Strona główna Odkrywaj Pomoc
Zaloguj się
mirrors
/
wikijs
kopia lustrzana https://github.com/Requarks/wiki.git
2
0
Forkuj 0
Pliki Problemy 0 Wiki
Przeglądaj źródła

fix: handle removed auth strategies

NGPixel 4 lat temu
rodzic
e319355017
commit
4dcf664040
4 zmienionych plików z 43 dodań i 98 usunięć
Widok podzielony Pokaż statystyki zmian
  1. 5 0
      server/models/authentication.js
  2. 0 32
      server/modules/authentication/oauth2/authentication.js
  3. 0 58
      server/modules/authentication/oauth2/definition.yml
  4. 38 8
      server/modules/authentication/oidc/definition.yml

+ 5 - 0
server/models/authentication.js
Wyświetl plik 

@@ -93,6 +93,11 @@ module.exports = class Authentication extends Model {
 
 
       for (const strategy of dbStrategies) {
 
         const strategyDef = _.find(WIKI.data.authentication, ['key', strategy.strategyKey])
 
+        if (!strategyDef) {
 
+          await WIKI.models.authentication.query().delete().where('key', strategy.key)
 
+          WIKI.logger.info(`Authentication strategy ${strategy.strategyKey} was removed from disk: [ REMOVED ]`)
 
+          continue
 
+        }
 
         strategy.config = _.transform(strategyDef.props, (result, value, key) => {
 
           if (!_.has(result, key)) {
 
             _.set(result, key, value.default)

+ 0 - 32
server/modules/authentication/oauth2/authentication.js
Wyświetl plik 

@@ -1,32 +0,0 @@
 
-/* global WIKI */
 
-
 
-// ------------------------------------
 
-// OAuth2 Account
 
-// ------------------------------------
 
-
 
-const OAuth2Strategy = require('passport-oauth2').Strategy
 
-
 
-module.exports = {
 
-  init (passport, conf) {
 
-    passport.use('oauth2',
 
-      new OAuth2Strategy({
 
-        authorizationURL: conf.authorizationURL,
 
-        tokenURL: conf.tokenURL,
 
-        clientID: conf.clientId,
 
-        clientSecret: conf.clientSecret,
 
-        callbackURL: conf.callbackURL,
 
-        passReqToCallback: true
 
-      }, async (req, accessToken, refreshToken, profile, cb) => {
 
-        try {
 
-          const user = await WIKI.models.users.processProfile({
 
-            providerKey: req.params.strategy,
 
-            profile
 
-          })
 
-          cb(null, user)
 
-        } catch (err) {
 
-          cb(err, null)
 
-        }
 
-      })
 
-    )
 
-  }
 
-}

+ 0 - 58
server/modules/authentication/oauth2/definition.yml
Wyświetl plik 

@@ -1,58 +0,0 @@
 
-key: oauth2
 
-title: Generic OAuth2
 
-description: OAuth 2 is an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service.
 
-author: requarks.io
 
-logo: https://static.requarks.io/logo/oauth2.svg
 
-color: grey darken-4
 
-website: https://oauth.net/2/
 
-isAvailable: true
 
-useForm: false
 
-props:
 
-  clientId:
 
-    type: String
 
-    title: Client ID
 
-    hint: Application Client ID
 
-    order: 1
 
-  clientSecret:
 
-    type: String
 
-    title: Client Secret
 
-    hint: Application Client Secret
 
-    order: 2
 
-  authorizationURL:
 
-    type: String
 
-    title: Authorization Endpoint URL
 
-    hint: The full URL to the authorization endpoint, used to get an authorization code.
 
-    order: 3
 
-  tokenURL:
 
-    type: String
 
-    title: Token Endpoint URL
 
-    hint: The full URL to the token endpoint, used to get an access token.
 
-    order: 4
 
-  mappingUID:
 
-    title: Unique ID Field Mapping
 
-    type: String
 
-    default: 'id'
 
-    hint: The field storing the user unique identifier, e.g. "id" or "_id".
 
-    maxWidth: 500
 
-    order: 20
 
-  mappingEmail:
 
-    title: Email Field Mapping
 
-    type: String
 
-    default: 'email'
 
-    hint: The field storing the user email, e.g. "email" or "mail".
 
-    maxWidth: 500
 
-    order: 21
 
-  mappingDisplayName:
 
-    title: Display Name Field Mapping
 
-    type: String
 
-    default: 'name'
 
-    hint: The field storing the user display name, e.g. "name", "displayName" or "username".
 
-    maxWidth: 500
 
-    order: 22
 
-  mappingPicture:
 
-    title: Avatar Picture Field Mapping
 
-    type: String
 
-    default: 'pictureUrl'
 
-    hint: The field storing the user avatar picture, e.g. "pictureUrl" or "avatarUrl".
 
-    maxWidth: 500
 
-    order: 23

+ 38 - 8
server/modules/authentication/oidc/definition.yml
Wyświetl plik 

@@ -1,5 +1,5 @@
 
 key: oidc
 
-title: Generic OpenID Connect
 
+title: Generic OpenID Connect / OAuth2
 
 description: OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol.
 
 author: requarks.io
 
 logo: https://static.requarks.io/logo/oidc.svg
 
@@ -12,10 +12,40 @@ scopes:
 
   - profile
 
   - email
 
 props:
 
-  clientId: String
 
-  clientSecret: String
 
-  authorizationURL: String
 
-  tokenURL: String
 
-  issuer: String
 
-  userInfoURL: String
 
-  emailClaim: String
 
+  clientId:
 
+    type: String
 
+    title: Client ID
 
+    hint: Application Client ID
 
+    order: 1
 
+  clientSecret:
 
+    type: String
 
+    title: Client Secret
 
+    hint: Application Client Secret
 
+    order: 2
 
+  authorizationURL:
 
+    type: String
 
+    title: Authorization Endpoint URL
 
+    hint: Application Authorization Endpoint URL
 
+    order: 3
 
+  tokenURL:
 
+    type: String
 
+    title: Token Endpoint URL
 
+    hint: Application Token Endpoint URL
 
+    order: 4
 
+  userInfoURL:
 
+    type: String
 
+    title: User Info Endpoint URL
 
+    hint: User Info Endpoint URL
 
+    order: 5
 
+  issuer:
 
+    type: String
 
+    title: Issuer
 
+    hint: Issuer URL
 
+    order: 6
 
+  emailClaim:
 
+    type: String
 
+    title: Email Claim
 
+    hint: Field containing the email address
 
+    default: email
 
+    maxWidth: 500
 
+    order: 7