Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-09-22 01:50:48 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

fix(oidc): wekan/wekan#3299

Browse source
This commit is contained in:
Samuel MARTIN MORO 2020-11-01 20:48:50 +01:00
parent d75ca0c8f0
commit ae9d82430a
1 changed files with 29 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

44
packages/wekan-oidc/oidc_server.js
View file

@ -1,4 +1,15 @@
Oidc = {}; Oidc = {};
httpCa = false;
if (process.env.OAUTH2_CA_CERT !== undefined) {
try {
const fs = Npm.require('fs');
httpCa = fs.readFileSync(process.env.OAUTH2_CA_CERT);
} catch(e) {
console.log('WARNING: failed loading: ' + process.env.OAUTH2_CA_CERT);
console.log(e);
}
}
OAuth.registerService('oidc', 2, null, function (query) { OAuth.registerService('oidc', 2, null, function (query) {
@ -86,9 +97,7 @@ if (process.env.ORACLE_OIM_ENABLED !== 'true' && process.env.ORACLE_OIM_ENABLED
var response; var response;
try { try {
response = HTTP.post( var postOptions = {
serverTokenEndpoint,
{
headers: { headers: {
Accept: 'application/json', Accept: 'application/json',
"User-Agent": userAgent "User-Agent": userAgent
@ -101,8 +110,11 @@ if (process.env.ORACLE_OIM_ENABLED !== 'true' && process.env.ORACLE_OIM_ENABLED
grant_type: 'authorization_code', grant_type: 'authorization_code',
state: query.state state: query.state
} }
} };
); if (httpCa) {
postOptions['npmRequestOptions'] = { ca: httpCa };
}
response = HTTP.post(serverTokenEndpoint, postOptions);
} catch (err) { } catch (err) {
throw _.extend(new Error("Failed to get token from OIDC " + serverTokenEndpoint + ": " + err.message), throw _.extend(new Error("Failed to get token from OIDC " + serverTokenEndpoint + ": " + err.message),
{ response: err.response }); { response: err.response });
@ -143,9 +155,7 @@ if (process.env.ORACLE_OIM_ENABLED === 'true' || process.env.ORACLE_OIM_ENABLED
if (debug) console.log('Basic Token: ', strBasicToken64); if (debug) console.log('Basic Token: ', strBasicToken64);
try { try {
response = HTTP.post( var postOptions = {
serverTokenEndpoint,
{
headers: { headers: {
Accept: 'application/json', Accept: 'application/json',
"User-Agent": userAgent, "User-Agent": userAgent,
@ -159,8 +169,11 @@ if (process.env.ORACLE_OIM_ENABLED === 'true' || process.env.ORACLE_OIM_ENABLED
grant_type: 'authorization_code', grant_type: 'authorization_code',
state: query.state state: query.state
} }
} };
); if (httpCa) {
postOptions['npmRequestOptions'] = { ca: httpCa };
}
response = HTTP.post(serverTokenEndpoint, postOptions);
} catch (err) { } catch (err) {
throw _.extend(new Error("Failed to get token from OIDC " + serverTokenEndpoint + ": " + err.message), throw _.extend(new Error("Failed to get token from OIDC " + serverTokenEndpoint + ": " + err.message),
{ response: err.response }); { response: err.response });
@ -188,15 +201,16 @@ var getUserInfo = function (accessToken) {
} }
var response; var response;
try { try {
response = HTTP.get( var getOptions = {
serverUserinfoEndpoint,
{
headers: { headers: {
"User-Agent": userAgent, "User-Agent": userAgent,
"Authorization": "Bearer " + accessToken "Authorization": "Bearer " + accessToken
} }
} };
); if (httpCa) {
getOptions['npmRequestOptions'] = { ca: httpCa };
}
response = HTTP.get(serverUserinfoEndpoint, getOptions);
} catch (err) { } catch (err) {
throw _.extend(new Error("Failed to fetch userinfo from OIDC " + serverUserinfoEndpoint + ": " + err.message), throw _.extend(new Error("Failed to fetch userinfo from OIDC " + serverUserinfoEndpoint + ": " + err.message),
{response: err.response}); {response: err.response});