mirror of
https://github.com/danny-avila/LibreChat.git
synced 2025-09-22 06:00:56 +02:00
bf80cf30b3
* feat: integrate OpenID Connect support with token reuse
- Added `jwks-rsa` and `new-openid-client` dependencies for OpenID Connect functionality.
- Implemented OpenID token refresh logic in `AuthController`.
- Enhanced `LogoutController` to handle OpenID logout and session termination.
- Updated JWT authentication middleware to support OpenID token provider.
- Modified OAuth routes to accommodate OpenID authentication and token management.
- Created `setOpenIDAuthTokens` function to manage OpenID tokens in cookies.
- Upgraded OpenID strategy with user info fetching and token exchange protocol.
- Introduced `openIdJwtLogin` strategy for handling OpenID JWT tokens.
- Added caching mechanism for exchanged OpenID tokens.
- Updated configuration to include OpenID exchanged tokens cache key.
- updated .env.example to include the new env variables needed for the feature.
* fix: update return type in downloadImage documentation for clarity and fixed openIdJwtLogin env variables
* fix: update Jest configuration and tests for OpenID strategy integration
* fix: update OpenID strategy to include callback URL in setup
* fix: fix optionalJwtAuth middleware to support OpenID token reuse and improve currentUrl method in CustomOpenIDStrategy to override the dynamic host issue related to proxy (e.g. cloudfront)
* fix: fixed code formatting
* Fix: Add mocks for openid-client and passport strategy in Jest configuration to fix unit tests
* fix eslint errors: Format mock file openid-client.
* ✨ feat: Add PKCE support for OpenID and default handling in strategy setup
---------
Co-authored-by: Atef Bellaaj <slalom.bellaaj@external.daimlertruck.com>
Co-authored-by: Ruben Talstra <RubenTalstra1211@outlook.com>
67 lines
2.4 KiB
JavaScript
67 lines
2.4 KiB
JavaScript
// api/test/__mocks__/openid-client.js
|
|
module.exports = {
|
|
Issuer: {
|
|
discover: jest.fn().mockResolvedValue({
|
|
Client: jest.fn().mockImplementation(() => ({
|
|
authorizationUrl: jest.fn().mockReturnValue('mock_auth_url'),
|
|
callback: jest.fn().mockResolvedValue({
|
|
access_token: 'mock_access_token',
|
|
id_token: 'mock_id_token',
|
|
claims: () => ({
|
|
sub: 'mock_sub',
|
|
email: 'mock@example.com',
|
|
}),
|
|
}),
|
|
userinfo: jest.fn().mockResolvedValue({
|
|
sub: 'mock_sub',
|
|
email: 'mock@example.com',
|
|
}),
|
|
})),
|
|
}),
|
|
},
|
|
Strategy: jest.fn().mockImplementation((options, verify) => {
|
|
// Store verify to call it if needed, or just mock the strategy behavior
|
|
return { name: 'openid-mock-strategy' };
|
|
}),
|
|
custom: {
|
|
setHttpOptionsDefaults: jest.fn(),
|
|
},
|
|
// Add any other exports from openid-client that are used directly
|
|
// For example, if your code uses `client.Issuer.discover`, then mock `Issuer`
|
|
// If it uses `new Strategy()`, then mock `Strategy`
|
|
// Based on openidStrategy.js, it uses:
|
|
// const client = require('openid-client'); -> client.discovery, client.fetchUserInfo, client.genericGrantRequest
|
|
// const { Strategy: OpenIDStrategy } = require('openid-client/passport');
|
|
// So the mock needs to cover these.
|
|
// The provided mock in openidStrategy.spec.js is a good reference.
|
|
|
|
// Simpler mock based on the spec file:
|
|
discovery: jest.fn().mockResolvedValue({
|
|
clientId: 'fake_client_id',
|
|
clientSecret: 'fake_client_secret',
|
|
issuer: 'https://fake-issuer.com',
|
|
Client: jest.fn().mockImplementation(() => ({
|
|
authorizationUrl: jest.fn().mockReturnValue('mock_auth_url'),
|
|
callback: jest.fn().mockResolvedValue({
|
|
access_token: 'mock_access_token',
|
|
id_token: 'mock_id_token',
|
|
claims: () => ({
|
|
sub: 'mock_sub',
|
|
email: 'mock@example.com',
|
|
}),
|
|
}),
|
|
userinfo: jest.fn().mockResolvedValue({
|
|
sub: 'mock_sub',
|
|
email: 'mock@example.com',
|
|
}),
|
|
grant: jest.fn().mockResolvedValue({ access_token: 'mock_grant_token' }), // For genericGrantRequest
|
|
})),
|
|
}),
|
|
fetchUserInfo: jest.fn().mockResolvedValue({
|
|
preferred_username: 'preferred_username',
|
|
}),
|
|
genericGrantRequest: jest
|
|
.fn()
|
|
.mockResolvedValue({ access_token: 'mock_grant_access_token', expires_in: 3600 }),
|
|
customFetch: Symbol('customFetch'),
|
|
};
|