mirror of
https://github.com/thelounge/thelounge.git
synced 2024-06-15 20:15:11 +02:00
Automatic openid
This commit is contained in:
parent
30fa6b0cff
commit
fcec4585f8
|
@ -29,6 +29,7 @@ socket.on("auth:failed", async function () {
|
|||
socket.on("auth:start", async function (data) {
|
||||
const serverHash = data.serverHash;
|
||||
const openidEnabled = data.openidEnabled;
|
||||
const openidInit = data.openidInit;
|
||||
// If we reconnected and serverHash differs, that means the server restarted
|
||||
// And we will reload the page to grab the latest version
|
||||
if (lastServerHash && serverHash !== lastServerHash) {
|
||||
|
@ -75,10 +76,11 @@ socket.on("auth:start", async function (data) {
|
|||
openChannel,
|
||||
hasConfig: store.state.serverConfiguration !== null,
|
||||
});
|
||||
} else if (openidEnabled) {
|
||||
// TODO: OpenID check for parameters before sending
|
||||
} else if (openidEnabled && window.location.search.includes("code=")) {
|
||||
socket.emit("auth:perform", {user: "", password: window.location.href});
|
||||
window.history.replaceState({}, document.title, "/");
|
||||
} else if (openidEnabled) {
|
||||
window.location.replace(openidInit);
|
||||
} else {
|
||||
await showSignIn();
|
||||
}
|
||||
|
|
|
@ -76,6 +76,8 @@ var issuer: Issuer;
|
|||
|
||||
var openidClient: BaseClient;
|
||||
|
||||
var issuerURL: string;
|
||||
|
||||
let manager: ClientManager | null = null;
|
||||
|
||||
export default async function (
|
||||
|
@ -125,6 +127,7 @@ export default async function (
|
|||
code_challenge_method: "S256",
|
||||
});
|
||||
log.info(redirectUrl);
|
||||
issuerURL = redirectUrl;
|
||||
|
||||
if (Config.values.fileUpload.enable) {
|
||||
Uploader.router(app);
|
||||
|
@ -272,6 +275,7 @@ export default async function (
|
|||
socket.emit("auth:start", {
|
||||
serverHash,
|
||||
openidEnabled: Config.values.openid.enable && !Config.values.public,
|
||||
openidInit: issuerURL,
|
||||
});
|
||||
}
|
||||
});
|
||||
|
@ -1041,7 +1045,6 @@ async function performAuthentication(this: Socket, data) {
|
|||
}
|
||||
|
||||
if (Config.values.openid.enable) {
|
||||
log.info(data.password);
|
||||
// TODO: OpenID handle error if data.password is invalid
|
||||
try {
|
||||
const tokenSet = await openidClient.callback(
|
||||
|
@ -1054,6 +1057,7 @@ async function performAuthentication(this: Socket, data) {
|
|||
const userinfo = await openidClient.userinfo(tokenSet);
|
||||
data.user = userinfo[Config.values.openid.usernameClaim];
|
||||
} catch (e) {
|
||||
// Guaranteed to fail, probably
|
||||
data.user = "";
|
||||
data.password = "";
|
||||
}
|
||||
|
|
2
server/types/socket-events.d.ts
vendored
2
server/types/socket-events.d.ts
vendored
|
@ -19,7 +19,7 @@ type Session = {
|
|||
|
||||
interface ServerToClientEvents {
|
||||
"auth:failed": () => void;
|
||||
"auth:start": (data: {serverHash: number; openidEnabled}) => void;
|
||||
"auth:start": (data: {serverHash: number; openidEnabled; openidInit: string}) => void;
|
||||
"auth:success": () => void;
|
||||
|
||||
"upload:auth": (token: string) => void;
|
||||
|
|
Loading…
Reference in a new issue