Tidy up OAuth, allow pulling properties from decoded JWT
This commit is contained in:
parent
67d0315917
commit
560ad6788c
|
@ -11,6 +11,7 @@
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@passport-js/passport-twitter": "^1.0.8",
|
"@passport-js/passport-twitter": "^1.0.8",
|
||||||
"coffeescript": "^2.4.1",
|
"coffeescript": "^2.4.1",
|
||||||
|
"jwt-decode": "^4.0.0",
|
||||||
"lodash": "^4.17.19",
|
"lodash": "^4.17.19",
|
||||||
"passport": "^0.3.2",
|
"passport": "^0.3.2",
|
||||||
"passport-github2": "^0.1.12",
|
"passport-github2": "^0.1.12",
|
||||||
|
@ -3907,6 +3908,14 @@
|
||||||
"integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==",
|
"integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==",
|
||||||
"dev": true
|
"dev": true
|
||||||
},
|
},
|
||||||
|
"node_modules/jwt-decode": {
|
||||||
|
"version": "4.0.0",
|
||||||
|
"resolved": "https://registry.npmjs.org/jwt-decode/-/jwt-decode-4.0.0.tgz",
|
||||||
|
"integrity": "sha512-+KJGIyHgkGuIq3IEBNftfhW/LfWhXUIY6OmyVWjliu5KH1y0fw7VQ8YndE2O4qZdMSd9SqbnC8GOcZEy0Om7sA==",
|
||||||
|
"engines": {
|
||||||
|
"node": ">=18"
|
||||||
|
}
|
||||||
|
},
|
||||||
"node_modules/lodash": {
|
"node_modules/lodash": {
|
||||||
"version": "4.17.21",
|
"version": "4.17.21",
|
||||||
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
|
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
|
||||||
|
|
|
@ -7,6 +7,7 @@
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@passport-js/passport-twitter": "^1.0.8",
|
"@passport-js/passport-twitter": "^1.0.8",
|
||||||
"coffeescript": "^2.4.1",
|
"coffeescript": "^2.4.1",
|
||||||
|
"jwt-decode": "^4.0.0",
|
||||||
"lodash": "^4.17.19",
|
"lodash": "^4.17.19",
|
||||||
"passport": "^0.3.2",
|
"passport": "^0.3.2",
|
||||||
"passport-github2": "^0.1.12",
|
"passport-github2": "^0.1.12",
|
||||||
|
|
|
@ -17,6 +17,8 @@ url = require 'url'
|
||||||
_ = require 'lodash'
|
_ = require 'lodash'
|
||||||
glob = require 'glob'
|
glob = require 'glob'
|
||||||
|
|
||||||
|
{ jwtDecode } = require('jwt-decode');
|
||||||
|
|
||||||
passport = require('passport')
|
passport = require('passport')
|
||||||
|
|
||||||
# Export a function that generates security handler
|
# Export a function that generates security handler
|
||||||
|
@ -51,10 +53,6 @@ module.exports = exports = (log, loga, argv) ->
|
||||||
callbackHost = callbackHost + ":" + url.parse(argv.url).port
|
callbackHost = callbackHost + ":" + url.parse(argv.url).port
|
||||||
else
|
else
|
||||||
callbackHost = url.parse(argv.url).host
|
callbackHost = url.parse(argv.url).host
|
||||||
if argv.oauth2_CallbackPort?
|
|
||||||
callbackHost = callbackHost + ":" + argv.oauth2_CallbackPort
|
|
||||||
|
|
||||||
console.log "callbackHost", callbackHost
|
|
||||||
|
|
||||||
ids = []
|
ids = []
|
||||||
|
|
||||||
|
@ -136,7 +134,7 @@ module.exports = exports = (log, loga, argv) ->
|
||||||
return false
|
return false
|
||||||
|
|
||||||
switch idProvider
|
switch idProvider
|
||||||
when "github", "google", "twitter", "oauth2"
|
when "github", "google", "twitter", 'oauth2'
|
||||||
if _.isEqual(admin[idProvider], req.session.passport.user[idProvider].id)
|
if _.isEqual(admin[idProvider], req.session.passport.user[idProvider].id)
|
||||||
return true
|
return true
|
||||||
else
|
else
|
||||||
|
@ -166,13 +164,10 @@ module.exports = exports = (log, loga, argv) ->
|
||||||
OAuth2Strategy = require('passport-oauth2').Strategy
|
OAuth2Strategy = require('passport-oauth2').Strategy
|
||||||
|
|
||||||
oauth2StrategyName = callbackHost + 'OAuth'
|
oauth2StrategyName = callbackHost + 'OAuth'
|
||||||
console.log "callbackHost", callbackHost
|
|
||||||
|
|
||||||
if argv.oauth2_UserInfoURL?
|
if argv.oauth2_UserInfoURL?
|
||||||
OAuth2Strategy::userProfile = (accesstoken, done) ->
|
OAuth2Strategy::userProfile = (accesstoken, done) ->
|
||||||
@_oauth2._request "GET", argv.oauth2_UserInfoURL, null, null, accesstoken, (err, data) ->
|
@_oauth2._request "GET", argv.oauth2_UserInfoURL, null, null, accesstoken, (err, data) ->
|
||||||
console.log "data", data
|
|
||||||
console.log "err", err
|
|
||||||
if err
|
if err
|
||||||
return done err
|
return done err
|
||||||
try
|
try
|
||||||
|
@ -191,6 +186,8 @@ module.exports = exports = (log, loga, argv) ->
|
||||||
userInfoURL: argv.oauth2_UserInfoURL
|
userInfoURL: argv.oauth2_UserInfoURL
|
||||||
}, (accessToken, refreshToken, params, profile, cb) ->
|
}, (accessToken, refreshToken, params, profile, cb) ->
|
||||||
|
|
||||||
|
token = jwtDecode(accessToken)
|
||||||
|
|
||||||
extractUserInfo = (uiParam, uiDef) ->
|
extractUserInfo = (uiParam, uiDef) ->
|
||||||
uiPath = ''
|
uiPath = ''
|
||||||
if typeof uiParam == 'undefined' then (uiPath = uiDef) else (uiPath = uiParam)
|
if typeof uiParam == 'undefined' then (uiPath = uiDef) else (uiPath = uiParam)
|
||||||
|
@ -198,6 +195,8 @@ module.exports = exports = (log, loga, argv) ->
|
||||||
sParts = uiPath.split('.')
|
sParts = uiPath.split('.')
|
||||||
sFrom = sParts.shift()
|
sFrom = sParts.shift()
|
||||||
switch sFrom
|
switch sFrom
|
||||||
|
when "token"
|
||||||
|
obj = token
|
||||||
when "params"
|
when "params"
|
||||||
obj = params
|
obj = params
|
||||||
when "profile"
|
when "profile"
|
||||||
|
@ -210,10 +209,6 @@ module.exports = exports = (log, loga, argv) ->
|
||||||
obj = obj[sParts.shift()]
|
obj = obj[sParts.shift()]
|
||||||
return obj
|
return obj
|
||||||
|
|
||||||
console.log("accessToken", accessToken)
|
|
||||||
console.log("refreshToken", refreshToken)
|
|
||||||
console.log("params", params)
|
|
||||||
console.log("profile", profile)
|
|
||||||
if argv.oauth2_UsernameField?
|
if argv.oauth2_UsernameField?
|
||||||
username_query = argv.oauth2_UsernameField
|
username_query = argv.oauth2_UsernameField
|
||||||
else
|
else
|
||||||
|
|
Loading…
Reference in New Issue