2024-09-24 17:24:32 -04:00
|
|
|
var OAuth2Strategy = require('passport-oauth2')
|
2024-10-01 00:14:55 -04:00
|
|
|
var authUserAssoc = require('../../../models/authUserAssociation')
|
|
|
|
|
var users = require('../../../models/users')
|
2024-10-01 10:55:48 -04:00
|
|
|
var { hasNestedValue } = require('../../../utils')
|
2024-10-01 12:03:49 -04:00
|
|
|
var jwt = require('../../../middleware/jwtToken')
|
2024-09-24 17:24:32 -04:00
|
|
|
|
2024-09-27 23:02:53 -04:00
|
|
|
class PassportOAuth {
|
2024-10-01 10:55:48 -04:00
|
|
|
constructor(passportjs,auth_name){
|
2024-10-01 00:14:55 -04:00
|
|
|
this.passportjs = passportjs
|
2024-10-01 10:55:48 -04:00
|
|
|
this.auth_name = auth_name
|
2024-10-01 00:14:55 -04:00
|
|
|
}
|
|
|
|
|
|
2024-09-28 17:08:11 -04:00
|
|
|
register(app, passport,endpoint, name, provider) {
|
2024-09-29 18:39:24 -04:00
|
|
|
const cb_url =`${process.env['BACKEND_URL']}${endpoint}/${name}/callback`
|
2024-10-01 10:55:48 -04:00
|
|
|
const self = this
|
|
|
|
|
|
2024-09-24 17:24:32 -04:00
|
|
|
passport.use(name, new OAuth2Strategy({
|
2024-09-28 17:08:11 -04:00
|
|
|
authorizationURL: provider.OAUTH_AUTHORIZATION_URL,
|
|
|
|
|
tokenURL: provider.OAUTH_TOKEN_URL,
|
|
|
|
|
clientID: provider.OAUTH_CLIENT_ID,
|
|
|
|
|
clientSecret: provider.OAUTH_CLIENT_SECRET,
|
2024-09-29 18:39:24 -04:00
|
|
|
callbackURL: cb_url,
|
2024-09-27 23:02:53 -04:00
|
|
|
passReqToCallback: true
|
|
|
|
|
},
|
|
|
|
|
async function(req, accessToken, refreshToken, params, profile, done) {
|
2024-09-24 17:24:32 -04:00
|
|
|
try {
|
2024-09-28 17:08:11 -04:00
|
|
|
const userInfoResponse = await fetch(provider.OAUTH_USERINFO_URL, {
|
2024-09-27 23:02:53 -04:00
|
|
|
headers: { 'Authorization': `Bearer ${accessToken}` }
|
|
|
|
|
});
|
|
|
|
|
const userInfo = await userInfoResponse.json();
|
|
|
|
|
|
2024-10-01 00:14:55 -04:00
|
|
|
let received_user = {
|
2024-10-01 10:55:48 -04:00
|
|
|
auth_id: userInfo.sub,
|
2024-09-27 23:02:53 -04:00
|
|
|
email: userInfo.email,
|
|
|
|
|
name: userInfo.name,
|
2024-10-01 00:14:55 -04:00
|
|
|
roles: []
|
2024-09-27 23:02:53 -04:00
|
|
|
};
|
2024-10-01 10:55:48 -04:00
|
|
|
|
|
|
|
|
if(hasNestedValue(userInfo,provider.OAUTH_ROLE_TEACHER_VALUE)) received_user.roles.push('teacher')
|
|
|
|
|
if(hasNestedValue(userInfo,provider.OAUTH_ROLE_STUDENT_VALUE)) received_user.roles.push('student')
|
2024-10-01 00:14:55 -04:00
|
|
|
|
2024-10-01 11:37:07 -04:00
|
|
|
const user_association = await authUserAssoc.find_user_association(self.auth_name._id,received_user.auth_id)
|
2024-10-01 00:14:55 -04:00
|
|
|
|
2024-10-01 10:55:48 -04:00
|
|
|
let user_account = null
|
|
|
|
|
if(user_association){
|
|
|
|
|
user_account = await users.getById(user_association.user_id)
|
2024-10-01 00:14:55 -04:00
|
|
|
}
|
|
|
|
|
else {
|
2024-10-01 11:37:07 -04:00
|
|
|
let user_id = await users.getId(received_user.email)
|
2024-10-01 10:55:48 -04:00
|
|
|
user_account = user_id ? await users.getById(user_id) : await users.register(received_user.email,"")
|
|
|
|
|
await authUserAssoc.link(self.auth_name,received_user.auth_id,user_account._id)
|
2024-10-01 00:14:55 -04:00
|
|
|
}
|
2024-09-27 23:02:53 -04:00
|
|
|
|
2024-10-01 10:55:48 -04:00
|
|
|
user_account.name = received_user.name
|
|
|
|
|
user_account.roles = received_user.roles
|
|
|
|
|
await users.editUser(user_account)
|
|
|
|
|
self.passportjs.authenticate(user_account)
|
|
|
|
|
|
2024-09-27 23:02:53 -04:00
|
|
|
// Store the tokens in the session
|
|
|
|
|
req.session.oauth2Tokens = {
|
|
|
|
|
accessToken: accessToken,
|
|
|
|
|
refreshToken: refreshToken,
|
|
|
|
|
expiresIn: params.expires_in
|
|
|
|
|
};
|
2024-09-24 17:24:32 -04:00
|
|
|
|
2024-10-01 10:55:48 -04:00
|
|
|
return done(null, user_account);
|
2024-09-24 17:24:32 -04:00
|
|
|
} catch (error) {
|
2024-09-28 17:08:11 -04:00
|
|
|
console.error(`Erreur dans la strategie OAuth2 '${name}' : ${error}`);
|
2024-09-24 17:24:32 -04:00
|
|
|
return done(error);
|
|
|
|
|
}
|
2024-09-27 23:02:53 -04:00
|
|
|
}));
|
|
|
|
|
|
2024-09-28 17:08:11 -04:00
|
|
|
app.get(`${endpoint}/${name}`, (req, res, next) => {
|
2024-09-27 23:02:53 -04:00
|
|
|
passport.authenticate(name, {
|
2024-09-28 17:08:11 -04:00
|
|
|
scope: 'openid profile email offline_access'+ ` ${provider.OAUTH_ADD_SCOPE}`,
|
2024-09-27 23:02:53 -04:00
|
|
|
prompt: 'consent'
|
|
|
|
|
})(req, res, next);
|
|
|
|
|
});
|
2024-09-24 17:24:32 -04:00
|
|
|
|
2024-09-28 17:08:11 -04:00
|
|
|
app.get(`${endpoint}/${name}/callback`,
|
2024-09-27 23:02:53 -04:00
|
|
|
(req, res, next) => {
|
|
|
|
|
passport.authenticate(name, { failureRedirect: '/login' })(req, res, next);
|
|
|
|
|
},
|
|
|
|
|
(req, res) => {
|
|
|
|
|
if (req.user) {
|
2024-10-01 12:03:49 -04:00
|
|
|
// res.json(req.user)
|
2024-10-01 00:14:55 -04:00
|
|
|
|
2024-09-30 23:05:00 -04:00
|
|
|
//const redirectUrl = `http://your-frontend-url.com/oauth/callback?user=${encodeURIComponent(req.user)}`;
|
|
|
|
|
//res.redirect(redirectUrl);
|
2024-10-01 12:03:49 -04:00
|
|
|
|
|
|
|
|
const tokenToSave = jwt.create(req.user.email, req.user._id);
|
|
|
|
|
res.redirect('/oauth/callback?user=' + tokenToSave);
|
|
|
|
|
|
2024-09-28 17:08:11 -04:00
|
|
|
console.info(`L'utilisateur '${req.user.name}' vient de se connecter`)
|
2024-09-27 23:02:53 -04:00
|
|
|
} else {
|
2024-09-28 17:08:11 -04:00
|
|
|
res.status(401).json({ error: "L'authentification a échoué" });
|
2024-09-27 23:02:53 -04:00
|
|
|
}
|
2024-09-24 17:24:32 -04:00
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
2024-09-27 23:02:53 -04:00
|
|
|
|
2024-09-29 18:39:24 -04:00
|
|
|
module.exports = PassportOAuth;
|
