fix: handle removed auth strategies

This commit is contained in:
NGPixel 2020-08-30 16:33:52 -04:00
parent e319355017
commit 4dcf664040
4 changed files with 43 additions and 98 deletions

View File

@ -93,6 +93,11 @@ module.exports = class Authentication extends Model {
for (const strategy of dbStrategies) { for (const strategy of dbStrategies) {
const strategyDef = _.find(WIKI.data.authentication, ['key', strategy.strategyKey]) const strategyDef = _.find(WIKI.data.authentication, ['key', strategy.strategyKey])
if (!strategyDef) {
await WIKI.models.authentication.query().delete().where('key', strategy.key)
WIKI.logger.info(`Authentication strategy ${strategy.strategyKey} was removed from disk: [ REMOVED ]`)
continue
}
strategy.config = _.transform(strategyDef.props, (result, value, key) => { strategy.config = _.transform(strategyDef.props, (result, value, key) => {
if (!_.has(result, key)) { if (!_.has(result, key)) {
_.set(result, key, value.default) _.set(result, key, value.default)

View File

@ -1,32 +0,0 @@
/* global WIKI */
// ------------------------------------
// OAuth2 Account
// ------------------------------------
const OAuth2Strategy = require('passport-oauth2').Strategy
module.exports = {
init (passport, conf) {
passport.use('oauth2',
new OAuth2Strategy({
authorizationURL: conf.authorizationURL,
tokenURL: conf.tokenURL,
clientID: conf.clientId,
clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL,
passReqToCallback: true
}, async (req, accessToken, refreshToken, profile, cb) => {
try {
const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile
})
cb(null, user)
} catch (err) {
cb(err, null)
}
})
)
}
}

View File

@ -1,58 +0,0 @@
key: oauth2
title: Generic OAuth2
description: OAuth 2 is an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service.
author: requarks.io
logo: https://static.requarks.io/logo/oauth2.svg
color: grey darken-4
website: https://oauth.net/2/
isAvailable: true
useForm: false
props:
clientId:
type: String
title: Client ID
hint: Application Client ID
order: 1
clientSecret:
type: String
title: Client Secret
hint: Application Client Secret
order: 2
authorizationURL:
type: String
title: Authorization Endpoint URL
hint: The full URL to the authorization endpoint, used to get an authorization code.
order: 3
tokenURL:
type: String
title: Token Endpoint URL
hint: The full URL to the token endpoint, used to get an access token.
order: 4
mappingUID:
title: Unique ID Field Mapping
type: String
default: 'id'
hint: The field storing the user unique identifier, e.g. "id" or "_id".
maxWidth: 500
order: 20
mappingEmail:
title: Email Field Mapping
type: String
default: 'email'
hint: The field storing the user email, e.g. "email" or "mail".
maxWidth: 500
order: 21
mappingDisplayName:
title: Display Name Field Mapping
type: String
default: 'name'
hint: The field storing the user display name, e.g. "name", "displayName" or "username".
maxWidth: 500
order: 22
mappingPicture:
title: Avatar Picture Field Mapping
type: String
default: 'pictureUrl'
hint: The field storing the user avatar picture, e.g. "pictureUrl" or "avatarUrl".
maxWidth: 500
order: 23

View File

@ -1,5 +1,5 @@
key: oidc key: oidc
title: Generic OpenID Connect title: Generic OpenID Connect / OAuth2
description: OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. description: OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol.
author: requarks.io author: requarks.io
logo: https://static.requarks.io/logo/oidc.svg logo: https://static.requarks.io/logo/oidc.svg
@ -12,10 +12,40 @@ scopes:
- profile - profile
- email - email
props: props:
clientId: String clientId:
clientSecret: String type: String
authorizationURL: String title: Client ID
tokenURL: String hint: Application Client ID
issuer: String order: 1
userInfoURL: String clientSecret:
emailClaim: String type: String
title: Client Secret
hint: Application Client Secret
order: 2
authorizationURL:
type: String
title: Authorization Endpoint URL
hint: Application Authorization Endpoint URL
order: 3
tokenURL:
type: String
title: Token Endpoint URL
hint: Application Token Endpoint URL
order: 4
userInfoURL:
type: String
title: User Info Endpoint URL
hint: User Info Endpoint URL
order: 5
issuer:
type: String
title: Issuer
hint: Issuer URL
order: 6
emailClaim:
type: String
title: Email Claim
hint: Field containing the email address
default: email
maxWidth: 500
order: 7