Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2025-12-18 09:20:15 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Oauth fixes for Cognito (#686)

Browse source 
* Add a restart to melisearch in docker-compose.yml

* Oauth fixes for Cognito

* Use the username or email for full name from oath if not provided

---------

Co-authored-by: Donavan <snark@hey.com>
This commit is contained in:
Donavan Stanley 2023-07-22 20:12:15 -04:00 committed by GitHub
parent 5da833e066
commit 8f9f09698b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 33 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
api/strategies/openidStrategy.js
View file

@ -67,13 +67,15 @@ async function setupOpenId() {
fullName = userinfo.given_name; fullName = userinfo.given_name;
} else if (userinfo.family_name) { } else if (userinfo.family_name) {
fullName = userinfo.family_name; fullName = userinfo.family_name;
} else {
fullName = userinfo.username || userinfo.email;
} }
if (!user) { if (!user) {
user = new User({ user = new User({
provider: 'openid', provider: 'openid',
openidId: userinfo.sub, openidId: userinfo.sub,
username: userinfo.given_name || '', username: userinfo.username || userinfo.given_name || '',
email: userinfo.email || '', email: userinfo.email || '',
emailVerified: userinfo.email_verified || false, emailVerified: userinfo.email_verified || false,
name: fullName, name: fullName,

30
docs/install/user_auth_system.md
View file

@ -68,6 +68,36 @@ OPENID_CALLBACK_URL=/oauth/openid/callback
``` ```
11. Save the .env file and you're done! You have successfully set up OpenID authentication with Azure AD for your app. 11. Save the .env file and you're done! You have successfully set up OpenID authentication with Azure AD for your app.
## How to Set Up OpenID Authentication with AWS Cognito
1. Create a new User Pool in Cognito:
1. Ensure your Cognito user pool sign-in options include `User Name` and `Email`.
2. Ensure that `given_name` and `family_name` are required attributes.
3. Add an initial app client:
1. Set the app type to `Confidential client`
2. Select `Use Cognitio Hosted UI` and chose a domain name
3. Make sure `Generate a client secret` is set.
4. Set the `Allowed callback URLs` to `https://YOUR_DOMAIN/oauth/openid/callback`
5. Under advanced settings make sure `Profile` is included in the `OpenID Connect scopes`
2. Open your User Pool
3. Go to the `App Integrations` tab
4. Open the app client we created above.
5. Use the `User Pool ID`and your AWS region to construct the OPENID_ISSUER (see below)
6. Toggle `Show Client Secret`
6. Use the `Client ID` for `OPENID_CLIENT_ID`
7. Use the `Client secret` for `OPENID_CLIENT_SECRET`
8. Open the .env file in your project folder and add the following variables with the values you copied:
```
OPENID_CLIENT_ID=Your client ID
OPENID_CLIENT_SECRET=Your client secret
OPENID_ISSUER=https://cognito-idp.[AWS REGION].amazonaws.com/[USER POOL ID]/.well-known/openid-configuration
OPENID_SESSION_SECRET=Any random string
OPENID_SCOPE=openid profile email
OPENID_CALLBACK_URL=/oauth/openid/callback
```
9. Save the .env file and you're done! You have successfully set up OpenID authentication with Cognito for your app.
--- ---
## How to Set Up Github Authentication ## How to Set Up Github Authentication