feat: add support of hd auth parameter to work with G Suite domains (#4010)

* Add support of hd google auth parameter - to work with G Suite domains

* Style-fix

* fix: google auth hostedDomain hint

Co-authored-by: Nicolas Giard <github@ngpixel.com>
This commit is contained in:
Denis 2021-05-25 01:04:11 +03:00 committed by GitHub
parent 2ffeaed0d6
commit ee8006892e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 36 additions and 20 deletions

View File

@ -9,27 +9,38 @@ const _ = require('lodash')
module.exports = {
init (passport, conf) {
passport.use('google',
new GoogleStrategy({
clientID: conf.clientId,
clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL,
passReqToCallback: true
}, async (req, accessToken, refreshToken, profile, cb) => {
try {
const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: {
...profile,
picture: _.get(profile, 'photos[0].value', '')
}
})
cb(null, user)
} catch (err) {
cb(err, null)
const strategy = new GoogleStrategy({
clientID: conf.clientId,
clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL,
passReqToCallback: true
}, async (req, accessToken, refreshToken, profile, cb) => {
try {
if (conf.hostedDomain && conf.hostedDomain != profile._json.hd) {
throw new Error('Google authentication should have been performed with domain ' + conf.hostedDomain)
}
})
)
const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: {
...profile,
picture: _.get(profile, 'photos[0].value', '')
}
})
cb(null, user)
} catch (err) {
cb(err, null)
}
})
if (conf.hostedDomain) {
strategy.authorizationParams = function(options) {
return {
hd: conf.hostedDomain
}
}
}
passport.use('google', strategy)
},
logout (conf) {
return '/'

View File

@ -22,3 +22,8 @@ props:
title: Client Secret
hint: Application Client Secret
order: 2
hostedDomain:
type: String
title: Hosted Domain
hint: (optional) Only for G Suite hosted domain. Leave empty otherwise.
order: 3