Home Explore Help
Sign In
mirrors
/
wikijs
mirror of https://github.com/Requarks/wiki.git
2
0
Fork 0
Files Issues 0 Wiki
Tree: 1da80eaab8
Branches Tags
wikijs
/
server
/
modules
/
authentication
/
oauth2
/
authentication.js

authentication.js 2.3 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576 
  1. const _ = require('lodash')
    2. 

  2. 

  3. /* global WIKI */
    4. 

  4. 

  5. // ------------------------------------
    6. 

  6. // OAuth2 Account
    7. 

  7. // ------------------------------------
    8. 

  8. 

  9. const OAuth2Strategy = require('passport-oauth2').Strategy
    10. 

  10. 

  11. module.exports = {
    12. 

  12.   init (passport, conf) {
    13. 

  13.     var client = new OAuth2Strategy({
    14. 

  14.       authorizationURL: conf.authorizationURL,
    15. 

  15.       tokenURL: conf.tokenURL,
    16. 

  16.       clientID: conf.clientId,
    17. 

  17.       clientSecret: conf.clientSecret,
    18. 

  18.       userInfoURL: conf.userInfoURL,
    19. 

  19.       callbackURL: conf.callbackURL,
    20. 

  20.       passReqToCallback: true,
    21. 

  21.       scope: conf.scope,
    22. 

  22.       state: conf.enableCSRFProtection
    23. 

  23.     }, async (req, accessToken, refreshToken, profile, cb) => {
    24. 

  24.       try {
    25. 

  25.         const user = await WIKI.models.users.processProfile({
    26. 

  26.           providerKey: req.params.strategy,
    27. 

  27.           profile: {
    28. 

  28.             ...profile,
    29. 

  29.             id: _.get(profile, conf.userIdClaim),
    30. 

  30.             displayName: _.get(profile, conf.displayNameClaim, '???'),
    31. 

  31.             email: _.get(profile, conf.emailClaim)
    32. 

  32.           }
    33. 

  33.         })
    34. 

  34.         if (conf.mapGroups) {
    35. 

  35.           const groups = _.get(profile, conf.groupsClaim)
    36. 

  36.           if (groups && _.isArray(groups)) {
    37. 

  37.             const currentGroups = (await user.$relatedQuery('groups').select('groups.id')).map(g => g.id)
    38. 

  38.             const expectedGroups = Object.values(WIKI.auth.groups).filter(g => groups.includes(g.name)).map(g => g.id)
    39. 

  39.             for (const groupId of _.difference(expectedGroups, currentGroups)) {
    40. 

  40.               await user.$relatedQuery('groups').relate(groupId)
    41. 

  41.             }
    42. 

  42.             for (const groupId of _.difference(currentGroups, expectedGroups)) {
    43. 

  43.               await user.$relatedQuery('groups').unrelate().where('groupId', groupId)
    44. 

  44.             }
    45. 

  45.           }
    46. 

  46.         }
    47. 

  47.         cb(null, user)
    48. 

  48.       } catch (err) {
    49. 

  49.         cb(err, null)
    50. 

  50.       }
    51. 

  51.     })
    52. 

  52. 

  53.     client.userProfile = function (accesstoken, done) {
    54. 

  54.       this._oauth2._useAuthorizationHeaderForGET = !conf.useQueryStringForAccessToken
    55. 

  55.       this._oauth2.get(conf.userInfoURL, accesstoken, (err, data) => {
    56. 

  56.         if (err) {
    57. 

  57.           return done(err)
    58. 

  58.         }
    59. 

  59.         try {
    60. 

  60.           data = JSON.parse(data)
    61. 

  61.         } catch (e) {
    62. 

  62.           return done(e)
    63. 

  63.         }
    64. 

  64.         done(null, data)
    65. 

  65.       })
    66. 

  66.     }
    67. 

  67.     passport.use(conf.key, client)
    68. 

  68.   },
    69. 

  69.   logout (conf) {
    70. 

  70.     if (!conf.logoutURL) {
    71. 

  71.       return '/'
    72. 

  72.     } else {
    73. 

  73.       return conf.logoutURL
    74. 

  74.     }
    75. 

  75.   }
    76. 

  76. }
    77.