liz/wikijs-fork
liz/wikijs-fork
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: various OAuth2 fixes

Browse Source
This commit is contained in:
NGPixel 2021-10-15 22:36:30 -04:00
parent 2d4cbb07c0
commit 5911867b21
No known key found for this signature in database
GPG Key ID: 8FDA2F1757F60D63
2 changed files with 28 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
server/modules/authentication/oauth2/authentication.js
View File

@ -3,7 +3,7 @@ const _ = require('lodash')
/* global WIKI */ /* global WIKI */
// ------------------------------------ // ------------------------------------
// OAuth2 Connect Account // OAuth2 Account
// ------------------------------------ // ------------------------------------
const OAuth2Strategy = require('passport-oauth2').Strategy const OAuth2Strategy = require('passport-oauth2').Strategy
@ -17,15 +17,15 @@ module.exports = {
clientSecret: conf.clientSecret, clientSecret: conf.clientSecret,
userInfoURL: conf.userInfoURL, userInfoURL: conf.userInfoURL,
callbackURL: conf.callbackURL, callbackURL: conf.callbackURL,
passReqToCallback: true, passReqToCallback: true
}, async (req, accessToken, refreshToken, profile, cb) => { }, async (req, accessToken, refreshToken, profile, cb) => {
try { try {
const user = await WIKI.models.users.processProfile({ const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy, providerKey: req.params.strategy,
profile: { profile: {
...profile, ...profile,
id: _.get(profile, conf.userId), id: _.get(profile, conf.userIdClaim),
displayName: _.get(profile, conf.displayName, ''), displayName: _.get(profile, conf.displayNameClaim, '???'),
email: _.get(profile, conf.emailClaim) email: _.get(profile, conf.emailClaim)
} }
}) })
@ -36,19 +36,26 @@ module.exports = {
}) })
client.userProfile = function (accesstoken, done) { client.userProfile = function (accesstoken, done) {
this._oauth2._useAuthorizationHeaderForGET = true; this._oauth2._useAuthorizationHeaderForGET = true
this._oauth2.get(conf.userInfoURL, accesstoken, (err, data) => { this._oauth2.get(conf.userInfoURL, accesstoken, (err, data) => {
if (err) { if (err) {
return done(err) return done(err)
} }
try { try {
data = JSON.parse(data) data = JSON.parse(data)
} catch(e) { } catch (e) {
return done(e) return done(e)
} }
done(null, data) done(null, data)
}) })
} }
passport.use('oauth2', client) passport.use('oauth2', client)
},
logout (conf) {
if (!conf.logoutURL) {
return '/'
} else {
return conf.logoutURL
}
} }
} }

24
server/modules/authentication/oauth2/definition.yml
View File

@ -1,6 +1,6 @@
key: oauth2 key: oauth2
title: OAuth2 title: Generic OAuth2
description: OAuth 2.0 protocol. description: OAuth 2.0 is the industry-standard protocol for authorization.
author: requarks.io author: requarks.io
logo: https://static.requarks.io/logo/oauth2.svg logo: https://static.requarks.io/logo/oauth2.svg
color: blue-grey darken-2 color: blue-grey darken-2
@ -33,23 +33,29 @@ props:
title: User Info Endpoint URL title: User Info Endpoint URL
hint: User Info Endpoint URL hint: User Info Endpoint URL
order: 5 order: 5
userId: userIdClaim:
type: String type: String
title: ID title: ID Claim
hint: User ID hint: Field containing the user ID
default: id default: id
maxWidth: 500
order: 6 order: 6
displayName: displayNameClaim:
type: String type: String
title: Display Name title: Display Name Claim
hint: Field containing display name hint: Field containing user display name
default: displayName default: displayName
maxWidth: 500 maxWidth: 500
order: 7 order: 7
emailClaim: emailClaim:
type: String type: String
title: Email Claim title: Email Claim
hint: Field containing the email address hint: Field containing the user email address
default: email default: email
maxWidth: 500 maxWidth: 500
order: 8 order: 8
logoutURL:
type: String
title: Logout URL
hint: (optional) Logout URL on the OAuth2 provider where the user will be redirected to complete the logout process.
order: 9