feat: add support of hd
auth parameter to work with G Suite domains (#4010)
* Add support of hd google auth parameter - to work with G Suite domains * Style-fix * fix: google auth hostedDomain hint Co-authored-by: Nicolas Giard <github@ngpixel.com>
This commit is contained in:
parent
2ffeaed0d6
commit
ee8006892e
@ -9,27 +9,38 @@ const _ = require('lodash')
|
||||
|
||||
module.exports = {
|
||||
init (passport, conf) {
|
||||
passport.use('google',
|
||||
new GoogleStrategy({
|
||||
clientID: conf.clientId,
|
||||
clientSecret: conf.clientSecret,
|
||||
callbackURL: conf.callbackURL,
|
||||
passReqToCallback: true
|
||||
}, async (req, accessToken, refreshToken, profile, cb) => {
|
||||
try {
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
...profile,
|
||||
picture: _.get(profile, 'photos[0].value', '')
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
cb(err, null)
|
||||
const strategy = new GoogleStrategy({
|
||||
clientID: conf.clientId,
|
||||
clientSecret: conf.clientSecret,
|
||||
callbackURL: conf.callbackURL,
|
||||
passReqToCallback: true
|
||||
}, async (req, accessToken, refreshToken, profile, cb) => {
|
||||
try {
|
||||
if (conf.hostedDomain && conf.hostedDomain != profile._json.hd) {
|
||||
throw new Error('Google authentication should have been performed with domain ' + conf.hostedDomain)
|
||||
}
|
||||
})
|
||||
)
|
||||
const user = await WIKI.models.users.processProfile({
|
||||
providerKey: req.params.strategy,
|
||||
profile: {
|
||||
...profile,
|
||||
picture: _.get(profile, 'photos[0].value', '')
|
||||
}
|
||||
})
|
||||
cb(null, user)
|
||||
} catch (err) {
|
||||
cb(err, null)
|
||||
}
|
||||
})
|
||||
|
||||
if (conf.hostedDomain) {
|
||||
strategy.authorizationParams = function(options) {
|
||||
return {
|
||||
hd: conf.hostedDomain
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
passport.use('google', strategy)
|
||||
},
|
||||
logout (conf) {
|
||||
return '/'
|
||||
|
@ -22,3 +22,8 @@ props:
|
||||
title: Client Secret
|
||||
hint: Application Client Secret
|
||||
order: 2
|
||||
hostedDomain:
|
||||
type: String
|
||||
title: Hosted Domain
|
||||
hint: (optional) Only for G Suite hosted domain. Leave empty otherwise.
|
||||
order: 3
|
||||
|
Loading…
Reference in New Issue
Block a user