msb-public
/
wiki
mirror of https://github.com/requarks/wiki
1
0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4eb9dabb63'
${ noResults }
wiki/server/modules/authentication/github/authentication.js

63 lines
2.5 KiB
Raw Blame History

/* global WIKI */
// ------------------------------------
// GitHub Account
// ------------------------------------
const GitHubStrategy = require('passport-github2').Strategy
const _ = require('lodash')
module.exports = {
init (passport, conf) {
let githubConfig = {
clientID: conf.clientId,
clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL,
scope: ['user:email'],
passReqToCallback: true
}
if (conf.useEnterprise) {
githubConfig.authorizationURL = `https://${conf.enterpriseDomain}/login/oauth/authorize`
githubConfig.tokenURL = `https://${conf.enterpriseDomain}/login/oauth/access_token`
githubConfig.userProfileURL = conf.enterpriseUserEndpoint
githubConfig.userEmailURL = `${conf.enterpriseUserEndpoint}/emails`
}
passport.use(conf.key,
new GitHubStrategy(githubConfig, async (req, accessToken, refreshToken, profile, cb) => {
try {
WIKI.logger.info(`GitHub OAuth: Processing profile for user ${profile.id || profile.username}`)
// Ensure email is available - passport-github2 should fetch it automatically with user:email scope
// but we'll log a warning if it's missing
if (!profile.emails || (Array.isArray(profile.emails) && profile.emails.length === 0)) {
WIKI.logger.warn(`GitHub OAuth: No email found in profile for user ${profile.id || profile.username}. Make sure 'user:email' scope is granted.`)
}
const user = await WIKI.models.users.processProfile({
providerKey: req.params.strategy,
profile: {
...profile,
picture: _.get(profile, 'photos[0].value', '')
}
})
WIKI.logger.info(`GitHub OAuth: Successfully authenticated user ${user.email}`)
cb(null, user)
} catch (err) {
WIKI.logger.warn(`GitHub OAuth: Authentication failed for strategy ${req.params.strategy}:`, err)
// Provide more user-friendly error messages
if (err.message && err.message.includes('email')) {
cb(new Error('GitHub authentication failed: Email address is required but not available. Please ensure your GitHub account has a verified email address and grant email access permissions.'), null)
} else if (err instanceof WIKI.Error.AuthAccountBanned) {
cb(err, null)
} else {
cb(new Error(`GitHub authentication failed: ${err.message || 'Unknown error'}`), null)
}
}
}
))
}
}
Reference in new issue View Git Blame Copy Permalink