diff --git a/config.sample.yml b/config.sample.yml index 2462b1eb..62e1a5c7 100644 --- a/config.sample.yml +++ b/config.sample.yml @@ -97,6 +97,12 @@ auth: clientSecret: APP_SECRET_KEY resource: '00000002-0000-0000-c000-000000000000' tenant: 'YOUR_TENANT.onmicrosoft.com' + oauth2: + enabled: false + clientId: OAUTH2_CLIENT_ID + clientSecret: OAUTH2_CLIENT_SECRET + authorizationURL: OAUTH2_AUTH_URL + tokenURL: OAUTH2_TOKEN_URL # --------------------------------------------------------------------- # Secret key to use when encrypting sessions diff --git a/package.json b/package.json index 7a9cf9f1..9fd7687d 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "wiki", - "version": "1.0.12", + "version": "1.0.0", "description": "A modern, lightweight and powerful wiki app built on NodeJS, Git and Markdown", "main": "wiki.js", "scripts": { diff --git a/server/controllers/auth.js b/server/controllers/auth.js index b513470e..463fd9a1 100644 --- a/server/controllers/auth.js +++ b/server/controllers/auth.js @@ -97,6 +97,7 @@ router.get('/login/facebook', passport.authenticate('facebook', { scope: ['publi router.get('/login/github', passport.authenticate('github', { scope: ['user:email'] })) router.get('/login/slack', passport.authenticate('slack', { scope: ['identity.basic', 'identity.email'] })) router.get('/login/azure', passport.authenticate('azure_ad_oauth2')) +router.get('/login/oauth2', passport.authenticate('oauth2')) router.get('/login/ms/callback', passport.authenticate('windowslive', { failureRedirect: '/login', successRedirect: '/' })) router.get('/login/google/callback', passport.authenticate('google', { failureRedirect: '/login', successRedirect: '/' })) @@ -104,6 +105,7 @@ router.get('/login/facebook/callback', passport.authenticate('facebook', { failu router.get('/login/github/callback', passport.authenticate('github', { failureRedirect: '/login', successRedirect: '/' })) router.get('/login/slack/callback', passport.authenticate('slack', { failureRedirect: '/login', successRedirect: '/' })) router.get('/login/azure/callback', passport.authenticate('azure_ad_oauth2', { failureRedirect: '/login', successRedirect: '/' })) +router.get('/login/oauth2/callback', passport.authenticate('oauth2', { failureRedirect: '/login', successRedirect: '/' })) /** * Logout diff --git a/server/libs/auth.js b/server/libs/auth.js index 34271ccc..5f3e7029 100644 --- a/server/libs/auth.js +++ b/server/libs/auth.js @@ -205,6 +205,27 @@ module.exports = function (passport) { )) } + // OAuth 2 + + if (appconfig.auth.oauth2 && appconfig.auth.oauth2.enabled) { + const OAuth2Strategy = require('passport-oauth2').Strategy + passport.use('oauth2', + new OAuth2Strategy({ + authorizationURL: appconfig.auth.oauth2.authorizationURL, + tokenURL: appconfig.auth.oauth2.tokenURL, + clientID: appconfig.auth.oauth2.clientId, + clientSecret: appconfig.auth.oauth2.clientSecret, + callbackURL: appconfig.host + '/login/oauth2/callback' + }, (accessToken, refreshToken, profile, cb) => { + db.User.processProfile(profile).then((user) => { + return cb(null, user) || true + }).catch((err) => { + return cb(err, null) || true + }) + } + )) + } + // Create users for first-time db.onReady.then(() => {