Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2026-02-19 00:48:08 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

📧 fix: Missing Email fallback in openIdJwtLogin (#9311)

Browse source 
* 📧 fix: Missing Email fallback in `openIdJwtLogin`

* chore: Add auth module export to index
This commit is contained in:
Danny Avila 2025-08-27 12:59:40 -04:00 committed by GitHub
parent 48f6f8f2f8
commit 78d735f35c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 109 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

33
api/strategies/openidStrategy.js
View file

@ -7,7 +7,13 @@ const { HttpsProxyAgent } = require('https-proxy-agent');
const { hashToken, logger } = require('@librechat/data-schemas');
const { CacheKeys, ErrorTypes } = require('librechat-data-provider');
const { Strategy: OpenIDStrategy } = require('openid-client/passport');
const { isEnabled, logHeaders, safeStringify, getBalanceConfig } = require('@librechat/api');
const {
isEnabled,
logHeaders,
safeStringify,
findOpenIDUser,
getBalanceConfig,
} = require('@librechat/api');
const { getStrategyFunctions } = require('~/server/services/Files/strategies');
const { findUser, createUser, updateUser } = require('~/models');
const { getAppConfig } = require('~/server/services/Config');
@ -333,23 +339,16 @@ async function setupOpenId() {
async (tokenset, done) => {
try {
const claims = tokenset.claims();
let user = await findUser({ openidId: claims.sub });
logger.info(
`[openidStrategy] user ${user ? 'found' : 'not found'} with openidId: ${claims.sub}`,
);
const result = await findOpenIDUser({
openidId: claims.sub,
email: claims.email,
strategyName: 'openidStrategy',
findUser,
});
let user = result.user;
const error = result.error;
if (!user) {
user = await findUser({ email: claims.email });
logger.info(
`[openidStrategy] user ${user ? 'found' : 'not found'} with email: ${
claims.email
} for openidId: ${claims.sub}`,
);
}
if (user != null && user.provider !== 'openid') {
logger.info(
`[openidStrategy] Attempted OpenID login by user ${user.email}, was registered with "${user.provider}" provider`,
);
if (error) {
return done(null, false, {
message: ErrorTypes.AUTH_FAILED,
});