diff options
author | Sheogorath | 2020-02-09 13:48:26 +0100 |
---|---|---|
committer | Sheogorath | 2020-02-09 13:48:26 +0100 |
commit | d5ae45b268452f315926bc4a8ded83e112603d0c (patch) | |
tree | 9e3b5cff1f93ec6dcda13a29421f7ae4248185cd | |
parent | b3d4cdbcebe1690bf5211d778ff6f8a0f9f5e518 (diff) | |
parent | 78682f57c43c8af8abccc60848df4d7533dabc60 (diff) |
Merge branch 'google-oauth'
See https://github.com/codimd/server/pull/265
-rw-r--r-- | app.json | 4 | ||||
-rw-r--r-- | docs/configuration-config-file.md | 2 | ||||
-rw-r--r-- | docs/configuration-env-vars.md | 1 | ||||
-rw-r--r-- | lib/config/default.js | 3 | ||||
-rw-r--r-- | lib/config/dockerSecret.js | 3 | ||||
-rw-r--r-- | lib/config/environment.js | 3 | ||||
-rw-r--r-- | lib/web/auth/google/index.js | 2 |
7 files changed, 13 insertions, 5 deletions
@@ -132,6 +132,10 @@ "description": "Google API client secret", "required": false }, + "CMD_GOOGLE_HOSTEDDOMAIN": { + "description": "Google API hosted domain (Provided only if the user belongs to a hosted domain)", + "required": false + }, "CMD_IMGUR_CLIENTID": { "description": "Imgur API client id", "required": false diff --git a/docs/configuration-config-file.md b/docs/configuration-config-file.md index c1114549..9fe4554d 100644 --- a/docs/configuration-config-file.md +++ b/docs/configuration-config-file.md @@ -134,7 +134,7 @@ these are rarely used for various reasons. | variables | example values | description | | --------- | ------ | ----------- | -| `google` | `{clientID: ..., clientSecret: ...}` | An object containing the client ID and the client secret obtained by the [Google API console](https://console.cloud.google.com/apis) | +| `google` | `{clientID: ..., clientSecret: ..., hostedDomain: ...}` | An object containing the client ID and the client secret obtained by the [Google API console](https://console.cloud.google.com/apis) | ### LDAP Login diff --git a/docs/configuration-env-vars.md b/docs/configuration-env-vars.md index f391f362..6ac9123b 100644 --- a/docs/configuration-env-vars.md +++ b/docs/configuration-env-vars.md @@ -135,6 +135,7 @@ defaultNotePath can't be set from env-vars | -------- | ------------- | ----------- | | `CMD_GOOGLE_CLIENTID` | no example | Google API client id | | `CMD_GOOGLE_CLIENTSECRET` | no example | Google API client secret | +| `CMD_GOOGLE_HOSTEDDOMAIN` | `example.com` | Provided only if the user belongs to a hosted domain. default is `undefined` | ### LDAP Login diff --git a/lib/config/default.js b/lib/config/default.js index a52a8a4f..ac78e8ed 100644 --- a/lib/config/default.js +++ b/lib/config/default.js @@ -124,7 +124,8 @@ module.exports = { }, google: { clientID: undefined, - clientSecret: undefined + clientSecret: undefined, + hostedDomain: undefined }, ldap: { providerName: undefined, diff --git a/lib/config/dockerSecret.js b/lib/config/dockerSecret.js index 7ff6506f..02b959d9 100644 --- a/lib/config/dockerSecret.js +++ b/lib/config/dockerSecret.js @@ -53,7 +53,8 @@ if (fs.existsSync(basePath)) { }, google: { clientID: getSecret('google_clientID'), - clientSecret: getSecret('google_clientSecret') + clientSecret: getSecret('google_clientSecret'), + hostedDomain: getSecret('google_hostedDomain') }, imgur: getSecret('imgur_clientid') } diff --git a/lib/config/environment.js b/lib/config/environment.js index 944a2fb2..219be499 100644 --- a/lib/config/environment.js +++ b/lib/config/environment.js @@ -101,7 +101,8 @@ module.exports = { }, google: { clientID: process.env.CMD_GOOGLE_CLIENTID, - clientSecret: process.env.CMD_GOOGLE_CLIENTSECRET + clientSecret: process.env.CMD_GOOGLE_CLIENTSECRET, + hostedDomain: process.env.CMD_GOOGLE_HOSTEDDOMAIN }, ldap: { providerName: process.env.CMD_LDAP_PROVIDERNAME, diff --git a/lib/web/auth/google/index.js b/lib/web/auth/google/index.js index feb83025..6edf07a9 100644 --- a/lib/web/auth/google/index.js +++ b/lib/web/auth/google/index.js @@ -16,7 +16,7 @@ passport.use(new GoogleStrategy({ }, passportGeneralCallback)) googleAuth.get('/auth/google', function (req, res, next) { - passport.authenticate('google', { scope: ['profile'] })(req, res, next) + passport.authenticate('google', { scope: ['profile'], hostedDomain: config.google.hostedDomain })(req, res, next) }) // google auth callback googleAuth.get('/auth/google/callback', |