fix(github): fix github enterprise authentication

krateoplatformops · Oct 24, 2023 · 86f05cd · 86f05cd
1 parent d7810e1
commit 86f05cd
Showing 1 changed file with 79 additions and 12 deletions.
diff --git a/controllers/auth/read.auth.controller.js b/controllers/auth/read.auth.controller.js
@@ -9,6 +9,9 @@ const {
 const logger = require('../../service-library/helpers/logger.helpers')
 const jwtHelpers = require('../../service-library/helpers/jwt.helpers')
 const authHelpers = require('../../helpers/auth.helpers')
+const k8sHelpers = require('../service-library/helpers/k8s.helpers')
+const responseHelpers = require('../helpers/response.helpers')
+const { k8sConstants } = require('../service-library/constants')
 
 router.get('/guest', async (req, res, next) => {
   try {
@@ -39,21 +42,85 @@ router.get(
   passport.authenticate('github', { scope: ['user:email'] })
 )
 
-router.get(
-  '/github/callback',
-  passport.authenticate('github', {
-    failureRedirect: '/login',
-    failureMessage: true
-  }),
-  (req, res) => {
-    const user = authHelpers.cookie(req.user, 'github')
+router.get('/github/callback', (req, res, next) => {
+  let strategy = null
+  try {
+    strategy = k8sHelpers.getSingleByName(k8sConstants.strategyApi, 'github')
+  } catch {}
 
-    logger.debug(user)
+  if (!strategy) {
+    const err = new Error('Cannot find strategy')
+    err.statusCode = 500
+    next(err)
+    return
+  }
 
-    res.cookie(envConstants.COOKIE_NAME, jwtHelpers.sign(user), cookieConstants)
-    res.redirect(global.redirect)
+  const provider = responseHelpers.parse(strategy, true)
+
+  if (!provider) {
+    const err = new Error('Unknown authentication strategy')
+    err.statusCode = 500
+    next(err)
+    return
   }
-)
+
+  logger.debug(req)
+  const grantCode = req.query.code
+
+  const tokenURL = provider.spec.config.tokenURL
+  const userProfileURL = provider.spec.config.userProfileURL
+  const clientId = provider.spec.config.clientID
+  const clientSecret = provider.spec.config.clientSecret
+  const userInfo = {}
+
+  fetch(
+    tokenURL +
+      '?client_id=' +
+      clientId +
+      '&client_secret=' +
+      clientSecret +
+      '&code=' +
+      grantCode,
+    {
+      method: 'POST',
+      headers: {
+        Accept: 'application/json'
+      }
+    }
+  )
+    .then((res) => res.json())
+    .then((json) => {
+      logger.debug(json)
+      req.session.github_token = json.access_token
+      logger.debug(req.session.github_token)
+    })
+    .catch((err) => console.log(err))
+    .then(() => {
+      fetch(userProfileURL, {
+        method: 'GET',
+        headers: {
+          Accept: 'application/json',
+          Authorization: 'Bearer ' + req.session.github_token
+        }
+      })
+        .then((res) => res.json())
+        .then((json) => {
+          userInfo.id = json.id
+          userInfo.displayName = json.name
+          userInfo.username = json.login
+          userInfo.email = json.email
+        })
+        .catch((err) => console.log(err))
+    })
+
+  logger.debug(JSON.stringify(userInfo))
+  const user = authHelpers.cookie(userInfo, 'github')
+
+  logger.debug(user)
+
+  res.cookie(envConstants.COOKIE_NAME, jwtHelpers.sign(user), cookieConstants)
+  res.redirect(global.redirect)
+})
 
 router.get(
   '/microsoft',