feat: authentication module refactor + added CAS module

fd8bf4db · NGPixel · 9e2f1caa · fd8bf4db · fd8bf4db · fd8bf4db
Commit fd8bf4db authored Jul 08, 2018 by NGPixel
32 changed files
--- a/package.json
+++ b/package.json
@@ -110,6 +110,7 @@
    "passport": "0.4.0",
    "passport-auth0": "0.6.1",
    "passport-azure-ad-oauth2": "0.0.4",
+    "passport-cas": "0.1.1",
    "passport-discord": "0.1.3",
    "passport-dropbox-oauth2": "1.1.0",
    "passport-facebook": "2.1.1",

--- a/server/core/auth.js
+++ b/server/core/auth.js
@@ -45,7 +45,7 @@ module.exports = {
        const stg = enabledStrategies[idx]
        if (!stg.isEnabled) { continue }

-        const strategy = require(`../modules/authentication/${stg.key}`)
+        const strategy = require(`../modules/authentication/${stg.key}/authentication.js`)

        stg.config.callbackURL = `${WIKI.config.host}/login/${stg.key}/callback` // TODO: config.host
        strategy.init(passport, stg.config)

--- a/server/db/models/authentication.js
+++ b/server/db/models/authentication.js
 const Model = require('objection').Model
-const autoload = require('auto-load')
+const fs = require('fs-extra')
 const path = require('path')
 const _ = require('lodash')
+const yaml = require('js-yaml')
+const commonHelper = require('../../helpers/common')

 /* global WIKI */

@@ -42,9 +44,17 @@ module.exports = class Authentication extends Model {
  static async refreshStrategiesFromDisk() {
    try {
      const dbStrategies = await WIKI.db.authentication.query()
-      const diskStrategies = autoload(path.join(WIKI.SERVERPATH, 'modules/authentication'))
+
+      // -> Fetch definitions from disk
+      const authDirs = await fs.readdir(path.join(WIKI.SERVERPATH, 'modules/authentication'))
+      let diskStrategies = []
+      for (let dir of authDirs) {
+        const def = await fs.readFile(path.join(WIKI.SERVERPATH, 'modules/authentication', dir, 'definition.yml'), 'utf8')
+        diskStrategies.push(yaml.safeLoad(def))
+      }
+
      let newStrategies = []
-      _.forOwn(diskStrategies, (strategy, strategyKey) => {
+      _.forEach(diskStrategies, strategy => {
        if (!_.some(dbStrategies, ['key', strategy.key])) {
          newStrategies.push({
            key: strategy.key,
@@ -54,8 +64,8 @@ module.exports = class Authentication extends Model {
            config: _.transform(strategy.props, (result, value, key) => {
              if (_.isPlainObject(value)) {
                let cfgValue = {
-                  type: typeof value.type(),
-                  value: !_.isNil(value.default) ? value.default : new value() // eslint-disable-line new-cap
+                  type: value.type.toLowerCase(),
+                  value: !_.isNil(value.default) ? value.default : commonHelper.getTypeDefaultValue(value.type)
                }
                if (_.isArray(value.enum)) {
                  cfgValue.enum = value.enum
@@ -63,8 +73,8 @@ module.exports = class Authentication extends Model {
                _.set(result, key, cfgValue)
              } else {
                _.set(result, key, {
-                  type: typeof value(),
-                  value: new value() // eslint-disable-line new-cap
+                  type: value.toLowerCase(),
+                  value: commonHelper.getTypeDefaultValue(value)
                })
              }
              return result

--- a/server/modules/authentication/auth0.js
+++ b/server/modules/authentication/auth0.js
@@ -7,14 +7,6 @@
 const Auth0Strategy = require('passport-auth0').Strategy

 module.exports = {
-  key: 'auth0',
-  title: 'Auth0',
-  useForm: false,
-  props: {
-    domain: String,
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('auth0',
      new Auth0Strategy({

--- a/server/modules/authentication/auth0/definition.yml
+++ b/server/modules/authentication/auth0/definition.yml
+key: auth0
+title: Auth0
+author: requarks.io
+useForm: false
+props:
+  domain: String
+  clientId: String
+  clientSecret: String
--- a/server/modules/authentication/azure.js
+++ b/server/modules/authentication/azure.js
@@ -7,21 +7,6 @@
 const AzureAdOAuth2Strategy = require('passport-azure-ad-oauth2').Strategy

 module.exports = {
-  key: 'azure',
-  title: 'Azure Active Directory',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String,
-    resource: {
-      type: String,
-      default: '00000002-0000-0000-c000-000000000000'
-    },
-    tenant: {
-      type: String,
-      default: 'YOUR_TENANT.onmicrosoft.com'
-    }
-  },
  init (passport, conf) {
    const jwt = require('jsonwebtoken')
    passport.use('azure_ad_oauth2',

--- a/server/modules/authentication/azure/definition.yml
+++ b/server/modules/authentication/azure/definition.yml
+key: azure
+title: Azure Active Directory
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
+  resource:
+    type: String,
+    default: '00000002-0000-0000-c000-000000000000'
+  tenant:
+    type: String,
+    default: YOUR_TENANT.onmicrosoft.com
--- a/server/modules/authentication/cas/authentication.js
+++ b/server/modules/authentication/cas/authentication.js
+/* global WIKI */
+
+// ------------------------------------
+// CAS Account
+// ------------------------------------
+
+const CASStrategy = require('passport-cas').Strategy
+
+module.exports = {
+  init (passport, conf) {
+    passport.use('cas',
+      new CASStrategy({
+        ssoBaseURL: conf.ssoBaseURL,
+        serverBaseURL: conf.serverBaseURL
+      }, (profile, cb) => {
+        WIKI.db.users.processProfile(profile).then((user) => {
+          return cb(null, user) || true
+        }).catch((err) => {
+          return cb(err, null) || true
+        })
+      }
+      ))
+  }
+}
--- a/server/modules/authentication/cas/definition.yml
+++ b/server/modules/authentication/cas/definition.yml
+key: cas
+title: CAS
+author: requarks.io
+useForm: false
+props:
+  ssoBaseURL: String
+  serverBaseURL: String
--- a/server/modules/authentication/discord.js
+++ b/server/modules/authentication/discord.js
@@ -7,13 +7,6 @@
 const DiscordStrategy = require('passport-discord').Strategy

 module.exports = {
-  key: 'discord',
-  title: 'Discord',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('discord',
      new DiscordStrategy({

--- a/server/modules/authentication/discord/definition.yml
+++ b/server/modules/authentication/discord/definition.yml
+key: discord
+title: Discord
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
--- a/server/modules/authentication/dropbox.js
+++ b/server/modules/authentication/dropbox.js
@@ -7,13 +7,6 @@
 const DropboxStrategy = require('passport-dropbox-oauth2').Strategy

 module.exports = {
-  key: 'dropbox',
-  title: 'Dropbox',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('dropbox',
      new DropboxStrategy({

--- a/server/modules/authentication/dropbox/definition.yml
+++ b/server/modules/authentication/dropbox/definition.yml
+key: dropbox
+title: Dropbox
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
--- a/server/modules/authentication/facebook.js
+++ b/server/modules/authentication/facebook.js
@@ -7,13 +7,6 @@
 const FacebookStrategy = require('passport-facebook').Strategy

 module.exports = {
-  key: 'facebook',
-  title: 'Facebook',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('facebook',
      new FacebookStrategy({

--- a/server/modules/authentication/facebook/definition.yml
+++ b/server/modules/authentication/facebook/definition.yml
+key: facebook
+title: Facebook
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
--- a/server/modules/authentication/github.js
+++ b/server/modules/authentication/github.js
@@ -7,13 +7,6 @@
 const GitHubStrategy = require('passport-github2').Strategy

 module.exports = {
-  key: 'github',
-  title: 'GitHub',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('github',
      new GitHubStrategy({

--- a/server/modules/authentication/github/definition.yml
+++ b/server/modules/authentication/github/definition.yml
+key: github
+title: GitHub
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
--- a/server/modules/authentication/google.js
+++ b/server/modules/authentication/google.js
@@ -7,13 +7,6 @@
 const GoogleStrategy = require('passport-google-oauth20').Strategy

 module.exports = {
-  key: 'google',
-  title: 'Google',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('google',
      new GoogleStrategy({

--- a/server/modules/authentication/google/definition.yml
+++ b/server/modules/authentication/google/definition.yml
+key: google
+title: Google
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
--- a/server/modules/authentication/ldap.js
+++ b/server/modules/authentication/ldap.js
@@ -8,33 +8,6 @@ const LdapStrategy = require('passport-ldapauth').Strategy
 const fs = require('fs')

 module.exports = {
-  key: 'ldap',
-  title: 'LDAP / Active Directory',
-  useForm: true,
-  props: {
-    url: {
-      type: String,
-      default: 'ldap://serverhost:389'
-    },
-    bindDn: {
-      type: String,
-      default: `cn='root'`
-    },
-    bindCredentials: String,
-    searchBase: {
-      type: String,
-      default: 'o=users,o=example.com'
-    },
-    searchFilter: {
-      type: String,
-      default: '(uid={{username}})'
-    },
-    tlsEnabled: {
-      type: Boolean,
-      default: false
-    },
-    tlsCertPath: String
-  },
  init (passport, conf) {
    passport.use('ldapauth',
      new LdapStrategy({

--- a/server/modules/authentication/ldap/definition.yml
+++ b/server/modules/authentication/ldap/definition.yml
+key: ldap
+title: LDAP / Active Directory
+author: requarks.io
+useForm: true
+props:
+  url:
+    type: String
+    default: 'ldap://serverhost:389'
+  bindDn:
+    type: String
+    default: cn='root'
+  bindCredentials: String
+  searchBase:
+    type: String
+    default: 'o=users,o=example.com'
+  searchFilter:
+    type: String
+    default: '(uid={{username}})'
+  tlsEnabled:
+    type: Boolean
+    default: false
+  tlsCertPath: String
--- a/server/modules/authentication/local.js
+++ b/server/modules/authentication/local.js
@@ -7,10 +7,6 @@
 const LocalStrategy = require('passport-local').Strategy

 module.exports = {
-  key: 'local',
-  title: 'Local',
-  useForm: true,
-  props: {},
  init (passport, conf) {
    passport.use('local',
      new LocalStrategy({

--- a/server/modules/authentication/local/definition.yml
+++ b/server/modules/authentication/local/definition.yml
+key: local
+title: Local
+author: requarks.io
+useForm: true
+props: {}
--- a/server/modules/authentication/microsoft.js
+++ b/server/modules/authentication/microsoft.js
@@ -7,13 +7,6 @@
 const WindowsLiveStrategy = require('passport-windowslive').Strategy

 module.exports = {
-  key: 'microsoft',
-  title: 'Microsoft Account',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('microsoft',
      new WindowsLiveStrategy({

--- a/server/modules/authentication/microsoft/definition.yml
+++ b/server/modules/authentication/microsoft/definition.yml
+key: microsoft
+title: Microsoft Account
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
--- a/server/modules/authentication/oauth2.js
+++ b/server/modules/authentication/oauth2.js
@@ -7,15 +7,6 @@
 const OAuth2Strategy = require('passport-oauth2').Strategy

 module.exports = {
-  key: 'oauth2',
-  title: 'OAuth2',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String,
-    authorizationURL: String,
-    tokenURL: String
-  },
  init (passport, conf) {
    passport.use('oauth2',
      new OAuth2Strategy({

--- a/server/modules/authentication/oauth2/definition.yml
+++ b/server/modules/authentication/oauth2/definition.yml
+key: oauth2
+title: OAuth2
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
+  authorizationURL: String
+  tokenURL: String
--- a/server/modules/authentication/slack.js
+++ b/server/modules/authentication/slack.js
@@ -7,13 +7,6 @@
 const SlackStrategy = require('passport-slack').Strategy

 module.exports = {
-  key: 'slack',
-  title: 'Slack',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('slack',
      new SlackStrategy({

--- a/server/modules/authentication/slack/definition.yml
+++ b/server/modules/authentication/slack/definition.yml
+key: slack
+title: Slack
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
--- a/server/modules/authentication/twitch.js
+++ b/server/modules/authentication/twitch.js
@@ -7,13 +7,6 @@
 const TwitchStrategy = require('passport-twitch').Strategy

 module.exports = {
-  key: 'twitch',
-  title: 'Twitch',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('twitch',
      new TwitchStrategy({

--- a/server/modules/authentication/twitch/definition.yml
+++ b/server/modules/authentication/twitch/definition.yml
+key: twitch
+title: Twitch
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
--- a/yarn.lock
+++ b/yarn.lock