From 86f05cdc48d14ef85bddf7f1d1af3338768ed0c4 Mon Sep 17 00:00:00 2001 From: lucabertelli Date: Tue, 24 Oct 2023 15:06:41 +0200 Subject: [PATCH] fix(github): fix github enterprise authentication --- controllers/auth/read.auth.controller.js | 91 ++++++++++++++++++++---- 1 file changed, 79 insertions(+), 12 deletions(-) diff --git a/controllers/auth/read.auth.controller.js b/controllers/auth/read.auth.controller.js index ba2da3c..4e67609 100644 --- a/controllers/auth/read.auth.controller.js +++ b/controllers/auth/read.auth.controller.js @@ -9,6 +9,9 @@ const { const logger = require('../../service-library/helpers/logger.helpers') const jwtHelpers = require('../../service-library/helpers/jwt.helpers') const authHelpers = require('../../helpers/auth.helpers') +const k8sHelpers = require('../service-library/helpers/k8s.helpers') +const responseHelpers = require('../helpers/response.helpers') +const { k8sConstants } = require('../service-library/constants') router.get('/guest', async (req, res, next) => { try { @@ -39,21 +42,85 @@ router.get( passport.authenticate('github', { scope: ['user:email'] }) ) -router.get( - '/github/callback', - passport.authenticate('github', { - failureRedirect: '/login', - failureMessage: true - }), - (req, res) => { - const user = authHelpers.cookie(req.user, 'github') +router.get('/github/callback', (req, res, next) => { + let strategy = null + try { + strategy = k8sHelpers.getSingleByName(k8sConstants.strategyApi, 'github') + } catch {} - logger.debug(user) + if (!strategy) { + const err = new Error('Cannot find strategy') + err.statusCode = 500 + next(err) + return + } - res.cookie(envConstants.COOKIE_NAME, jwtHelpers.sign(user), cookieConstants) - res.redirect(global.redirect) + const provider = responseHelpers.parse(strategy, true) + + if (!provider) { + const err = new Error('Unknown authentication strategy') + err.statusCode = 500 + next(err) + return } -) + + logger.debug(req) + const grantCode = req.query.code + + const tokenURL = provider.spec.config.tokenURL + const userProfileURL = provider.spec.config.userProfileURL + const clientId = provider.spec.config.clientID + const clientSecret = provider.spec.config.clientSecret + const userInfo = {} + + fetch( + tokenURL + + '?client_id=' + + clientId + + '&client_secret=' + + clientSecret + + '&code=' + + grantCode, + { + method: 'POST', + headers: { + Accept: 'application/json' + } + } + ) + .then((res) => res.json()) + .then((json) => { + logger.debug(json) + req.session.github_token = json.access_token + logger.debug(req.session.github_token) + }) + .catch((err) => console.log(err)) + .then(() => { + fetch(userProfileURL, { + method: 'GET', + headers: { + Accept: 'application/json', + Authorization: 'Bearer ' + req.session.github_token + } + }) + .then((res) => res.json()) + .then((json) => { + userInfo.id = json.id + userInfo.displayName = json.name + userInfo.username = json.login + userInfo.email = json.email + }) + .catch((err) => console.log(err)) + }) + + logger.debug(JSON.stringify(userInfo)) + const user = authHelpers.cookie(userInfo, 'github') + + logger.debug(user) + + res.cookie(envConstants.COOKIE_NAME, jwtHelpers.sign(user), cookieConstants) + res.redirect(global.redirect) +}) router.get( '/microsoft',