feat: oauth2 provider

8e7c76b4 · NGPixel · 62baf5f0 · 8e7c76b4 · 8e7c76b4 · 8e7c76b4
Commit 8e7c76b4 authored Jan 11, 2018 by NGPixel
Hide whitespace changes
Inline Side-by-side

Showing with 30 additions and 1 deletion

config.sample.yml config.sample.yml +6 -0

package.json package.json +1 -1

auth.js server/controllers/auth.js +2 -0

auth.js server/libs/auth.js +21 -0

No files found.
--- a/config.sample.yml
+++ b/config.sample.yml
@@ -97,6 +97,12 @@ auth:
    clientSecret: APP_SECRET_KEY
    resource: '00000002-0000-0000-c000-000000000000'
    tenant: 'YOUR_TENANT.onmicrosoft.com'
+  oauth2:
+    enabled: false
+    clientId: OAUTH2_CLIENT_ID
+    clientSecret: OAUTH2_CLIENT_SECRET
+    authorizationURL: OAUTH2_AUTH_URL
+    tokenURL: OAUTH2_TOKEN_URL

 # ---------------------------------------------------------------------
 # Secret key to use when encrypting sessions

--- a/package.json
+++ b/package.json
 {
  "name": "wiki",
-  "version": "1.0.12",
+  "version": "1.0.0",
  "description": "A modern, lightweight and powerful wiki app built on NodeJS, Git and Markdown",
  "main": "wiki.js",
  "scripts": {

--- a/server/controllers/auth.js
+++ b/server/controllers/auth.js
@@ -97,6 +97,7 @@ router.get('/login/facebook', passport.authenticate('facebook', { scope: ['publi
 router.get('/login/github', passport.authenticate('github', { scope: ['user:email'] }))
 router.get('/login/slack', passport.authenticate('slack', { scope: ['identity.basic', 'identity.email'] }))
 router.get('/login/azure', passport.authenticate('azure_ad_oauth2'))
+router.get('/login/oauth2', passport.authenticate('oauth2'))

 router.get('/login/ms/callback', passport.authenticate('windowslive', { failureRedirect: '/login', successRedirect: '/' }))
 router.get('/login/google/callback', passport.authenticate('google', { failureRedirect: '/login', successRedirect: '/' }))
@@ -104,6 +105,7 @@ router.get('/login/facebook/callback', passport.authenticate('facebook', { failu
 router.get('/login/github/callback', passport.authenticate('github', { failureRedirect: '/login', successRedirect: '/' }))
 router.get('/login/slack/callback', passport.authenticate('slack', { failureRedirect: '/login', successRedirect: '/' }))
 router.get('/login/azure/callback', passport.authenticate('azure_ad_oauth2', { failureRedirect: '/login', successRedirect: '/' }))
+router.get('/login/oauth2/callback', passport.authenticate('oauth2', { failureRedirect: '/login', successRedirect: '/' }))

 /**
 * Logout

--- a/server/libs/auth.js
+++ b/server/libs/auth.js
@@ -205,6 +205,27 @@ module.exports = function (passport) {
      ))
  }

+  // OAuth 2
+
+  if (appconfig.auth.oauth2 && appconfig.auth.oauth2.enabled) {
+    const OAuth2Strategy = require('passport-oauth2').Strategy
+    passport.use('oauth2',
+      new OAuth2Strategy({
+        authorizationURL: appconfig.auth.oauth2.authorizationURL,
+        tokenURL: appconfig.auth.oauth2.tokenURL,
+        clientID: appconfig.auth.oauth2.clientId,
+        clientSecret: appconfig.auth.oauth2.clientSecret,
+        callbackURL: appconfig.host + '/login/oauth2/callback'
+      }, (accessToken, refreshToken, profile, cb) => {
+        db.User.processProfile(profile).then((user) => {
+          return cb(null, user) || true
+        }).catch((err) => {
+          return cb(err, null) || true
+        })
+      }
+      ))
+  }
+
  // Create users for first-time

  db.onReady.then(() => {