Skip to content

Commit 59eae65

Browse files
Sheikah45Sheikah45
authored
Allow different token and auth urls for wiki login (#269)
1 parent bdae64a commit 59eae65

1 file changed

Lines changed: 37 additions & 46 deletions

File tree

apps/wikijs/templates/sso-config.yaml

Lines changed: 37 additions & 46 deletions
Original file line numberDiff line numberDiff line change
@@ -9,8 +9,9 @@ data:
99
key: faf-hydra
1010
title: FAF Ory Hydra Login
1111
author: Sheikah
12-
useForm: false
12+
logo: https://{{ $.Values.baseDomain }}/images/faf-logo.png
1313
isAvailable: true
14+
useForm: false
1415
scopes:
1516
- openid
1617
- public_profile
@@ -25,66 +26,56 @@ data:
2526
title: Client Secret
2627
hint: Application Client Secret
2728
order: 2
28-
oauthBaseUrl:
29+
authorizationURL:
2930
type: String
30-
title: OAuth Base URL
31+
title: Authorization Endpoint URL
32+
hint: Application Authorization Endpoint URL
3133
order: 3
32-
callbackUrl:
34+
tokenURL:
3335
type: String
34-
title: Callback URL
36+
title: Token Endpoint URL
37+
hint: Application Token Endpoint URL
3538
order: 4
36-
apiUrl:
39+
issuer:
3740
type: String
38-
title: FAF Api Url
41+
title: Issuer
42+
hint: Issuer URL
3943
order: 5
4044
logoutURL:
4145
type: String
4246
title: Logout URL
4347
hint: (optional) Logout URL on the OAuth2 provider where the user will be redirected to complete the logout process.
4448
order: 6
4549
"authentication.js": |-
46-
const OidcStrategy = require('passport-openidconnect')
47-
const request = require('request')
50+
const OpenIDConnectStrategy = require('passport-openidconnect')
4851
4952
module.exports = {
50-
init(passport, conf) {
53+
init (passport, conf) {
5154
passport.use(conf.key,
52-
new OidcStrategy({
53-
issuer: conf.oauthBaseUrl + '/',
54-
tokenURL: conf.oauthBaseUrl + '/oauth2/token',
55-
authorizationURL: conf.oauthBaseUrl + '/oauth2/auth',
56-
userInfoURL: conf.oauthBaseUrl + '/userinfo?schema=openid',
57-
clientID: conf.clientId,
58-
clientSecret: conf.clientSecret,
59-
callbackURL: conf.callbackURL,
60-
scope: ['openid', 'public_profile'],
61-
passReqToCallback: true
62-
},
63-
function (req, iss, sub, profile, jwtClaims, accessToken, refreshToken, params, cb) {
64-
const providerKey = req.params.strategy
65-
request.get(
66-
{
67-
url: conf.apiUrl + '/me',
68-
headers: {'Authorization': 'Bearer ' + accessToken}
69-
},
70-
function (e, r, body) {
71-
if (r.statusCode !== 200) {
72-
console.log('Auth failure: ' + r.statusCode)
73-
74-
return cb(null)
75-
}
76-
let user = JSON.parse(body)
77-
let accountPromise = WIKI.models.users.processProfile({providerKey: providerKey,
78-
profile: {id: user.data.attributes.userId,
79-
email: user.data.attributes.userName + "@faforever.com",
80-
displayName: user.data.attributes.userName}})
81-
accountPromise.then(account => {
82-
cb(null, account)
83-
})
84-
}
85-
)
86-
}
87-
)
55+
new OpenIDConnectStrategy({
56+
authorizationURL: conf.authorizationURL,
57+
tokenURL: conf.tokenURL,
58+
clientID: conf.clientId,
59+
clientSecret: conf.clientSecret,
60+
issuer: conf.issuer,
61+
callbackURL: conf.callbackURL,
62+
passReqToCallback: true,
63+
skipUserProfile: true
64+
}, async (req, iss, profile, cb) => {
65+
try {
66+
const user = await WIKI.models.users.processProfile({
67+
providerKey: req.params.strategy,
68+
profile: {
69+
id: profile.id,
70+
username: profile.username,
71+
email: profile.username + '@faforever.com',
72+
}
73+
})
74+
cb(null, user)
75+
} catch (err) {
76+
cb(err, null)
77+
}
78+
})
8879
)
8980
},
9081
logout(conf) {

0 commit comments

Comments
 (0)