fix: various OAuth2 fixes
This commit is contained in:
parent
2d4cbb07c0
commit
5911867b21
@ -3,7 +3,7 @@ const _ = require('lodash')
|
||||
/* global WIKI */
|
||||
|
||||
// ------------------------------------
|
||||
// OAuth2 Connect Account
|
||||
// OAuth2 Account
|
||||
// ------------------------------------
|
||||
|
||||
const OAuth2Strategy = require('passport-oauth2').Strategy
|
||||
@ -17,15 +17,15 @@ module.exports = {
|
||||
clientSecret: conf.clientSecret,
|
||||
userInfoURL: conf.userInfoURL,
|
||||
callbackURL: conf.callbackURL,
|
||||
passReqToCallback: true,
|
||||
passReqToCallback: true
|
||||
}, async (req, accessToken, refreshToken, profile, cb) => {
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
...profile,
|
||||
id: _.get(profile, conf.userId),
|
||||
displayName: _.get(profile, conf.displayName, ''),
|
||||
id: _.get(profile, conf.userIdClaim),
|
||||
displayName: _.get(profile, conf.displayNameClaim, '???'),
|
||||
email: _.get(profile, conf.emailClaim)
|
||||
}
|
||||
})
|
||||
@ -36,7 +36,7 @@ module.exports = {
|
||||
})
|
||||
|
||||
client.userProfile = function (accesstoken, done) {
|
||||
this._oauth2._useAuthorizationHeaderForGET = true;
|
||||
this._oauth2._useAuthorizationHeaderForGET = true
|
||||
this._oauth2.get(conf.userInfoURL, accesstoken, (err, data) => {
|
||||
if (err) {
|
||||
return done(err)
|
||||
@ -50,5 +50,12 @@ module.exports = {
|
||||
})
|
||||
}
|
||||
passport.use('oauth2', client)
|
||||
},
|
||||
logout (conf) {
|
||||
if (!conf.logoutURL) {
|
||||
return '/'
|
||||
} else {
|
||||
return conf.logoutURL
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -1,6 +1,6 @@
|
||||
key: oauth2
|
||||
title: OAuth2
|
||||
description: OAuth 2.0 protocol.
|
||||
title: Generic OAuth2
|
||||
description: OAuth 2.0 is the industry-standard protocol for authorization.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/oauth2.svg
|
||||
color: blue-grey darken-2
|
||||
@ -33,23 +33,29 @@ props:
|
||||
title: User Info Endpoint URL
|
||||
hint: User Info Endpoint URL
|
||||
order: 5
|
||||
userId:
|
||||
userIdClaim:
|
||||
type: String
|
||||
title: ID
|
||||
hint: User ID
|
||||
title: ID Claim
|
||||
hint: Field containing the user ID
|
||||
default: id
|
||||
maxWidth: 500
|
||||
order: 6
|
||||
displayName:
|
||||
displayNameClaim:
|
||||
type: String
|
||||
title: Display Name
|
||||
hint: Field containing display name
|
||||
title: Display Name Claim
|
||||
hint: Field containing user display name
|
||||
default: displayName
|
||||
maxWidth: 500
|
||||
order: 7
|
||||
emailClaim:
|
||||
type: String
|
||||
title: Email Claim
|
||||
hint: Field containing the email address
|
||||
hint: Field containing the user email address
|
||||
default: email
|
||||
maxWidth: 500
|
||||
order: 8
|
||||
logoutURL:
|
||||
type: String
|
||||
title: Logout URL
|
||||
hint: (optional) Logout URL on the OAuth2 provider where the user will be redirected to complete the logout process.
|
||||
order: 9
|
||||
|
Loading…
Reference in New Issue
Block a user