Automatic openid

This commit is contained in:
9p4 2023-01-24 16:48:49 -05:00
parent 30fa6b0cff
commit fcec4585f8
No known key found for this signature in database
GPG key ID: 856544207C7E3E16
3 changed files with 10 additions and 4 deletions

View file

@ -29,6 +29,7 @@ socket.on("auth:failed", async function () {
socket.on("auth:start", async function (data) {
const serverHash = data.serverHash;
const openidEnabled = data.openidEnabled;
const openidInit = data.openidInit;
// If we reconnected and serverHash differs, that means the server restarted
// And we will reload the page to grab the latest version
if (lastServerHash && serverHash !== lastServerHash) {
@ -75,10 +76,11 @@ socket.on("auth:start", async function (data) {
openChannel,
hasConfig: store.state.serverConfiguration !== null,
});
} else if (openidEnabled) {
// TODO: OpenID check for parameters before sending
} else if (openidEnabled && window.location.search.includes("code=")) {
socket.emit("auth:perform", {user: "", password: window.location.href});
window.history.replaceState({}, document.title, "/");
} else if (openidEnabled) {
window.location.replace(openidInit);
} else {
await showSignIn();
}

View file

@ -76,6 +76,8 @@ var issuer: Issuer;
var openidClient: BaseClient;
var issuerURL: string;
let manager: ClientManager | null = null;
export default async function (
@ -125,6 +127,7 @@ export default async function (
code_challenge_method: "S256",
});
log.info(redirectUrl);
issuerURL = redirectUrl;
if (Config.values.fileUpload.enable) {
Uploader.router(app);
@ -272,6 +275,7 @@ export default async function (
socket.emit("auth:start", {
serverHash,
openidEnabled: Config.values.openid.enable && !Config.values.public,
openidInit: issuerURL,
});
}
});
@ -1041,7 +1045,6 @@ async function performAuthentication(this: Socket, data) {
}
if (Config.values.openid.enable) {
log.info(data.password);
// TODO: OpenID handle error if data.password is invalid
try {
const tokenSet = await openidClient.callback(
@ -1054,6 +1057,7 @@ async function performAuthentication(this: Socket, data) {
const userinfo = await openidClient.userinfo(tokenSet);
data.user = userinfo[Config.values.openid.usernameClaim];
} catch (e) {
// Guaranteed to fail, probably
data.user = "";
data.password = "";
}

View file

@ -19,7 +19,7 @@ type Session = {
interface ServerToClientEvents {
"auth:failed": () => void;
"auth:start": (data: {serverHash: number; openidEnabled}) => void;
"auth:start": (data: {serverHash: number; openidEnabled; openidInit: string}) => void;
"auth:success": () => void;
"upload:auth": (token: string) => void;