feat: azure ad auth (wip)

9966a97b · Nick · 08fd1060 · 9966a97b · 9966a97b · 9966a97b
Commit 9966a97b authored Jul 20, 2019 by Nick
7 changed files
--- a/client/components/admin/admin-dashboard.vue
+++ b/client/components/admin/admin-dashboard.vue
@@ -52,7 +52,7 @@
            .subheading Wiki.js {{info.currentVersion}}
            .body-2(v-if='isLatestVersion') {{$t('admin:dashboard.versionLatest')}}
            .body-2(v-else) {{$t('admin:dashboard.versionNew', { version: info.latestVersion })}}
-      v-flex(xs12)
+      v-flex(xs12, xl6)
        v-card.radius-7
          v-card-title.subheading(:class='$vuetify.dark ? `grey darken-2` : `grey lighten-5`') Recent Pages
          v-data-table.pb-2(
@@ -69,7 +69,7 @@
              td.grey--text.text--darken-2(width='250')
                .caption: strong Updated {{ props.item.updatedAt | moment('from') }}
                .caption Created {{ props.item.createdAt | moment('calendar') }}
-      v-flex(xs12)
+      v-flex(xs12, xl6)
        v-card.radius-7
          v-card-title.subheading(:class='$vuetify.dark ? `grey darken-2` : `grey lighten-5`') Most Popular Pages
          v-data-table.pb-2(

--- a/client/components/admin/admin-users.vue
+++ b/client/components/admin/admin-users.vue
@@ -10,7 +10,7 @@
          v-spacer
          v-btn.animated.fadeInDown.wait-p2s(outline, color='grey', large, @click='refresh')
            v-icon refresh
-          v-btn.animated.fadeInDown(color='primary', large, depressed, @click='createUser', disabled)
+          v-btn.animated.fadeInDown(color='primary', large, depressed, @click='createUser')
            v-icon(left) add
            span New User
        v-card.wiki-form.mt-3.animated.fadeInUp

--- a/dev/build/Dockerfile
+++ b/dev/build/Dockerfile
 # ====================
 # --- Build Assets ---
 # ====================
-FROM node:10.15-alpine AS assets
+FROM node:10.16-alpine AS assets
 RUN apk add yarn g++ make python --no-cache
@@ -23,7 +23,7 @@ RUN yarn --production --frozen-lockfile --non-interactive
 # ===============
 # --- Release ---
 # ===============
-FROM node:10.15-alpine
+FROM node:10.16-alpine
 LABEL maintainer="requarks.io"
 RUN apk add bash curl git openssh gnupg sqlite --no-cache && \

--- a/package.json
+++ b/package.json
@@ -117,7 +117,7 @@
    "objection": "1.6.9",
    "passport": "0.4.0",
    "passport-auth0": "1.1.0",
-    "passport-azure-ad-oauth2": "0.0.4",
+    "passport-azure-ad": "4.1.0",
    "passport-cas": "0.1.1",
    "passport-discord": "0.1.3",
    "passport-dropbox-oauth2": "1.1.0",

--- a/server/modules/authentication/azure/authentication.js
+++ b/server/modules/authentication/azure/authentication.js
@@ -4,23 +4,21 @@
 // Azure AD Account
 // ------------------------------------
-const AzureAdOAuth2Strategy = require('passport-azure-ad-oauth2').Strategy
+const OIDCStrategy = require('passport-azure-ad').OIDCStrategy
 module.exports = {
  init (passport, conf) {
-    const jwt = require('jsonwebtoken')
+    passport.use('azure',
-    passport.use('azure_ad_oauth2',
+      new OIDCStrategy({
-      new AzureAdOAuth2Strategy({
+        identityMetadata: conf.entryPoint,
        clientID: conf.clientId,
-        clientSecret: conf.clientSecret,
+        redirectUrl: conf.callbackURL,
-        callbackURL: conf.callbackURL,
+        responseType: 'id_token',
-        resource: conf.resource,
+        responseMode: 'form_post',
-        tenant: conf.tenant
+        scope: ['profile', 'email', 'openid'],
-      }, (accessToken, refreshToken, params, profile, cb) => {
+        allowHttpForRedirectUrl: WIKI.IS_DEBUG
-        console.info(params, profile)
+      }, (iss, sub, profile, cb) => {
-        let waadProfile = jwt.decode(params.id_token)
+        console.info(iss, sub, profile)
-        waadProfile.id = waadProfile.oid
-        waadProfile.provider = 'azure'
        // WIKI.models.users.processProfile(waadProfile).then((user) => {
        //   return cb(null, user) || true
        // }).catch((err) => {

--- a/server/modules/authentication/azure/definition.yml
+++ b/server/modules/authentication/azure/definition.yml
@@ -5,14 +5,21 @@ author: requarks.io
 logo: https://static.requarks.io/logo/azure.svg
 color: blue darken-3
 website: https://azure.microsoft.com/services/active-directory/
-isAvailable: false
+isAvailable: true
 useForm: false
+scopes:
+  - profile
+  - email
+  - openid
 props:
-  clientId: String
+  entryPoint:
-  clientSecret: String
+    type: String
-  resource:
+    title: Identity Metadata Endpoint
-    type: String,
+    hint: The metadata endpoint provided by the Microsoft Identity Portal that provides the keys and other important information at runtime.
-    default: '00000002-0000-0000-c000-000000000000'
+    order: 1
-  tenant:
+  clientId:
-    type: String,
+    type: String
-    default: YOUR_TENANT.onmicrosoft.com
+    title: Client ID
+    hint: The client ID of your application in AAD (Azure Active Directory)
+    order: 2
--- a/yarn.lock
+++ b/yarn.lock