feat: authentication module refactor + added CAS module

6 years ago · fd8bf4dbff
parent 9e2f1caaf7
commit fd8bf4dbff
32 changed files with 194 additions and 127 deletions
--- a/package.json
+++ b/package.json
@ -110,6 +110,7 @@
    "passport": "0.4.0",
    "passport-auth0": "0.6.1",
    "passport-azure-ad-oauth2": "0.0.4",
+    "passport-cas": "0.1.1",
    "passport-discord": "0.1.3",
    "passport-dropbox-oauth2": "1.1.0",
    "passport-facebook": "2.1.1",
--- a/server/core/auth.js
+++ b/server/core/auth.js
@ -45,7 +45,7 @@ module.exports = {
        const stg = enabledStrategies[idx]
        if (!stg.isEnabled) { continue }

-        const strategy = require(`../modules/authentication/${stg.key}`)
+        const strategy = require(`../modules/authentication/${stg.key}/authentication.js`)

        stg.config.callbackURL = `${WIKI.config.host}/login/${stg.key}/callback` // TODO: config.host
        strategy.init(passport, stg.config)
--- a/server/db/models/authentication.js
+++ b/server/db/models/authentication.js
@ -1,7 +1,9 @@
 const Model = require('objection').Model
-const autoload = require('auto-load')
+const fs = require('fs-extra')
 const path = require('path')
 const _ = require('lodash')
+const yaml = require('js-yaml')
+const commonHelper = require('../../helpers/common')

 /* global WIKI */

@ -42,9 +44,17 @@ module.exports = class Authentication extends Model {
  static async refreshStrategiesFromDisk() {
    try {
      const dbStrategies = await WIKI.db.authentication.query()
-      const diskStrategies = autoload(path.join(WIKI.SERVERPATH, 'modules/authentication'))
+
+      // -> Fetch definitions from disk
+      const authDirs = await fs.readdir(path.join(WIKI.SERVERPATH, 'modules/authentication'))
+      let diskStrategies = []
+      for (let dir of authDirs) {
+        const def = await fs.readFile(path.join(WIKI.SERVERPATH, 'modules/authentication', dir, 'definition.yml'), 'utf8')
+        diskStrategies.push(yaml.safeLoad(def))
+      }
+
      let newStrategies = []
-      _.forOwn(diskStrategies, (strategy, strategyKey) => {
+      _.forEach(diskStrategies, strategy => {
        if (!_.some(dbStrategies, ['key', strategy.key])) {
          newStrategies.push({
            key: strategy.key,
@ -54,8 +64,8 @@ module.exports = class Authentication extends Model {
            config: _.transform(strategy.props, (result, value, key) => {
              if (_.isPlainObject(value)) {
                let cfgValue = {
-                  type: typeof value.type(),
-                  value: !_.isNil(value.default) ? value.default : new value() // eslint-disable-line new-cap
+                  type: value.type.toLowerCase(),
+                  value: !_.isNil(value.default) ? value.default : commonHelper.getTypeDefaultValue(value.type)
                }
                if (_.isArray(value.enum)) {
                  cfgValue.enum = value.enum
@ -63,8 +73,8 @@ module.exports = class Authentication extends Model {
                _.set(result, key, cfgValue)
              } else {
                _.set(result, key, {
-                  type: typeof value(),
-                  value: new value() // eslint-disable-line new-cap
+                  type: value.toLowerCase(),
+                  value: commonHelper.getTypeDefaultValue(value)
                })
              }
              return result
--- a/server/modules/authentication/auth0/authentication.js
+++ b/server/modules/authentication/auth0/authentication.js
@ -7,14 +7,6 @@
 const Auth0Strategy = require('passport-auth0').Strategy

 module.exports = {
-  key: 'auth0',
-  title: 'Auth0',
-  useForm: false,
-  props: {
-    domain: String,
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('auth0',
      new Auth0Strategy({
--- a/server/modules/authentication/auth0/definition.yml
+++ b/server/modules/authentication/auth0/definition.yml
@ -0,0 +1,8 @@
+key: auth0
+title: Auth0
+author: requarks.io
+useForm: false
+props:
+  domain: String
+  clientId: String
+  clientSecret: String
--- a/server/modules/authentication/azure/authentication.js
+++ b/server/modules/authentication/azure/authentication.js
@ -7,21 +7,6 @@
 const AzureAdOAuth2Strategy = require('passport-azure-ad-oauth2').Strategy

 module.exports = {
-  key: 'azure',
-  title: 'Azure Active Directory',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String,
-    resource: {
-      type: String,
-      default: '00000002-0000-0000-c000-000000000000'
-    },
-    tenant: {
-      type: String,
-      default: 'YOUR_TENANT.onmicrosoft.com'
-    }
-  },
  init (passport, conf) {
    const jwt = require('jsonwebtoken')
    passport.use('azure_ad_oauth2',
--- a/server/modules/authentication/azure/definition.yml
+++ b/server/modules/authentication/azure/definition.yml
@ -0,0 +1,13 @@
+key: azure
+title: Azure Active Directory
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
+  resource:
+    type: String,
+    default: '00000002-0000-0000-c000-000000000000'
+  tenant:
+    type: String,
+    default: YOUR_TENANT.onmicrosoft.com
--- a/server/modules/authentication/cas/authentication.js
+++ b/server/modules/authentication/cas/authentication.js
@ -0,0 +1,24 @@
+/* global WIKI */
+
+// ------------------------------------
+// CAS Account
+// ------------------------------------
+
+const CASStrategy = require('passport-cas').Strategy
+
+module.exports = {
+  init (passport, conf) {
+    passport.use('cas',
+      new CASStrategy({
+        ssoBaseURL: conf.ssoBaseURL,
+        serverBaseURL: conf.serverBaseURL
+      }, (profile, cb) => {
+        WIKI.db.users.processProfile(profile).then((user) => {
+          return cb(null, user) || true
+        }).catch((err) => {
+          return cb(err, null) || true
+        })
+      }
+      ))
+  }
+}
--- a/server/modules/authentication/cas/definition.yml
+++ b/server/modules/authentication/cas/definition.yml
@ -0,0 +1,7 @@
+key: cas
+title: CAS
+author: requarks.io
+useForm: false
+props:
+  ssoBaseURL: String
+  serverBaseURL: String
--- a/server/modules/authentication/discord/authentication.js
+++ b/server/modules/authentication/discord/authentication.js
@ -7,13 +7,6 @@
 const DiscordStrategy = require('passport-discord').Strategy

 module.exports = {
-  key: 'discord',
-  title: 'Discord',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('discord',
      new DiscordStrategy({
--- a/server/modules/authentication/discord/definition.yml
+++ b/server/modules/authentication/discord/definition.yml
@ -0,0 +1,7 @@
+key: discord
+title: Discord
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
--- a/server/modules/authentication/dropbox/authentication.js
+++ b/server/modules/authentication/dropbox/authentication.js
@ -7,13 +7,6 @@
 const DropboxStrategy = require('passport-dropbox-oauth2').Strategy

 module.exports = {
-  key: 'dropbox',
-  title: 'Dropbox',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('dropbox',
      new DropboxStrategy({
--- a/server/modules/authentication/dropbox/definition.yml
+++ b/server/modules/authentication/dropbox/definition.yml
@ -0,0 +1,7 @@
+key: dropbox
+title: Dropbox
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
--- a/server/modules/authentication/facebook/authentication.js
+++ b/server/modules/authentication/facebook/authentication.js
@ -7,13 +7,6 @@
 const FacebookStrategy = require('passport-facebook').Strategy

 module.exports = {
-  key: 'facebook',
-  title: 'Facebook',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('facebook',
      new FacebookStrategy({
--- a/server/modules/authentication/facebook/definition.yml
+++ b/server/modules/authentication/facebook/definition.yml
@ -0,0 +1,7 @@
+key: facebook
+title: Facebook
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
--- a/server/modules/authentication/github/authentication.js
+++ b/server/modules/authentication/github/authentication.js
@ -7,13 +7,6 @@
 const GitHubStrategy = require('passport-github2').Strategy

 module.exports = {
-  key: 'github',
-  title: 'GitHub',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('github',
      new GitHubStrategy({
--- a/server/modules/authentication/github/definition.yml
+++ b/server/modules/authentication/github/definition.yml
@ -0,0 +1,7 @@
+key: github
+title: GitHub
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
--- a/server/modules/authentication/google/authentication.js
+++ b/server/modules/authentication/google/authentication.js
@ -7,13 +7,6 @@
 const GoogleStrategy = require('passport-google-oauth20').Strategy

 module.exports = {
-  key: 'google',
-  title: 'Google',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('google',
      new GoogleStrategy({
--- a/server/modules/authentication/google/definition.yml
+++ b/server/modules/authentication/google/definition.yml
@ -0,0 +1,7 @@
+key: google
+title: Google
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
--- a/server/modules/authentication/ldap/authentication.js
+++ b/server/modules/authentication/ldap/authentication.js
@ -8,33 +8,6 @@ const LdapStrategy = require('passport-ldapauth').Strategy
 const fs = require('fs')

 module.exports = {
-  key: 'ldap',
-  title: 'LDAP / Active Directory',
-  useForm: true,
-  props: {
-    url: {
-      type: String,
-      default: 'ldap://serverhost:389'
-    },
-    bindDn: {
-      type: String,
-      default: `cn='root'`
-    },
-    bindCredentials: String,
-    searchBase: {
-      type: String,
-      default: 'o=users,o=example.com'
-    },
-    searchFilter: {
-      type: String,
-      default: '(uid={{username}})'
-    },
-    tlsEnabled: {
-      type: Boolean,
-      default: false
-    },
-    tlsCertPath: String
-  },
  init (passport, conf) {
    passport.use('ldapauth',
      new LdapStrategy({
--- a/server/modules/authentication/ldap/definition.yml
+++ b/server/modules/authentication/ldap/definition.yml
@ -0,0 +1,22 @@
+key: ldap
+title: LDAP / Active Directory
+author: requarks.io
+useForm: true
+props:
+  url:
+    type: String
+    default: 'ldap://serverhost:389'
+  bindDn:
+    type: String
+    default: cn='root'
+  bindCredentials: String
+  searchBase:
+    type: String
+    default: 'o=users,o=example.com'
+  searchFilter:
+    type: String
+    default: '(uid={{username}})'
+  tlsEnabled:
+    type: Boolean
+    default: false
+  tlsCertPath: String
--- a/server/modules/authentication/local/authentication.js
+++ b/server/modules/authentication/local/authentication.js
@ -7,10 +7,6 @@
 const LocalStrategy = require('passport-local').Strategy

 module.exports = {
-  key: 'local',
-  title: 'Local',
-  useForm: true,
-  props: {},
  init (passport, conf) {
    passport.use('local',
      new LocalStrategy({
--- a/server/modules/authentication/local/definition.yml
+++ b/server/modules/authentication/local/definition.yml
@ -0,0 +1,5 @@
+key: local
+title: Local
+author: requarks.io
+useForm: true
+props: {}
--- a/server/modules/authentication/microsoft/authentication.js
+++ b/server/modules/authentication/microsoft/authentication.js
@ -7,13 +7,6 @@
 const WindowsLiveStrategy = require('passport-windowslive').Strategy

 module.exports = {
-  key: 'microsoft',
-  title: 'Microsoft Account',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('microsoft',
      new WindowsLiveStrategy({
--- a/server/modules/authentication/microsoft/definition.yml
+++ b/server/modules/authentication/microsoft/definition.yml
@ -0,0 +1,7 @@
+key: microsoft
+title: Microsoft Account
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
--- a/server/modules/authentication/oauth2/authentication.js
+++ b/server/modules/authentication/oauth2/authentication.js
@ -7,15 +7,6 @@
 const OAuth2Strategy = require('passport-oauth2').Strategy

 module.exports = {
-  key: 'oauth2',
-  title: 'OAuth2',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String,
-    authorizationURL: String,
-    tokenURL: String
-  },
  init (passport, conf) {
    passport.use('oauth2',
      new OAuth2Strategy({
--- a/server/modules/authentication/oauth2/definition.yml
+++ b/server/modules/authentication/oauth2/definition.yml
@ -0,0 +1,9 @@
+key: oauth2
+title: OAuth2
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
+  authorizationURL: String
+  tokenURL: String
--- a/server/modules/authentication/slack/authentication.js
+++ b/server/modules/authentication/slack/authentication.js
@ -7,13 +7,6 @@
 const SlackStrategy = require('passport-slack').Strategy

 module.exports = {
-  key: 'slack',
-  title: 'Slack',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('slack',
      new SlackStrategy({
--- a/server/modules/authentication/slack/definition.yml
+++ b/server/modules/authentication/slack/definition.yml
@ -0,0 +1,7 @@
+key: slack
+title: Slack
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
--- a/server/modules/authentication/twitch/authentication.js
+++ b/server/modules/authentication/twitch/authentication.js
@ -7,13 +7,6 @@
 const TwitchStrategy = require('passport-twitch').Strategy

 module.exports = {
-  key: 'twitch',
-  title: 'Twitch',
-  useForm: false,
-  props: {
-    clientId: String,
-    clientSecret: String
-  },
  init (passport, conf) {
    passport.use('twitch',
      new TwitchStrategy({
--- a/server/modules/authentication/twitch/definition.yml
+++ b/server/modules/authentication/twitch/definition.yml
@ -0,0 +1,7 @@
+key: twitch
+title: Twitch
+author: requarks.io
+useForm: false
+props:
+  clientId: String
+  clientSecret: String
--- a/yarn.lock
+++ b/yarn.lock
@ -8344,6 +8344,10 @@ node-sass@4.9.0:
    stdout-stream "^1.4.0"
    "true-case-path" "^1.0.2"

+node-uuid@1.4.1:
+  version "1.4.1"
+  resolved "https://registry.yarnpkg.com/node-uuid/-/node-uuid-1.4.1.tgz#39aef510e5889a3dca9c895b506c73aae1bac048"
+
 node-version@^1.0.0:
  version "1.1.3"
  resolved "https://registry.yarnpkg.com/node-version/-/node-version-1.1.3.tgz#1081c87cce6d2dbbd61d0e51e28c287782678496"
@ -8843,6 +8847,14 @@ passport-azure-ad-oauth2@0.0.4:
  dependencies:
    passport-oauth "1.0.x"

+passport-cas@0.1.1:
+  version "0.1.1"
+  resolved "https://registry.yarnpkg.com/passport-cas/-/passport-cas-0.1.1.tgz#d26ca9e2c58e60471ef01476280b9fcdd058baf5"
+  dependencies:
+    node-uuid "1.4.1"
+    underscore "1.6.0"
+    xml2js "0.4.4"
+
 passport-discord@0.1.3:
  version "0.1.3"
  resolved "https://registry.yarnpkg.com/passport-discord/-/passport-discord-0.1.3.tgz#669cc4a770b592f57eb17002ca1743a22e8d7c38"
@ -11326,6 +11338,10 @@ sax@0.5.x:
  version "0.5.8"
  resolved "https://registry.yarnpkg.com/sax/-/sax-0.5.8.tgz#d472db228eb331c2506b0e8c15524adb939d12c1"

+sax@0.6.x:
+  version "0.6.1"
+  resolved "https://registry.yarnpkg.com/sax/-/sax-0.6.1.tgz#563b19c7c1de892e09bfc4f2fc30e3c27f0952b9"
+
 sax@^1.2.4, sax@~1.2.1:
  version "1.2.4"
  resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.4.tgz#2816234e2378bddc4e5354fab5caa895df7100d9"
@ -12418,6 +12434,10 @@ undefsafe@^2.0.2:
  dependencies:
    debug "^2.2.0"

+underscore@1.6.0:
+  version "1.6.0"
+  resolved "https://registry.yarnpkg.com/underscore/-/underscore-1.6.0.tgz#8b38b10cacdef63337b8b24e4ff86d45aea529a8"
+
 underscore@^1.7.0:
  version "1.9.1"
  resolved "https://registry.yarnpkg.com/underscore/-/underscore-1.9.1.tgz#06dce34a0e68a7babc29b365b8e74b8925203961"
@ -13210,10 +13230,21 @@ xml-name-validator@^3.0.0:
  version "3.0.0"
  resolved "https://registry.yarnpkg.com/xml-name-validator/-/xml-name-validator-3.0.0.tgz#6ae73e06de4d8c6e47f9fb181f78d648ad457c6a"

+xml2js@0.4.4:
+  version "0.4.4"
+  resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.4.4.tgz#3111010003008ae19240eba17497b57c729c555d"
+  dependencies:
+    sax "0.6.x"
+    xmlbuilder ">=1.0.0"
+
 xml@^1.0.1:
  version "1.0.1"
  resolved "https://registry.yarnpkg.com/xml/-/xml-1.0.1.tgz#78ba72020029c5bc87b8a81a3cfcd74b4a2fc1e5"

+xmlbuilder@>=1.0.0:
+  version "10.0.0"
+  resolved "https://registry.yarnpkg.com/xmlbuilder/-/xmlbuilder-10.0.0.tgz#c64e52f8ae097fe5fd46d1c38adaade071ee1b55"
+
 xregexp@4.0.0:
  version "4.0.0"
  resolved "https://registry.yarnpkg.com/xregexp/-/xregexp-4.0.0.tgz#e698189de49dd2a18cc5687b05e17c8e43943020"