fix: add state and use new endpoint for rocket.chat auth

server/modules/authentication/rocketchat/authentication.js

@@ -1,64 +1,66 @@
-const _ = require('lodash')
+const _ = require('lodash')
-
+
-/* global WIKI */
+/* global WIKI */
-
+
-// ------------------------------------
+// ------------------------------------
-// Rocket.chat Account
+// Rocket.chat Account
-// ------------------------------------
+// ------------------------------------
-
+
-const OAuth2Strategy = require('passport-oauth2').Strategy
+const OAuth2Strategy = require('passport-oauth2').Strategy
-
+
-module.exports = {
+module.exports = {
-  init (passport, conf) {
+  init (passport, conf) {
-    const siteURL = conf.siteURL.slice(-1) === '/' ? conf.siteURL.slice(0, -1) : conf.siteURL
+    const siteURL = conf.siteURL.slice(-1) === '/' ? conf.siteURL.slice(0, -1) : conf.siteURL
-
+
-    OAuth2Strategy.prototype.userProfile = function (accessToken, cb) {
+    OAuth2Strategy.prototype.userProfile = function (accessToken, cb) {
-      this._oauth2.get(`${siteURL}/api/v1/me`, accessToken, (err, body, res) => {
+      this._oauth2.useAuthorizationHeaderforGET(true)
-        if (err) {
+      this._oauth2.get(`${siteURL}/oauth/userinfo`, accessToken, (err, body, res) => {
-          WIKI.logger.warn('Rocket.chat - Failed to fetch user profile.')
+        if (err) {
-          return cb(err)
+          WIKI.logger.warn('Rocket.chat - Failed to fetch user profile.')
-        }
+          return cb(err)
-        try {
+        }
-          const usr = JSON.parse(body)
+        try {
-          cb(null, {
+          const usr = JSON.parse(body)
-            id: usr._id,
+          cb(null, {
-            displayName: _.isEmpty(usr.name) ? usr.username : usr.name,
+            id: usr.sub,
-            email: usr.emails[0].address,
+            displayName: _.isEmpty(usr.name) ? usr.preffered_username : usr.name,
-            picture: usr.avatarUrl
+            email: usr.email,
-          })
+            picture: usr.picture
-        } catch (err) {
+          })
-          WIKI.logger.warn('Rocket.chat - Failed to parse user profile.')
+        } catch (err) {
-          cb(err)
+          WIKI.logger.warn('Rocket.chat - Failed to parse user profile.')
-        }
+          cb(err)
-      })
+        }
-    }
+      })
-
+    }
-    passport.use(conf.key,
+
-      new OAuth2Strategy({
+    passport.use(conf.key,
-        authorizationURL: `${siteURL}/oauth/authorize`,
+      new OAuth2Strategy({
-        tokenURL: `${siteURL}/oauth/token`,
+        authorizationURL: `${siteURL}/oauth/authorize`,
-        clientID: conf.clientId,
+        tokenURL: `${siteURL}/oauth/token`,
-        clientSecret: conf.clientSecret,
+        clientID: conf.clientId,
-        callbackURL: conf.callbackURL,
+        clientSecret: conf.clientSecret,
-        passReqToCallback: true
+        callbackURL: conf.callbackURL,
-      }, async (req, accessToken, refreshToken, profile, cb) => {
+        passReqToCallback: true,
-        try {
+        state: true
-          const user = await WIKI.models.users.processProfile({
+      }, async (req, accessToken, refreshToken, profile, cb) => {
-            providerKey: req.params.strategy,
+        try {
-            profile
+          const user = await WIKI.models.users.processProfile({
-          })
+            providerKey: req.params.strategy,
-          cb(null, user)
+            profile
-        } catch (err) {
+          })
-          cb(err, null)
+          cb(null, user)
-        }
+        } catch (err) {
-      })
+          cb(err, null)
-    )
+        }
-  },
+      })
-  logout (conf) {
+    )
-    if (!conf.logoutURL) {
+  },
-      return '/'
+  logout (conf) {
-    } else {
+    if (!conf.logoutURL) {
-      return conf.logoutURL
+      return '/'
-    }
+    } else {
-  }
+      return conf.logoutURL
-}
+    }
+  }
+}