Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2025-12-16 16:30:15 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

Oauth fixes for Cognito (#686)

Browse source 
* Add a restart to melisearch in docker-compose.yml

* Oauth fixes for Cognito

* Use the username or email for full name from oath if not provided

---------

Co-authored-by: Donavan <snark@hey.com>
This commit is contained in:
Donavan Stanley 2023-07-22 20:12:15 -04:00 committed by GitHub
parent 5da833e066
commit 8f9f09698b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 33 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
api/strategies/openidStrategy.js
View file

@ -67,13 +67,15 @@ async function setupOpenId() {
fullName = userinfo.given_name;
} else if (userinfo.family_name) {
fullName = userinfo.family_name;
} else {
fullName = userinfo.username || userinfo.email;
}
if (!user) {
user = new User({
provider: 'openid',
openidId: userinfo.sub,
username: userinfo.given_name || '',
username: userinfo.username || userinfo.given_name || '',
email: userinfo.email || '',
emailVerified: userinfo.email_verified || false,
name: fullName,

30
docs/install/user_auth_system.md
View file

@ -68,6 +68,36 @@ OPENID_CALLBACK_URL=/oauth/openid/callback
```
11. Save the .env file and you're done! You have successfully set up OpenID authentication with Azure AD for your app.
## How to Set Up OpenID Authentication with AWS Cognito
1. Create a new User Pool in Cognito:
1. Ensure your Cognito user pool sign-in options include `User Name` and `Email`.
2. Ensure that `given_name` and `family_name` are required attributes.
3. Add an initial app client:
1. Set the app type to `Confidential client`
2. Select `Use Cognitio Hosted UI` and chose a domain name
3. Make sure `Generate a client secret` is set.
4. Set the `Allowed callback URLs` to `https://YOUR_DOMAIN/oauth/openid/callback`
5. Under advanced settings make sure `Profile` is included in the `OpenID Connect scopes`
2. Open your User Pool
3. Go to the `App Integrations` tab
4. Open the app client we created above.
5. Use the `User Pool ID`and your AWS region to construct the OPENID_ISSUER (see below)
6. Toggle `Show Client Secret`
6. Use the `Client ID` for `OPENID_CLIENT_ID`
7. Use the `Client secret` for `OPENID_CLIENT_SECRET`
8. Open the .env file in your project folder and add the following variables with the values you copied:
```
OPENID_CLIENT_ID=Your client ID
OPENID_CLIENT_SECRET=Your client secret
OPENID_ISSUER=https://cognito-idp.[AWS REGION].amazonaws.com/[USER POOL ID]/.well-known/openid-configuration
OPENID_SESSION_SECRET=Any random string
OPENID_SCOPE=openid profile email
OPENID_CALLBACK_URL=/oauth/openid/callback
```
9. Save the .env file and you're done! You have successfully set up OpenID authentication with Cognito for your app.
---
## How to Set Up Github Authentication