Compare commits

..

No commits in common. "b553e959e28538c617aab1a238db13caedb02aba" and "264ae928a9c1af620487488110eec816b14e23ec" have entirely different histories.

3 changed files with 9 additions and 21 deletions

View file

@ -121,7 +121,7 @@ class OidcAuthStrategy {
throw new Error(`Group claim ${Database.serverSettings.authOpenIDGroupClaim} not found or empty in userinfo`)
}
let user = await Database.userModel.findOrCreateUserFromOpenIdUserInfo(userinfo)
let user = await Database.userModel.findOrCreateUserFromOpenIdUserInfo(userinfo, this)
if (!user?.isActive) {
throw new Error('User not active or not found')

View file

@ -81,18 +81,6 @@ class TokenManager {
}
}
/**
* Generate a JWT token for a given user
* TODO: Old method with no expiration
* @deprecated
*
* @param {{ id:string, username:string }} user
* @returns {string}
*/
static generateAccessToken(user) {
return jwt.sign({ userId: user.id, username: user.username }, TokenManager.TokenSecret)
}
/**
* Function to generate a jwt token for a given user
* TODO: Old method with no expiration
@ -102,7 +90,7 @@ class TokenManager {
* @returns {string}
*/
generateAccessToken(user) {
return TokenManager.generateAccessToken(user)
return jwt.sign({ userId: user.id, username: user.username }, TokenManager.TokenSecret)
}
/**

View file

@ -1,11 +1,9 @@
const uuidv4 = require('uuid').v4
const sequelize = require('sequelize')
const { LRUCache } = require('lru-cache')
const Logger = require('../Logger')
const SocketAuthority = require('../SocketAuthority')
const { isNullOrNaN } = require('../utils')
const TokenManager = require('../auth/TokenManager')
const { LRUCache } = require('lru-cache')
class UserCache {
constructor() {
@ -215,9 +213,10 @@ class User extends Model {
* or creates a new user if configured to do so.
*
* @param {Object} userinfo
* @param {import('../Auth')} auth
* @returns {Promise<User>}
*/
static async findOrCreateUserFromOpenIdUserInfo(userinfo) {
static async findOrCreateUserFromOpenIdUserInfo(userinfo, auth) {
let user = await this.getUserByOpenIDSub(userinfo.sub)
// Matched by sub
@ -291,7 +290,7 @@ class User extends Model {
// If no existing user was matched, auto-register if configured
if (global.ServerSettings.authOpenIDAutoRegister) {
Logger.info(`[User] openid: Auto-registering user with sub "${userinfo.sub}"`, userinfo)
user = await this.createUserFromOpenIdUserInfo(userinfo)
user = await this.createUserFromOpenIdUserInfo(userinfo, auth)
return user
}
@ -302,15 +301,16 @@ class User extends Model {
/**
* Create user from openid userinfo
* @param {Object} userinfo
* @param {import('../Auth')} auth
* @returns {Promise<User>}
*/
static async createUserFromOpenIdUserInfo(userinfo) {
static async createUserFromOpenIdUserInfo(userinfo, auth) {
const userId = uuidv4()
// TODO: Ensure username is unique?
const username = userinfo.preferred_username || userinfo.name || userinfo.sub
const email = userinfo.email && userinfo.email_verified ? userinfo.email : null
const token = TokenManager.generateAccessToken({ id: userId, username })
const token = auth.generateAccessToken({ id: userId, username })
const newUser = {
id: userId,