feat: authentication improvements

server/modules/authentication/auth0/definition.yml

@@ -1,6 +1,9 @@
 key: auth0
 title: Auth0
+description: Auth0 provides universal identity platform for web, mobile, IoT, and internal applications.
 author: requarks.io
+logo: https://static.requarks.io/logo/auth0.svg
+website: https://auth0.com/
 useForm: false
 props:
   domain: String

server/modules/authentication/azure/definition.yml

@@ -1,6 +1,9 @@
 key: azure
 title: Azure Active Directory
+description: Azure Active Directory (Azure AD) is Microsoft’s multi-tenant, cloud-based directory, and identity management service that combines core directory services, application access management, and identity protection into a single solution.
 author: requarks.io
+logo: https://static.requarks.io/logo/azure.svg
+website: https://azure.microsoft.com/services/active-directory/
 useForm: false
 props:
   clientId: String

server/modules/authentication/cas/definition.yml

@@ -1,6 +1,9 @@
 key: cas
 title: CAS
+description: The Central Authentication Service (CAS) is a single sign-on protocol for the web.
 author: requarks.io
+logo: https://static.requarks.io/logo/cas.svg
+website: https://wiki.js.org
 useForm: false
 props:
   ssoBaseURL: String

server/modules/authentication/discord/definition.yml

@@ -1,6 +1,9 @@
 key: discord
 title: Discord
+description: Discord is a proprietary freeware VoIP application designed for gaming communities, that specializes in text, video and audio communication between users in a chat channel.
 author: requarks.io
+logo: https://static.requarks.io/logo/discord.svg
+website: https://discordapp.com/
 useForm: false
 props:
   clientId: String

server/modules/authentication/dropbox/definition.yml

@@ -1,6 +1,9 @@
 key: dropbox
 title: Dropbox
+description: Dropbox is a file hosting service that offers cloud storage, file synchronization, personal cloud, and client software.
 author: requarks.io
+logo: https://static.requarks.io/logo/dropbox.svg
+website: https://dropbox.com
 useForm: false
 props:
   clientId: String

server/modules/authentication/facebook/definition.yml

@@ -1,6 +1,9 @@
 key: facebook
 title: Facebook
+description: Facebook is an online social media and social networking service company.
 author: requarks.io
+logo: https://static.requarks.io/logo/facebook.svg
+website: https://facebook.com/
 useForm: false
 props:
   clientId: String

server/modules/authentication/github/definition.yml

@@ -1,6 +1,9 @@
 key: github
 title: GitHub
+description: GitHub Inc. is a web-based hosting service for version control using Git.
 author: requarks.io
+logo: https://static.requarks.io/logo/github.svg
+website: https://github.com
 useForm: false
 props:
   clientId: String

server/modules/authentication/google/definition.yml

@@ -1,6 +1,9 @@
 key: google
 title: Google
+description: Google specializes in Internet-related services and products, which include online advertising technologies, search engine, cloud computing, software, and hardware.
 author: requarks.io
+logo: https://static.requarks.io/logo/google.svg
+website: https://console.developers.google.com/
 useForm: false
 props:
   clientId: String

server/modules/authentication/ldap/definition.yml

@@ -1,22 +1,36 @@
 key: ldap
 title: LDAP / Active Directory
+description: Active Directory is a directory service that Microsoft developed for the Windows domain networks.
 author: requarks.io
+logo: https://static.requarks.io/logo/active-directory.svg
+website: https://www.microsoft.com/windowsserver
 useForm: true
 props:
   url:
+    title: URL
     type: String
     default: 'ldap://serverhost:389'
+    hint: (e.g. ldap://serverhost:389)
   bindDn:
+    title: Bind DN
     type: String
     default: cn='root'
-  bindCredentials: String
+    hint: The dstinguished name (dn) of the account used for binding.
+  bindCredentials:
+    type: String
+    hint: The password of the account used for binding.
   searchBase:
     type: String
     default: 'o=users,o=example.com'
   searchFilter:
     type: String
     default: '(uid={{username}})'
+    hint: The query to use to match username. {{username}} must be present.
   tlsEnabled:
+    title: Use TLS
     type: Boolean
     default: false
-  tlsCertPath: String
+  tlsCertPath:
+    title: TLS Certificate Path
+    type: String
+    hint: Absolute path to the TLS certificate on the server.

server/modules/authentication/local/definition.yml

@@ -1,5 +1,8 @@
 key: local
 title: Local
+description: Built-in authentication for Wiki.js
 author: requarks.io
+logo: https://static.requarks.io/logo/wikijs.svg
+website: https://wiki.js.org
 useForm: true
 props: {}

server/modules/authentication/microsoft/definition.yml

@@ -1,6 +1,9 @@
 key: microsoft
-title: Microsoft Account
+title: Microsoft
+description: Microsoft is a software company, best known for it's Windows, Office, Azure, Xbox and Surface products.
 author: requarks.io
+logo: https://static.requarks.io/logo/microsoft.svg
+website: https://apps.dev.microsoft.com/
 useForm: false
 props:
   clientId: String

server/modules/authentication/oauth2/definition.yml

@@ -1,6 +1,9 @@
 key: oauth2
-title: OAuth2
+title: Generic OAuth2
+description: OAuth 2 is an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service.
 author: requarks.io
+logo: https://static.requarks.io/logo/oauth2.svg
+website: https://oauth.net/2/
 useForm: false
 props:
   clientId: String

server/modules/authentication/oidc/authentication.js

@@ -0,0 +1,35 @@
+const _ = require('lodash')
+
+/* global WIKI */
+
+// ------------------------------------
+// OpenID Connect Account
+// ------------------------------------
+
+const OpenIDConnectStrategy = require('passport-openidconnect').Strategy
+
+module.exports = {
+  init (passport, conf) {
+    passport.use('oidc',
+      new OpenIDConnectStrategy({
+        authorizationURL: conf.authorizationURL,
+        tokenURL: conf.tokenURL,
+        clientID: conf.clientId,
+        clientSecret: conf.clientSecret,
+        issuer: conf.issuer,
+        callbackURL: conf.callbackURL
+      }, (iss, sub, profile, jwtClaims, accessToken, refreshToken, params, cb) => {
+        WIKI.models.users.processProfile({
+          id: jwtClaims.sub,
+          provider: 'oidc',
+          email: _.get(jwtClaims, conf.emailClaim),
+          name: _.get(jwtClaims, conf.usernameClaim)
+        }).then((user) => {
+          return cb(null, user) || true
+        }).catch((err) => {
+          return cb(err, null) || true
+        })
+      })
+    )
+  }
+}

server/modules/authentication/oidc/definition.yml

@@ -0,0 +1,16 @@
+key: oidc
+title: Generic OpenID Connect
+description: OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol.
+author: requarks.io
+logo: https://static.requarks.io/logo/oidc.svg
+website: http://openid.net/connect/
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
+  authorizationURL: String
+  tokenURL: String
+  issuer: String
+  userInfoUrl: String
+  emailClaim: String
+  usernameClaim: String

server/modules/authentication/okta/authentication.js

@@ -0,0 +1,29 @@
+/* global WIKI */
+
+// ------------------------------------
+// Okta Account
+// ------------------------------------
+
+const OktaStrategy = require('passport-okta-oauth').Strategy
+
+module.exports = {
+  init (passport, conf) {
+    passport.use('okta',
+      new OktaStrategy({
+        audience: conf.audience,
+        clientID: conf.clientId,
+        clientSecret: conf.clientSecret,
+        idp: conf.idp,
+        callbackURL: conf.callbackURL,
+        response_type: 'code',
+        scope: ['openid', 'email', 'profile']
+      }, (accessToken, refreshToken, profile, cb) => {
+        WIKI.models.users.processProfile(profile).then((user) => {
+          return cb(null, user) || true
+        }).catch((err) => {
+          return cb(err, null) || true
+        })
+      })
+    )
+  }
+}

server/modules/authentication/okta/definition.yml

@@ -0,0 +1,21 @@
+key: okta
+title: Okta
+description: Okta provide secure identity management and single sign-on to any application.
+author: requarks.io
+logo: https://static.requarks.io/logo/okta.svg
+website: https://www.okta.com/
+useForm: false
+props:
+  clientId:
+    type: String
+    hint: 20 chars alphanumeric string
+  clientSecret:
+    type: String
+    hint: 40 chars alphanumeric string with a hyphen(s)
+  idp:
+    title: Identity Provider ID (idp)
+    type: String
+    hint: (optional) 20 chars alphanumeric string
+  audience:
+    type: String
+    hint: Okta domain (e.g. https://example.okta.com, https://example.oktapreview.com)

server/modules/authentication/slack/definition.yml

@@ -1,6 +1,9 @@
 key: slack
 title: Slack
+description: Slack is a cloud-based set of proprietary team collaboration tools and services.
 author: requarks.io
+logo: https://static.requarks.io/logo/slack.svg
+website: https://api.slack.com/docs/oauth
 useForm: false
 props:
   clientId: String

server/modules/authentication/twitch/definition.yml

@@ -1,6 +1,9 @@
 key: twitch
 title: Twitch
+description: Twitch is a live streaming video platform.
 author: requarks.io
+logo: https://static.requarks.io/logo/twitch.svg
+website: https://dev.twitch.tv/docs/authentication/
 useForm: false
 props:
   clientId: String