fix: handle removed auth strategies
This commit is contained in:
parent
e319355017
commit
4dcf664040
@ -93,6 +93,11 @@ module.exports = class Authentication extends Model {
|
||||
|
||||
for (const strategy of dbStrategies) {
|
||||
const strategyDef = _.find(WIKI.data.authentication, ['key', strategy.strategyKey])
|
||||
if (!strategyDef) {
|
||||
await WIKI.models.authentication.query().delete().where('key', strategy.key)
|
||||
WIKI.logger.info(`Authentication strategy ${strategy.strategyKey} was removed from disk: [ REMOVED ]`)
|
||||
continue
|
||||
}
|
||||
strategy.config = _.transform(strategyDef.props, (result, value, key) => {
|
||||
if (!_.has(result, key)) {
|
||||
_.set(result, key, value.default)
|
||||
|
@ -1,32 +0,0 @@
|
||||
/* global WIKI */
|
||||
|
||||
// ------------------------------------
|
||||
// OAuth2 Account
|
||||
// ------------------------------------
|
||||
|
||||
const OAuth2Strategy = require('passport-oauth2').Strategy
|
||||
|
||||
module.exports = {
|
||||
init (passport, conf) {
|
||||
passport.use('oauth2',
|
||||
new OAuth2Strategy({
|
||||
authorizationURL: conf.authorizationURL,
|
||||
tokenURL: conf.tokenURL,
|
||||
clientID: conf.clientId,
|
||||
clientSecret: conf.clientSecret,
|
||||
callbackURL: conf.callbackURL,
|
||||
passReqToCallback: true
|
||||
}, async (req, accessToken, refreshToken, profile, cb) => {
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
cb(err, null)
|
||||
}
|
||||
})
|
||||
)
|
||||
}
|
||||
}
|
@ -1,58 +0,0 @@
|
||||
key: oauth2
|
||||
title: Generic OAuth2
|
||||
description: OAuth 2 is an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/oauth2.svg
|
||||
color: grey darken-4
|
||||
website: https://oauth.net/2/
|
||||
isAvailable: true
|
||||
useForm: false
|
||||
props:
|
||||
clientId:
|
||||
type: String
|
||||
title: Client ID
|
||||
hint: Application Client ID
|
||||
order: 1
|
||||
clientSecret:
|
||||
type: String
|
||||
title: Client Secret
|
||||
hint: Application Client Secret
|
||||
order: 2
|
||||
authorizationURL:
|
||||
type: String
|
||||
title: Authorization Endpoint URL
|
||||
hint: The full URL to the authorization endpoint, used to get an authorization code.
|
||||
order: 3
|
||||
tokenURL:
|
||||
type: String
|
||||
title: Token Endpoint URL
|
||||
hint: The full URL to the token endpoint, used to get an access token.
|
||||
order: 4
|
||||
mappingUID:
|
||||
title: Unique ID Field Mapping
|
||||
type: String
|
||||
default: 'id'
|
||||
hint: The field storing the user unique identifier, e.g. "id" or "_id".
|
||||
maxWidth: 500
|
||||
order: 20
|
||||
mappingEmail:
|
||||
title: Email Field Mapping
|
||||
type: String
|
||||
default: 'email'
|
||||
hint: The field storing the user email, e.g. "email" or "mail".
|
||||
maxWidth: 500
|
||||
order: 21
|
||||
mappingDisplayName:
|
||||
title: Display Name Field Mapping
|
||||
type: String
|
||||
default: 'name'
|
||||
hint: The field storing the user display name, e.g. "name", "displayName" or "username".
|
||||
maxWidth: 500
|
||||
order: 22
|
||||
mappingPicture:
|
||||
title: Avatar Picture Field Mapping
|
||||
type: String
|
||||
default: 'pictureUrl'
|
||||
hint: The field storing the user avatar picture, e.g. "pictureUrl" or "avatarUrl".
|
||||
maxWidth: 500
|
||||
order: 23
|
@ -1,5 +1,5 @@
|
||||
key: oidc
|
||||
title: Generic OpenID Connect
|
||||
title: Generic OpenID Connect / OAuth2
|
||||
description: OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/oidc.svg
|
||||
@ -12,10 +12,40 @@ scopes:
|
||||
- profile
|
||||
- email
|
||||
props:
|
||||
clientId: String
|
||||
clientSecret: String
|
||||
authorizationURL: String
|
||||
tokenURL: String
|
||||
issuer: String
|
||||
userInfoURL: String
|
||||
emailClaim: String
|
||||
clientId:
|
||||
type: String
|
||||
title: Client ID
|
||||
hint: Application Client ID
|
||||
order: 1
|
||||
clientSecret:
|
||||
type: String
|
||||
title: Client Secret
|
||||
hint: Application Client Secret
|
||||
order: 2
|
||||
authorizationURL:
|
||||
type: String
|
||||
title: Authorization Endpoint URL
|
||||
hint: Application Authorization Endpoint URL
|
||||
order: 3
|
||||
tokenURL:
|
||||
type: String
|
||||
title: Token Endpoint URL
|
||||
hint: Application Token Endpoint URL
|
||||
order: 4
|
||||
userInfoURL:
|
||||
type: String
|
||||
title: User Info Endpoint URL
|
||||
hint: User Info Endpoint URL
|
||||
order: 5
|
||||
issuer:
|
||||
type: String
|
||||
title: Issuer
|
||||
hint: Issuer URL
|
||||
order: 6
|
||||
emailClaim:
|
||||
type: String
|
||||
title: Email Claim
|
||||
hint: Field containing the email address
|
||||
default: email
|
||||
maxWidth: 500
|
||||
order: 7
|
||||
|
Loading…
Reference in New Issue
Block a user