feat: authentication improvements
This commit is contained in:
@@ -1,6 +1,9 @@
|
||||
key: auth0
|
||||
title: Auth0
|
||||
description: Auth0 provides universal identity platform for web, mobile, IoT, and internal applications.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/auth0.svg
|
||||
website: https://auth0.com/
|
||||
useForm: false
|
||||
props:
|
||||
domain: String
|
||||
|
@@ -1,6 +1,9 @@
|
||||
key: azure
|
||||
title: Azure Active Directory
|
||||
description: Azure Active Directory (Azure AD) is Microsoft’s multi-tenant, cloud-based directory, and identity management service that combines core directory services, application access management, and identity protection into a single solution.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/azure.svg
|
||||
website: https://azure.microsoft.com/services/active-directory/
|
||||
useForm: false
|
||||
props:
|
||||
clientId: String
|
||||
|
@@ -1,6 +1,9 @@
|
||||
key: cas
|
||||
title: CAS
|
||||
description: The Central Authentication Service (CAS) is a single sign-on protocol for the web.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/cas.svg
|
||||
website: https://wiki.js.org
|
||||
useForm: false
|
||||
props:
|
||||
ssoBaseURL: String
|
||||
|
@@ -1,6 +1,9 @@
|
||||
key: discord
|
||||
title: Discord
|
||||
description: Discord is a proprietary freeware VoIP application designed for gaming communities, that specializes in text, video and audio communication between users in a chat channel.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/discord.svg
|
||||
website: https://discordapp.com/
|
||||
useForm: false
|
||||
props:
|
||||
clientId: String
|
||||
|
@@ -1,6 +1,9 @@
|
||||
key: dropbox
|
||||
title: Dropbox
|
||||
description: Dropbox is a file hosting service that offers cloud storage, file synchronization, personal cloud, and client software.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/dropbox.svg
|
||||
website: https://dropbox.com
|
||||
useForm: false
|
||||
props:
|
||||
clientId: String
|
||||
|
@@ -1,6 +1,9 @@
|
||||
key: facebook
|
||||
title: Facebook
|
||||
description: Facebook is an online social media and social networking service company.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/facebook.svg
|
||||
website: https://facebook.com/
|
||||
useForm: false
|
||||
props:
|
||||
clientId: String
|
||||
|
@@ -1,6 +1,9 @@
|
||||
key: github
|
||||
title: GitHub
|
||||
description: GitHub Inc. is a web-based hosting service for version control using Git.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/github.svg
|
||||
website: https://github.com
|
||||
useForm: false
|
||||
props:
|
||||
clientId: String
|
||||
|
@@ -1,6 +1,9 @@
|
||||
key: google
|
||||
title: Google
|
||||
description: Google specializes in Internet-related services and products, which include online advertising technologies, search engine, cloud computing, software, and hardware.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/google.svg
|
||||
website: https://console.developers.google.com/
|
||||
useForm: false
|
||||
props:
|
||||
clientId: String
|
||||
|
@@ -1,22 +1,36 @@
|
||||
key: ldap
|
||||
title: LDAP / Active Directory
|
||||
description: Active Directory is a directory service that Microsoft developed for the Windows domain networks.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/active-directory.svg
|
||||
website: https://www.microsoft.com/windowsserver
|
||||
useForm: true
|
||||
props:
|
||||
url:
|
||||
title: URL
|
||||
type: String
|
||||
default: 'ldap://serverhost:389'
|
||||
hint: (e.g. ldap://serverhost:389)
|
||||
bindDn:
|
||||
title: Bind DN
|
||||
type: String
|
||||
default: cn='root'
|
||||
bindCredentials: String
|
||||
hint: The dstinguished name (dn) of the account used for binding.
|
||||
bindCredentials:
|
||||
type: String
|
||||
hint: The password of the account used for binding.
|
||||
searchBase:
|
||||
type: String
|
||||
default: 'o=users,o=example.com'
|
||||
searchFilter:
|
||||
type: String
|
||||
default: '(uid={{username}})'
|
||||
hint: The query to use to match username. {{username}} must be present.
|
||||
tlsEnabled:
|
||||
title: Use TLS
|
||||
type: Boolean
|
||||
default: false
|
||||
tlsCertPath: String
|
||||
tlsCertPath:
|
||||
title: TLS Certificate Path
|
||||
type: String
|
||||
hint: Absolute path to the TLS certificate on the server.
|
||||
|
@@ -1,5 +1,8 @@
|
||||
key: local
|
||||
title: Local
|
||||
description: Built-in authentication for Wiki.js
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/wikijs.svg
|
||||
website: https://wiki.js.org
|
||||
useForm: true
|
||||
props: {}
|
||||
|
@@ -1,6 +1,9 @@
|
||||
key: microsoft
|
||||
title: Microsoft Account
|
||||
title: Microsoft
|
||||
description: Microsoft is a software company, best known for it's Windows, Office, Azure, Xbox and Surface products.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/microsoft.svg
|
||||
website: https://apps.dev.microsoft.com/
|
||||
useForm: false
|
||||
props:
|
||||
clientId: String
|
||||
|
@@ -1,6 +1,9 @@
|
||||
key: oauth2
|
||||
title: OAuth2
|
||||
title: Generic OAuth2
|
||||
description: OAuth 2 is an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/oauth2.svg
|
||||
website: https://oauth.net/2/
|
||||
useForm: false
|
||||
props:
|
||||
clientId: String
|
||||
|
35
server/modules/authentication/oidc/authentication.js
Normal file
35
server/modules/authentication/oidc/authentication.js
Normal file
@@ -0,0 +1,35 @@
|
||||
const _ = require('lodash')
|
||||
|
||||
/* global WIKI */
|
||||
|
||||
// ------------------------------------
|
||||
// OpenID Connect Account
|
||||
// ------------------------------------
|
||||
|
||||
const OpenIDConnectStrategy = require('passport-openidconnect').Strategy
|
||||
|
||||
module.exports = {
|
||||
init (passport, conf) {
|
||||
passport.use('oidc',
|
||||
new OpenIDConnectStrategy({
|
||||
authorizationURL: conf.authorizationURL,
|
||||
tokenURL: conf.tokenURL,
|
||||
clientID: conf.clientId,
|
||||
clientSecret: conf.clientSecret,
|
||||
issuer: conf.issuer,
|
||||
callbackURL: conf.callbackURL
|
||||
}, (iss, sub, profile, jwtClaims, accessToken, refreshToken, params, cb) => {
|
||||
WIKI.models.users.processProfile({
|
||||
id: jwtClaims.sub,
|
||||
provider: 'oidc',
|
||||
email: _.get(jwtClaims, conf.emailClaim),
|
||||
name: _.get(jwtClaims, conf.usernameClaim)
|
||||
}).then((user) => {
|
||||
return cb(null, user) || true
|
||||
}).catch((err) => {
|
||||
return cb(err, null) || true
|
||||
})
|
||||
})
|
||||
)
|
||||
}
|
||||
}
|
16
server/modules/authentication/oidc/definition.yml
Normal file
16
server/modules/authentication/oidc/definition.yml
Normal file
@@ -0,0 +1,16 @@
|
||||
key: oidc
|
||||
title: Generic OpenID Connect
|
||||
description: OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/oidc.svg
|
||||
website: http://openid.net/connect/
|
||||
useForm: false
|
||||
props:
|
||||
clientId: String
|
||||
clientSecret: String
|
||||
authorizationURL: String
|
||||
tokenURL: String
|
||||
issuer: String
|
||||
userInfoUrl: String
|
||||
emailClaim: String
|
||||
usernameClaim: String
|
29
server/modules/authentication/okta/authentication.js
Normal file
29
server/modules/authentication/okta/authentication.js
Normal file
@@ -0,0 +1,29 @@
|
||||
/* global WIKI */
|
||||
|
||||
// ------------------------------------
|
||||
// Okta Account
|
||||
// ------------------------------------
|
||||
|
||||
const OktaStrategy = require('passport-okta-oauth').Strategy
|
||||
|
||||
module.exports = {
|
||||
init (passport, conf) {
|
||||
passport.use('okta',
|
||||
new OktaStrategy({
|
||||
audience: conf.audience,
|
||||
clientID: conf.clientId,
|
||||
clientSecret: conf.clientSecret,
|
||||
idp: conf.idp,
|
||||
callbackURL: conf.callbackURL,
|
||||
response_type: 'code',
|
||||
scope: ['openid', 'email', 'profile']
|
||||
}, (accessToken, refreshToken, profile, cb) => {
|
||||
WIKI.models.users.processProfile(profile).then((user) => {
|
||||
return cb(null, user) || true
|
||||
}).catch((err) => {
|
||||
return cb(err, null) || true
|
||||
})
|
||||
})
|
||||
)
|
||||
}
|
||||
}
|
21
server/modules/authentication/okta/definition.yml
Normal file
21
server/modules/authentication/okta/definition.yml
Normal file
@@ -0,0 +1,21 @@
|
||||
key: okta
|
||||
title: Okta
|
||||
description: Okta provide secure identity management and single sign-on to any application.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/okta.svg
|
||||
website: https://www.okta.com/
|
||||
useForm: false
|
||||
props:
|
||||
clientId:
|
||||
type: String
|
||||
hint: 20 chars alphanumeric string
|
||||
clientSecret:
|
||||
type: String
|
||||
hint: 40 chars alphanumeric string with a hyphen(s)
|
||||
idp:
|
||||
title: Identity Provider ID (idp)
|
||||
type: String
|
||||
hint: (optional) 20 chars alphanumeric string
|
||||
audience:
|
||||
type: String
|
||||
hint: Okta domain (e.g. https://example.okta.com, https://example.oktapreview.com)
|
@@ -1,6 +1,9 @@
|
||||
key: slack
|
||||
title: Slack
|
||||
description: Slack is a cloud-based set of proprietary team collaboration tools and services.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/slack.svg
|
||||
website: https://api.slack.com/docs/oauth
|
||||
useForm: false
|
||||
props:
|
||||
clientId: String
|
||||
|
@@ -1,6 +1,9 @@
|
||||
key: twitch
|
||||
title: Twitch
|
||||
description: Twitch is a live streaming video platform.
|
||||
author: requarks.io
|
||||
logo: https://static.requarks.io/logo/twitch.svg
|
||||
website: https://dev.twitch.tv/docs/authentication/
|
||||
useForm: false
|
||||
props:
|
||||
clientId: String
|
||||
|
Reference in New Issue
Block a user