diff options
Diffstat (limited to 'lib/web/auth')
| -rw-r--r-- | lib/web/auth/index.js | 1 | ||||
| -rw-r--r-- | lib/web/auth/oauth2/index.js | 8 | ||||
| -rw-r--r-- | lib/web/auth/openid/index.js | 61 |
3 files changed, 66 insertions, 4 deletions
diff --git a/lib/web/auth/index.js b/lib/web/auth/index.js index 61e7c3f9..86ab4b28 100644 --- a/lib/web/auth/index.js +++ b/lib/web/auth/index.js @@ -45,6 +45,7 @@ if (config.isLDAPEnable) authRouter.use(require('./ldap')) if (config.isSAMLEnable) authRouter.use(require('./saml')) if (config.isOAuth2Enable) authRouter.use(require('./oauth2')) if (config.isEmailEnable) authRouter.use(require('./email')) +if (config.isOpenIDEnable) authRouter.use(require('./openid')) // logout authRouter.get('/logout', function (req, res) { diff --git a/lib/web/auth/oauth2/index.js b/lib/web/auth/oauth2/index.js index f2a3132d..b9160f6e 100644 --- a/lib/web/auth/oauth2/index.js +++ b/lib/web/auth/oauth2/index.js @@ -2,13 +2,13 @@ const Router = require('express').Router const passport = require('passport') -const OAuth2Strategy = require('passport-oauth2').Strategy +const { Strategy, InternalOAuthError } = require('passport-oauth2') const config = require('../../../config') const {setReturnToFromReferer, passportGeneralCallback} = require('../utils') let oauth2Auth = module.exports = Router() -class OAuth2CustomStrategy extends OAuth2Strategy { +class OAuth2CustomStrategy extends Strategy { constructor (options, verify) { options.customHeaders = options.customHeaders || {} super(options, verify) @@ -22,7 +22,7 @@ class OAuth2CustomStrategy extends OAuth2Strategy { var json if (err) { - return done(new passport.InternalOAuthError('Failed to fetch user profile', err)) + return done(new InternalOAuthError('Failed to fetch user profile', err)) } try { @@ -67,7 +67,7 @@ OAuth2CustomStrategy.prototype.userProfile = function (accessToken, done) { var json if (err) { - return done(new passport.InternalOAuthError('Failed to fetch user profile', err)) + return done(new InternalOAuthError('Failed to fetch user profile', err)) } try { diff --git a/lib/web/auth/openid/index.js b/lib/web/auth/openid/index.js new file mode 100644 index 00000000..96f61807 --- /dev/null +++ b/lib/web/auth/openid/index.js @@ -0,0 +1,61 @@ +'use strict' + +const Router = require('express').Router +const passport = require('passport') +const OpenIDStrategy = require('@passport-next/passport-openid').Strategy +const config = require('../../../config') +const models = require('../../../models') +const logger = require('../../../logger') +const {urlencodedParser} = require('../../utils') +const {setReturnToFromReferer} = require('../utils') + +let openIDAuth = module.exports = Router() + +passport.use(new OpenIDStrategy({ + returnURL: config.serverURL + '/auth/openid/callback', + realm: config.serverURL, + profile: true +}, function (openid, profile, done) { + var stringifiedProfile = JSON.stringify(profile) + models.User.findOrCreate({ + where: { + profileid: openid + }, + defaults: { + profile: stringifiedProfile + } + }).spread(function (user, created) { + if (user) { + var needSave = false + if (user.profile !== stringifiedProfile) { + user.profile = stringifiedProfile + needSave = true + } + if (needSave) { + user.save().then(function () { + if (config.debug) { logger.info('user login: ' + user.id) } + return done(null, user) + }) + } else { + if (config.debug) { logger.info('user login: ' + user.id) } + return done(null, user) + } + } + }).catch(function (err) { + logger.error('auth callback failed: ' + err) + return done(err, null) + }) +})) + +openIDAuth.post('/auth/openid', urlencodedParser, function (req, res, next) { + setReturnToFromReferer(req) + passport.authenticate('openid')(req, res, next) +}) + +// openID auth callback +openIDAuth.get('/auth/openid/callback', + passport.authenticate('openid', { + successReturnToOrRedirect: config.serverurl + '/', + failureRedirect: config.serverurl + '/' + }) +) |