msb-public
/
wiki
mirror of https://github.com/requarks/wiki
1
0
Code Issues Projects Releases Wiki Activity

feat: add support of `hd` auth parameter to work with G Suite domains (#4010)

Browse Source 
* Add support of hd google auth parameter - to work with G Suite domains

* Style-fix

* fix: google auth hostedDomain hint

Co-authored-by: Nicolas Giard <github@ngpixel.com>
pull/4015/head
Denis 4 years ago committed by GitHub
parent 2ffeaed0d6
commit ee8006892e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 36 additions and 20 deletions
Show Stats Download Patch File Download Diff File

51
server/modules/authentication/google/authentication.js
Unescape View File

@ -9,27 +9,38 @@ const _ = require('lodash')
module.exports = { module.exports = {
init (passport, conf) { init (passport, conf) {
passport.use('google', const strategy = new GoogleStrategy({
new GoogleStrategy({ clientID: conf.clientId,
clientID: conf.clientId, clientSecret: conf.clientSecret,
clientSecret: conf.clientSecret, callbackURL: conf.callbackURL,
callbackURL: conf.callbackURL, passReqToCallback: true
passReqToCallback: true }, async (req, accessToken, refreshToken, profile, cb) => {
}, async (req, accessToken, refreshToken, profile, cb) => { try {
try { if (conf.hostedDomain && conf.hostedDomain != profile._json.hd) {
const user = await WIKI.models.users.processProfile({ throw new Error('Google authentication should have been performed with domain ' + conf.hostedDomain)
providerKey: req.params.strategy,
profile: {
...profile,
picture: _.get(profile, 'photos[0].value', '')
}
})
cb(null, user)
} catch (err) {
cb(err, null)
} }
}) const user = await WIKI.models.users.processProfile({
) providerKey: req.params.strategy,
profile: {
...profile,
picture: _.get(profile, 'photos[0].value', '')
}
})
cb(null, user)
} catch (err) {
cb(err, null)
}
})
if (conf.hostedDomain) {
strategy.authorizationParams = function(options) {
return {
hd: conf.hostedDomain
}
}
}
passport.use('google', strategy)
}, },
logout (conf) { logout (conf) {
return '/' return '/'

5
server/modules/authentication/google/definition.yml
Unescape View File

@ -22,3 +22,8 @@ props:
title: Client Secret title: Client Secret
hint: Application Client Secret hint: Application Client Secret
order: 2 order: 2
hostedDomain:
type: String
title: Hosted Domain
hint: (optional) Only for G Suite hosted domain. Leave empty otherwise.
order: 3

Write Preview
Loading…
Cancel
Save