coop-cloud-chaos-patchs/outline
coop-cloud-chaos-patchs/outline
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2022-08-14. You can view files and clone it, but cannot push or open issues or pull requests.
outline/server/middlewares/passport.js
Tom Moor 83a61b87ed
feat: Normalized server logging (#2567) 
* feat: Normalize logging

* Remove scattered console.error + Sentry.captureException

* Remove mention of debug

* cleanup dev output

* Edge cases, docs

* Refactor: Move logger, metrics, sentry under 'logging' folder.
Trying to reduce the amount of things under generic 'utils'

* cleanup, last few console calls
2021-09-14 18:04:35 -07:00

66 lines
2.3 KiB
JavaScript
Raw Blame History

// @flow
import passport from "@outlinewiki/koa-passport";
import { type Context } from "koa";
import type { AccountProvisionerResult } from "../commands/accountProvisioner";
import Logger from "../logging/logger";
import { signIn } from "../utils/authentication";
export default function createMiddleware(providerName: string) {
return function passportMiddleware(ctx: Context) {
return passport.authorize(
providerName,
{ session: false },
async (err, user, result: AccountProvisionerResult) => {
if (err) {
Logger.error("Error during authentication", err);
if (err.id) {
const notice = err.id.replace(/_/g, "-");
return ctx.redirect(`${err.redirectUrl || "/"}?notice=${notice}`);
}
if (process.env.NODE_ENV === "development") {
throw err;
}
return ctx.redirect(`/?notice=auth-error`);
}
// Passport.js may invoke this callback with err=null and user=null in
// the event that error=access_denied is received from the OAuth server.
// I'm not sure why this exception to the rule exists, but it does:
// https://github.com/jaredhanson/passport-oauth2/blob/e20f26aad60ed54f0e7952928cbb64979ef8da2b/lib/strategy.js#L135
if (!user) {
return ctx.redirect(`/?notice=auth-error`);
}
// Handle errors from Azure which come in the format: message, Trace ID,
// Correlation ID, Timestamp in these two query string parameters.
const { error, error_description } = ctx.request.query;
if (error && error_description) {
Logger.error(
"Error from Azure during authentication",
new Error(error_description)
);
// Display only the descriptive message to the user, log the rest
const description = error_description.split("Trace ID")[0];
return ctx.redirect(`/?notice=auth-error&description=${description}`);
}
if (result.user.isSuspended) {
return ctx.redirect("/?notice=suspended");
}
await signIn(
ctx,
result.user,
result.team,
providerName,
result.isNewUser,
result.isNewTeam
);
}
)(ctx);
};
}
Reference in New Issue View Git Blame Copy Permalink