Browse Source

feat: Generic OAuth2 authentication implementation (#3094)

* OAuth2 authentication implementation

This PR shoul fix #2392. Used `passport-oauth2` strategy.

* indentations cleanup

* cleanup code
pull/4604/head
Artur Shaik 3 years ago
committed by GitHub
parent
commit
87084c66b0
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 109 additions and 0 deletions
  1. 54
      server/modules/authentication/oauth2/authentication.js
  2. 55
      server/modules/authentication/oauth2/definition.yml

54
server/modules/authentication/oauth2/authentication.js

@ -0,0 +1,54 @@
const _ = require('lodash')
/* global WIKI */
// ------------------------------------
// OAuth2 Connect Account
// ------------------------------------
const OAuth2Strategy = require('passport-oauth2').Strategy
module.exports = {
init (passport, conf) {
var client = new OAuth2Strategy({
authorizationURL: conf.authorizationURL,
tokenURL: conf.tokenURL,
clientID: conf.clientId,
clientSecret: conf.clientSecret,
userInfoURL: conf.userInfoURL,
callbackURL: conf.callbackURL,
passReqToCallback: true,
}, async (req, accessToken, refreshToken, profile, cb) => {
try {
const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: {
...profile,
id: _.get(profile, conf.userId),
displayName: _.get(profile, conf.displayName, ''),
email: _.get(profile, conf.emailClaim)
}
})
cb(null, user)
} catch (err) {
cb(err, null)
}
})
client.userProfile = function (accesstoken, done) {
this._oauth2._useAuthorizationHeaderForGET = true;
this._oauth2.get(conf.userInfoURL, accesstoken, (err, data) => {
if (err) {
return done(err)
}
try {
data = JSON.parse(data)
} catch(e) {
return done(e)
}
done(null, data)
})
}
passport.use('oauth2', client)
}
}

55
server/modules/authentication/oauth2/definition.yml

@ -0,0 +1,55 @@
key: oauth2
title: OAuth2
description: OAuth 2.0 protocol.
author: requarks.io
logo: https://static.requarks.io/logo/oauth2.svg
color: blue-grey darken-2
website: https://oauth.net/2/
isAvailable: true
useForm: false
props:
clientId:
type: String
title: Client ID
hint: Application Client ID
order: 1
clientSecret:
type: String
title: Client Secret
hint: Application Client Secret
order: 2
authorizationURL:
type: String
title: Authorization Endpoint URL
hint: Application Authorization Endpoint URL
order: 3
tokenURL:
type: String
title: Token Endpoint URL
hint: Application Token Endpoint URL
order: 4
userInfoURL:
type: String
title: User Info Endpoint URL
hint: User Info Endpoint URL
order: 5
userId:
type: String
title: ID
hint: User ID
default: id
order: 6
displayName:
type: String
title: Display Name
hint: Field containing display name
default: displayName
maxWidth: 500
order: 7
emailClaim:
type: String
title: Email Claim
hint: Field containing the email address
default: email
maxWidth: 500
order: 8
Loading…
Cancel
Save