \
|
||||
mkdir -p /wiki/data/content && \
|
||||
|
@ -1,11 +1,11 @@
|
||||
# -- DEV DOCKERFILE --
|
||||
# -- DO NOT USE IN PRODUCTION! --
|
||||
|
||||
FROM node:12
|
||||
FROM node:14
|
||||
LABEL maintainer "requarks.io"
|
||||
|
||||
RUN apt-get update && \
|
||||
apt-get install -y bash curl git python make g++ nano openssh-server gnupg && \
|
||||
apt-get install -y bash curl git python make g++ nano openssh-server gnupg pandoc && \
|
||||
mkdir -p /wiki
|
||||
|
||||
WORKDIR /wiki
|
||||
|
@ -23,9 +23,11 @@ module.exports = {
|
||||
.select('id', 'email', 'name', 'providerKey', 'createdAt')
|
||||
},
|
||||
async single(obj, args, context, info) {
|
||||
console.info(WIKI.auth.strategies)
|
||||
let usr = await WIKI.models.users.query().findById(args.id)
|
||||
usr.password = ''
|
||||
usr.tfaSecret = ''
|
||||
usr.providerName = _.get(WIKI.auth.strategies, usr.providerKey).displayName
|
||||
return usr
|
||||
},
|
||||
async profile (obj, args, context, info) {
|
||||
@ -37,9 +39,9 @@ module.exports = {
|
||||
throw new WIKI.Error.AuthAccountBanned()
|
||||
}
|
||||
|
||||
const providerInfo = _.find(WIKI.data.authentication, ['key', usr.providerKey])
|
||||
const providerInfo = _.get(WIKI.auth.strategies, usr.providerKey, {})
|
||||
|
||||
usr.providerName = _.get(providerInfo, 'title', 'Unknown')
|
||||
usr.providerName = providerInfo.displayName || 'Unknown'
|
||||
usr.lastLoginAt = usr.lastLoginAt || usr.updatedAt
|
||||
usr.password = ''
|
||||
usr.providerId = ''
|
||||
|
@ -128,6 +128,7 @@ type User {
|
||||
name: String!
|
||||
email: String!
|
||||
providerKey: String!
|
||||
providerName: String
|
||||
providerId: String
|
||||
isSystem: Boolean!
|
||||
isActive: Boolean!
|
||||
|
@ -163,7 +163,7 @@ module.exports = class User extends Model {
|
||||
|
||||
static async processProfile({ profile, providerKey }) {
|
||||
const provider = _.get(WIKI.auth.strategies, providerKey, {})
|
||||
provider.info = _.find(WIKI.data.authentication, ['key', providerKey])
|
||||
provider.info = _.find(WIKI.data.authentication, ['key', provider.stategyKey])
|
||||
|
||||
// Find existing user
|
||||
let user = await WIKI.models.users.query().findOne({
|
||||
@ -273,7 +273,8 @@ module.exports = class User extends Model {
|
||||
|
||||
static async login (opts, context) {
|
||||
if (_.has(WIKI.auth.strategies, opts.strategy)) {
|
||||
const strInfo = _.find(WIKI.data.authentication, ['key', opts.strategy])
|
||||
const selStrategy = _.get(WIKI.auth.strategies, opts.strategy)
|
||||
const strInfo = _.find(WIKI.data.authentication, ['key', selStrategy.strategyKey])
|
||||
|
||||
// Inject form user/pass
|
||||
if (strInfo.useForm) {
|
||||
@ -283,7 +284,7 @@ module.exports = class User extends Model {
|
||||
|
||||
// Authenticate
|
||||
return new Promise((resolve, reject) => {
|
||||
WIKI.auth.passport.authenticate(opts.strategy, {
|
||||
WIKI.auth.passport.authenticate(selStrategy.strategyKey, {
|
||||
session: !strInfo.useForm,
|
||||
scope: strInfo.scopes ? strInfo.scopes : null
|
||||
}, async (err, user, info) => {
|
||||
@ -291,7 +292,10 @@ module.exports = class User extends Model {
|
||||
if (!user) { return reject(new WIKI.Error.AuthLoginFailed()) }
|
||||
|
||||
try {
|
||||
const resp = await WIKI.models.users.afterLoginChecks(user, context)
|
||||
const resp = await WIKI.models.users.afterLoginChecks(user, context, {
|
||||
skipTFA: !strInfo.useForm,
|
||||
skipChangePwd: !strInfo.useForm
|
||||
})
|
||||
resolve(resp)
|
||||
} catch (err) {
|
||||
reject(err)
|
||||
|
@ -13,10 +13,14 @@ module.exports = {
|
||||
domain: conf.domain,
|
||||
clientID: conf.clientId,
|
||||
clientSecret: conf.clientSecret,
|
||||
callbackURL: conf.callbackURL
|
||||
}, async (accessToken, refreshToken, extraParams, profile, cb) => {
|
||||
callbackURL: conf.callbackURL,
|
||||
passReqToCallback: true
|
||||
}, async (req, accessToken, refreshToken, extraParams, profile, cb) => {
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({ profile, providerKey: 'auth0' })
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
cb(err, null)
|
||||
|
@ -18,18 +18,19 @@ module.exports = {
|
||||
responseType: 'id_token',
|
||||
responseMode: 'form_post',
|
||||
scope: ['profile', 'email', 'openid'],
|
||||
allowHttpForRedirectUrl: WIKI.IS_DEBUG
|
||||
}, async (iss, sub, profile, cb) => {
|
||||
allowHttpForRedirectUrl: WIKI.IS_DEBUG,
|
||||
passReqToCallback: true
|
||||
}, async (req, iss, sub, profile, cb) => {
|
||||
const usrEmail = _.get(profile, '_json.email', null) || _.get(profile, '_json.preferred_username')
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
id: profile.oid,
|
||||
displayName: profile.displayName,
|
||||
email: usrEmail,
|
||||
picture: ''
|
||||
},
|
||||
providerKey: 'azure'
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
|
@ -11,14 +11,19 @@ module.exports = {
|
||||
passport.use('cas',
|
||||
new CASStrategy({
|
||||
ssoBaseURL: conf.ssoBaseURL,
|
||||
serverBaseURL: conf.serverBaseURL
|
||||
}, (profile, cb) => {
|
||||
WIKI.models.users.processProfile(profile).then((user) => {
|
||||
return cb(null, user) || true
|
||||
}).catch((err) => {
|
||||
return cb(err, null) || true
|
||||
serverBaseURL: conf.serverBaseURL,
|
||||
passReqToCallback: true
|
||||
}, async (req, profile, cb) => {
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
cb(err, null)
|
||||
}
|
||||
))
|
||||
})
|
||||
)
|
||||
}
|
||||
}
|
||||
|
@ -15,19 +15,20 @@ module.exports = {
|
||||
clientSecret: conf.clientSecret,
|
||||
authorizationURL: 'https://discord.com/api/oauth2/authorize?prompt=none',
|
||||
callbackURL: conf.callbackURL,
|
||||
scope: 'identify email guilds'
|
||||
}, async (accessToken, refreshToken, profile, cb) => {
|
||||
scope: 'identify email guilds',
|
||||
passReqToCallback: true
|
||||
}, async (req, accessToken, refreshToken, profile, cb) => {
|
||||
try {
|
||||
if (conf.guildId && !_.some(profile.guilds, { id: conf.guildId })) {
|
||||
throw new WIKI.Error.AuthLoginFailed()
|
||||
}
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
...profile,
|
||||
displayName: profile.username,
|
||||
picture: `https://cdn.discordapp.com/avatars/${profile.id}/${profile.avatar}.png`
|
||||
},
|
||||
providerKey: 'discord'
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
|
@ -14,15 +14,16 @@ module.exports = {
|
||||
apiVersion: '2',
|
||||
clientID: conf.clientId,
|
||||
clientSecret: conf.clientSecret,
|
||||
callbackURL: conf.callbackURL
|
||||
}, async (accessToken, refreshToken, profile, cb) => {
|
||||
callbackURL: conf.callbackURL,
|
||||
passReqToCallback: true
|
||||
}, async (req, accessToken, refreshToken, profile, cb) => {
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
...profile,
|
||||
picture: _.get(profile, '_json.profile_photo_url', '')
|
||||
},
|
||||
providerKey: 'dropbox'
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
|
@ -15,15 +15,16 @@ module.exports = {
|
||||
clientSecret: conf.clientSecret,
|
||||
callbackURL: conf.callbackURL,
|
||||
profileFields: ['id', 'displayName', 'email', 'photos'],
|
||||
authType: 'reauthenticate'
|
||||
}, async (accessToken, refreshToken, profile, cb) => {
|
||||
authType: 'reauthenticate',
|
||||
passReqToCallback: true
|
||||
}, async (req, accessToken, refreshToken, profile, cb) => {
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
...profile,
|
||||
picture: _.get(profile, 'photos[0].value', '')
|
||||
},
|
||||
providerKey: 'facebook'
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
|
@ -1,28 +1,30 @@
|
||||
/* global WIKI */
|
||||
|
||||
// ------------------------------------
|
||||
// GitHub Account
|
||||
// Firebase Account
|
||||
// ------------------------------------
|
||||
|
||||
const GitHubStrategy = require('passport-github2').Strategy
|
||||
// INCOMPLETE / TODO
|
||||
|
||||
const FirebaseStrategy = require('passport-github2').Strategy
|
||||
const _ = require('lodash')
|
||||
|
||||
module.exports = {
|
||||
init (passport, conf) {
|
||||
passport.use('github',
|
||||
new GitHubStrategy({
|
||||
passport.use('firebase',
|
||||
new FirebaseStrategy({
|
||||
clientID: conf.clientId,
|
||||
clientSecret: conf.clientSecret,
|
||||
callbackURL: conf.callbackURL,
|
||||
scope: ['user:email']
|
||||
}, async (accessToken, refreshToken, profile, cb) => {
|
||||
}, async (req, accessToken, refreshToken, profile, cb) => {
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
...profile,
|
||||
picture: _.get(profile, 'photos[0].value', '')
|
||||
},
|
||||
providerKey: 'github'
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
|
@ -13,7 +13,8 @@ module.exports = {
|
||||
clientID: conf.clientId,
|
||||
clientSecret: conf.clientSecret,
|
||||
callbackURL: conf.callbackURL,
|
||||
scope: ['user:email']
|
||||
scope: ['user:email'],
|
||||
passReqToCallback: true
|
||||
}
|
||||
|
||||
if (conf.useEnterprise) {
|
||||
@ -24,14 +25,14 @@ module.exports = {
|
||||
}
|
||||
|
||||
passport.use('github',
|
||||
new GitHubStrategy(githubConfig, async (accessToken, refreshToken, profile, cb) => {
|
||||
new GitHubStrategy(githubConfig, async (req, accessToken, refreshToken, profile, cb) => {
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
...profile,
|
||||
picture: _.get(profile, 'photos[0].value', '')
|
||||
},
|
||||
providerKey: 'github'
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
|
@ -15,15 +15,16 @@ module.exports = {
|
||||
clientSecret: conf.clientSecret,
|
||||
callbackURL: conf.callbackURL,
|
||||
baseURL: conf.baseUrl,
|
||||
scope: ['read_user']
|
||||
}, async (accessToken, refreshToken, profile, cb) => {
|
||||
scope: ['read_user'],
|
||||
passReqToCallback: true
|
||||
}, async (req, accessToken, refreshToken, profile, cb) => {
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
...profile,
|
||||
picture: _.get(profile, 'avatarUrl', '')
|
||||
},
|
||||
providerKey: 'gitlab'
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
|
@ -13,15 +13,16 @@ module.exports = {
|
||||
new GoogleStrategy({
|
||||
clientID: conf.clientId,
|
||||
clientSecret: conf.clientSecret,
|
||||
callbackURL: conf.callbackURL
|
||||
}, async (accessToken, refreshToken, profile, cb) => {
|
||||
callbackURL: conf.callbackURL,
|
||||
passReqToCallback: true
|
||||
}, async (req, accessToken, refreshToken, profile, cb) => {
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
...profile,
|
||||
picture: _.get(profile, 'photos[0].value', '')
|
||||
},
|
||||
providerKey: 'google'
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
|
@ -19,21 +19,22 @@ module.exports = {
|
||||
realm: conf.realm,
|
||||
clientID: conf.clientId,
|
||||
clientSecret: conf.clientSecret,
|
||||
callbackURL: conf.callbackURL
|
||||
}, async (accessToken, refreshToken, profile, cb) => {
|
||||
callbackURL: conf.callbackURL,
|
||||
passReqToCallback: true
|
||||
}, async (req, accessToken, refreshToken, profile, cb) => {
|
||||
let displayName = profile.username
|
||||
if (_.isString(profile.fullName) && profile.fullName.length > 0) {
|
||||
displayName = profile.fullName
|
||||
}
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
id: profile.keycloakId,
|
||||
email: profile.email,
|
||||
name: displayName,
|
||||
picture: ''
|
||||
},
|
||||
providerKey: 'keycloak'
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
|
@ -28,7 +28,7 @@ module.exports = {
|
||||
usernameField: 'email',
|
||||
passwordField: 'password',
|
||||
passReqToCallback: false
|
||||
}, async (profile, cb) => {
|
||||
}, async (req, profile, cb) => {
|
||||
try {
|
||||
const userId = _.get(profile, conf.mappingUID, null)
|
||||
if (!userId) {
|
||||
@ -36,13 +36,13 @@ module.exports = {
|
||||
}
|
||||
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
id: userId,
|
||||
email: String(_.get(profile, conf.mappingEmail, '')).split(',')[0],
|
||||
displayName: _.get(profile, conf.mappingDisplayName, '???'),
|
||||
picture: _.get(profile, conf.mappingPicture, '')
|
||||
},
|
||||
providerKey: 'ldap'
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
|
@ -14,16 +14,16 @@ module.exports = {
|
||||
clientID: conf.clientId,
|
||||
clientSecret: conf.clientSecret,
|
||||
callbackURL: conf.callbackURL,
|
||||
scope: ['User.Read', 'email', 'openid', 'profile']
|
||||
}, async (accessToken, refreshToken, profile, cb) => {
|
||||
console.info(profile)
|
||||
scope: ['User.Read', 'email', 'openid', 'profile'],
|
||||
passReqToCallback: true
|
||||
}, async (req, accessToken, refreshToken, profile, cb) => {
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
...profile,
|
||||
picture: _.get(profile, 'photos[0].value', '')
|
||||
},
|
||||
providerKey: 'microsoft'
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
|
@ -14,13 +14,18 @@ module.exports = {
|
||||
tokenURL: conf.tokenURL,
|
||||
clientID: conf.clientId,
|
||||
clientSecret: conf.clientSecret,
|
||||
callbackURL: conf.callbackURL
|
||||
}, (accessToken, refreshToken, profile, cb) => {
|
||||
WIKI.models.users.processProfile(profile).then((user) => {
|
||||
return cb(null, user) || true
|
||||
}).catch((err) => {
|
||||
return cb(err, null) || true
|
||||
callbackURL: conf.callbackURL,
|
||||
passReqToCallback: true
|
||||
}, async (req, accessToken, refreshToken, profile, cb) => {
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
cb(err, null)
|
||||
}
|
||||
})
|
||||
)
|
||||
}
|
||||
|
@ -18,18 +18,19 @@ module.exports = {
|
||||
clientSecret: conf.clientSecret,
|
||||
issuer: conf.issuer,
|
||||
userInfoURL: conf.userInfoURL,
|
||||
callbackURL: conf.callbackURL
|
||||
}, async (iss, sub, profile, cb) => {
|
||||
callbackURL: conf.callbackURL,
|
||||
passReqToCallback: true
|
||||
}, async (req, iss, sub, profile, cb) => {
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
...profile,
|
||||
email: _.get(profile, '_json.' + conf.emailClaim)
|
||||
},
|
||||
providerKey: 'oidc'
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch(err) {
|
||||
} catch (err) {
|
||||
cb(err, null)
|
||||
}
|
||||
})
|
||||
|
@ -16,15 +16,16 @@ module.exports = {
|
||||
clientSecret: conf.clientSecret,
|
||||
idp: conf.idp,
|
||||
callbackURL: conf.callbackURL,
|
||||
response_type: 'code'
|
||||
}, async (accessToken, refreshToken, profile, cb) => {
|
||||
response_type: 'code',
|
||||
passReqToCallback: true
|
||||
}, async (req, accessToken, refreshToken, profile, cb) => {
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
...profile,
|
||||
picture: _.get(profile, '_json.profile', '')
|
||||
},
|
||||
providerKey: 'okta'
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
|
@ -22,7 +22,8 @@ module.exports = {
|
||||
forceAuthn: conf.forceAuthn,
|
||||
providerName: conf.providerName,
|
||||
skipRequestCompression: conf.skipRequestCompression,
|
||||
authnRequestBinding: conf.authnRequestBinding
|
||||
authnRequestBinding: conf.authnRequestBinding,
|
||||
passReqToCallback: true
|
||||
}
|
||||
if (!_.isEmpty(conf.audience)) {
|
||||
samlConfig.audience = conf.audience
|
||||
@ -37,7 +38,7 @@ module.exports = {
|
||||
samlConfig.decryptionPvk = conf.decryptionPvk
|
||||
}
|
||||
passport.use('saml',
|
||||
new SAMLStrategy(samlConfig, async (profile, cb) => {
|
||||
new SAMLStrategy(samlConfig, async (req, profile, cb) => {
|
||||
try {
|
||||
const userId = _.get(profile, [conf.mappingUID], null) || _.get(profile, 'nameID', null)
|
||||
if (!userId) {
|
||||
@ -45,13 +46,13 @@ module.exports = {
|
||||
}
|
||||
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
id: userId,
|
||||
email: _.get(profile, conf.mappingEmail, ''),
|
||||
displayName: _.get(profile, conf.mappingDisplayName, '???'),
|
||||
picture: _.get(profile, conf.mappingPicture, '')
|
||||
},
|
||||
providerKey: 'saml'
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
|
@ -14,15 +14,16 @@ module.exports = {
|
||||
clientID: conf.clientId,
|
||||
clientSecret: conf.clientSecret,
|
||||
callbackURL: conf.callbackURL,
|
||||
team: conf.team
|
||||
}, async (accessToken, scopes, team, extra, { user: userProfile }, cb) => {
|
||||
team: conf.team,
|
||||
passReqToCallback: true
|
||||
}, async (req, accessToken, scopes, team, extra, { user: userProfile }, cb) => {
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
...userProfile,
|
||||
picture: _.get(userProfile, 'image_48', '')
|
||||
},
|
||||
providerKey: 'slack'
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
|
@ -13,15 +13,16 @@ module.exports = {
|
||||
new TwitchStrategy({
|
||||
clientID: conf.clientId,
|
||||
clientSecret: conf.clientSecret,
|
||||
callbackURL: conf.callbackURL
|
||||
}, async (accessToken, refreshToken, profile, cb) => {
|
||||
callbackURL: conf.callbackURL,
|
||||
passReqToCallback: true
|
||||
}, async (req, accessToken, refreshToken, profile, cb) => {
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
...profile,
|
||||
picture: _.get(profile, 'avatar', '')
|
||||
},
|
||||
providerKey: 'twitch'
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
|
Loading…
Reference in New Issue
Block a user