mirror of
https://github.com/danny-avila/LibreChat.git
synced 2025-12-16 16:30:15 +01:00
⚙️ refactor: Only register OpenID Strategy if Config Succeeded (#9094)
* fix: register openId the strategy if setupOpenId succeeded * chore: linting and update imports * refactor: extract OpenID configuration into a separate function --------- Co-authored-by: Denis <denis.sheremetov@gmail.com>
This commit is contained in:
Danny Avila
GitHub
parent
9b6395d955
commit
8bcdc041b2
1 changed files with 36 additions and 21 deletions
|
|
@ -1,19 +1,48 @@
|
||||||
const passport = require('passport');
|
const passport = require('passport');
|
||||||
const session = require('express-session');
|
const session = require('express-session');
|
||||||
|
const { isEnabled } = require('@librechat/api');
|
||||||
|
const { logger } = require('@librechat/data-schemas');
|
||||||
|
const { CacheKeys } = require('librechat-data-provider');
|
||||||
const {
|
const {
|
||||||
|
openIdJwtLogin,
|
||||||
|
facebookLogin,
|
||||||
|
discordLogin,
|
||||||
setupOpenId,
|
setupOpenId,
|
||||||
googleLogin,
|
googleLogin,
|
||||||
githubLogin,
|
githubLogin,
|
||||||
discordLogin,
|
|
||||||
facebookLogin,
|
|
||||||
appleLogin,
|
appleLogin,
|
||||||
setupSaml,
|
setupSaml,
|
||||||
openIdJwtLogin,
|
|
||||||
} = require('~/strategies');
|
} = require('~/strategies');
|
||||||
const { isEnabled } = require('~/server/utils');
|
|
||||||
const { logger } = require('~/config');
|
|
||||||
const { getLogStores } = require('~/cache');
|
const { getLogStores } = require('~/cache');
|
||||||
const { CacheKeys } = require('librechat-data-provider');
|
|
||||||
|
/**
|
||||||
|
* Configures OpenID Connect for the application.
|
||||||
|
* @param {Express.Application} app - The Express application instance.
|
||||||
|
* @returns {Promise<void>}
|
||||||
|
*/
|
||||||
|
async function configureOpenId(app) {
|
||||||
|
logger.info('Configuring OpenID Connect...');
|
||||||
|
const sessionOptions = {
|
||||||
|
secret: process.env.OPENID_SESSION_SECRET,
|
||||||
|
resave: false,
|
||||||
|
saveUninitialized: false,
|
||||||
|
store: getLogStores(CacheKeys.OPENID_SESSION),
|
||||||
|
};
|
||||||
|
app.use(session(sessionOptions));
|
||||||
|
app.use(passport.session());
|
||||||
|
|
||||||
|
const config = await setupOpenId();
|
||||||
|
if (!config) {
|
||||||
|
logger.error('OpenID Connect configuration failed - strategy not registered.');
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (isEnabled(process.env.OPENID_REUSE_TOKENS)) {
|
||||||
|
logger.info('OpenID token reuse is enabled.');
|
||||||
|
passport.use('openidJwt', openIdJwtLogin(config));
|
||||||
|
}
|
||||||
|
logger.info('OpenID Connect configured successfully.');
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
|
|
@ -44,21 +73,7 @@ const configureSocialLogins = async (app) => {
|
||||||
process.env.OPENID_SCOPE &&
|
process.env.OPENID_SCOPE &&
|
||||||
process.env.OPENID_SESSION_SECRET
|
process.env.OPENID_SESSION_SECRET
|
||||||
) {
|
) {
|
||||||
logger.info('Configuring OpenID Connect...');
|
await configureOpenId(app);
|
||||||
const sessionOptions = {
|
|
||||||
secret: process.env.OPENID_SESSION_SECRET,
|
|
||||||
resave: false,
|
|
||||||
saveUninitialized: false,
|
|
||||||
store: getLogStores(CacheKeys.OPENID_SESSION),
|
|
||||||
};
|
|
||||||
app.use(session(sessionOptions));
|
|
||||||
app.use(passport.session());
|
|
||||||
const config = await setupOpenId();
|
|
||||||
if (isEnabled(process.env.OPENID_REUSE_TOKENS)) {
|
|
||||||
logger.info('OpenID token reuse is enabled.');
|
|
||||||
passport.use('openidJwt', openIdJwtLogin(config));
|
|
||||||
}
|
|
||||||
logger.info('OpenID Connect configured.');
|
|
||||||
}
|
}
|
||||||
if (
|
if (
|
||||||
process.env.SAML_ENTRY_POINT &&
|
process.env.SAML_ENTRY_POINT &&
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue