5 files changed, 70 insertions, 7 deletions

diff --git a/lib/web/auth/index.js b/lib/web/auth/index.js
index 61e7c3f9..86ab4b28 100644
--- a/lib/web/auth/index.js
+++ b/lib/web/auth/index.js
@@ -45,6 +45,7 @@ if (config.isLDAPEnable) authRouter.use(require('./ldap'))
 if (config.isSAMLEnable) authRouter.use(require('./saml'))
 if (config.isOAuth2Enable) authRouter.use(require('./oauth2'))
 if (config.isEmailEnable) authRouter.use(require('./email'))
+if (config.isOpenIDEnable) authRouter.use(require('./openid'))
 
 // logout
 authRouter.get('/logout', function (req, res) {
diff --git a/lib/web/auth/oauth2/index.js b/lib/web/auth/oauth2/index.js
index f2a3132d..b9160f6e 100644
--- a/lib/web/auth/oauth2/index.js
+++ b/lib/web/auth/oauth2/index.js
@@ -2,13 +2,13 @@
 
 const Router = require('express').Router
 const passport = require('passport')
-const OAuth2Strategy = require('passport-oauth2').Strategy
+const { Strategy, InternalOAuthError } = require('passport-oauth2')
 const config = require('../../../config')
 const {setReturnToFromReferer, passportGeneralCallback} = require('../utils')
 
 let oauth2Auth = module.exports = Router()
 
-class OAuth2CustomStrategy extends OAuth2Strategy {
+class OAuth2CustomStrategy extends Strategy {
   constructor (options, verify) {
     options.customHeaders = options.customHeaders || {}
     super(options, verify)
@@ -22,7 +22,7 @@ class OAuth2CustomStrategy extends OAuth2Strategy {
       var json
 
       if (err) {
-        return done(new passport.InternalOAuthError('Failed to fetch user profile', err))
+        return done(new InternalOAuthError('Failed to fetch user profile', err))
       }
 
       try {
@@ -67,7 +67,7 @@ OAuth2CustomStrategy.prototype.userProfile = function (accessToken, done) {
     var json
 
     if (err) {
-      return done(new passport.InternalOAuthError('Failed to fetch user profile', err))
+      return done(new InternalOAuthError('Failed to fetch user profile', err))
     }
 
     try {
diff --git a/lib/web/auth/openid/index.js b/lib/web/auth/openid/index.js
new file mode 100644
index 00000000..96f61807
--- /dev/null
+++ b/lib/web/auth/openid/index.js
@@ -0,0 +1,61 @@
+'use strict'
+
+const Router = require('express').Router
+const passport = require('passport')
+const OpenIDStrategy = require('@passport-next/passport-openid').Strategy
+const config = require('../../../config')
+const models = require('../../../models')
+const logger = require('../../../logger')
+const {urlencodedParser} = require('../../utils')
+const {setReturnToFromReferer} = require('../utils')
+
+let openIDAuth = module.exports = Router()
+
+passport.use(new OpenIDStrategy({
+  returnURL: config.serverURL + '/auth/openid/callback',
+  realm: config.serverURL,
+  profile: true
+}, function (openid, profile, done) {
+  var stringifiedProfile = JSON.stringify(profile)
+  models.User.findOrCreate({
+    where: {
+      profileid: openid
+    },
+    defaults: {
+      profile: stringifiedProfile
+    }
+  }).spread(function (user, created) {
+    if (user) {
+      var needSave = false
+      if (user.profile !== stringifiedProfile) {
+        user.profile = stringifiedProfile
+        needSave = true
+      }
+      if (needSave) {
+        user.save().then(function () {
+          if (config.debug) { logger.info('user login: ' + user.id) }
+          return done(null, user)
+        })
+      } else {
+        if (config.debug) { logger.info('user login: ' + user.id) }
+        return done(null, user)
+      }
+    }
+  }).catch(function (err) {
+    logger.error('auth callback failed: ' + err)
+    return done(err, null)
+  })
+}))
+
+openIDAuth.post('/auth/openid', urlencodedParser, function (req, res, next) {
+  setReturnToFromReferer(req)
+  passport.authenticate('openid')(req, res, next)
+})
+
+// openID auth callback
+openIDAuth.get('/auth/openid/callback',
+  passport.authenticate('openid', {
+    successReturnToOrRedirect: config.serverurl + '/',
+    failureRedirect: config.serverurl + '/'
+  })
+)
diff --git a/lib/web/imageRouter/filesystem.js b/lib/web/imageRouter/filesystem.js
index 4bf82b31..a2f8700d 100644
--- a/lib/web/imageRouter/filesystem.js
+++ b/lib/web/imageRouter/filesystem.js
@@ -1,5 +1,6 @@
 'use strict'
 const url = require('url')
+const path = require('path')
 
 const config = require('../../config')
 const logger = require('../../logger')
@@ -15,5 +16,5 @@ exports.uploadImage = function (imagePath, callback) {
     return
   }
 
-  callback(null, url.resolve(config.serverURL + '/', imagePath.match(/public\/(.+)$/)[1]))
+  callback(null, url.URL.resolve(config.serverURL + '/uploads/', path.basename(imagePath)))
 }
diff --git a/lib/web/statusRouter.js b/lib/web/statusRouter.js
index 7ecf3839..2b9cb65f 100644
--- a/lib/web/statusRouter.js
+++ b/lib/web/statusRouter.js
@@ -96,7 +96,7 @@ statusRouter.get('/config', function (req, res) {
     domain: config.domain,
     urlpath: config.urlPath,
     debug: config.debug,
-    version: config.version,
+    version: config.fullversion,
     DROPBOX_APP_KEY: config.dropbox.appKey,
     allowedUploadMimeTypes: config.allowedUploadMimeTypes
   }
@@ -105,5 +105,5 @@ statusRouter.get('/config', function (req, res) {
     'X-Robots-Tag': 'noindex, nofollow', // prevent crawling
     'Content-Type': 'application/javascript'
   })
-  res.render(config.constantsPath, data)
+  res.render('../js/lib/common/constant.ejs', data)
 })