From 0fe4dcacd5b0a73ed336c530c984a9d277b70688 Mon Sep 17 00:00:00 2001 From: MathieuSevignyLavallee <89943988+MathieuSevignyLavallee@users.noreply.github.com> Date: Mon, 30 Sep 2024 20:40:33 -0400 Subject: [PATCH 1/3] correction config avec OIDC --- server/__tests__/auth.test.js | 3 ++- server/auth_config.json.example | 15 +++++++++++++-- server/config/auth.js | 2 +- 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/server/__tests__/auth.test.js b/server/__tests__/auth.test.js index f3f288c..0099d03 100644 --- a/server/__tests__/auth.test.js +++ b/server/__tests__/auth.test.js @@ -23,7 +23,8 @@ const mockConfig = { type: "oidc", OIDC_CLIENT_ID: "your_oidc_client_id", OIDC_CLIENT_SECRET: "your_oidc_client_secret", - OIDC_ISSUER_URL: "https://your-issuer.com", + OIDC_CONFIG_URL: "https://your-issuer.com", + OIDC_ADD_SCOPE: "groups", OIDC_ROLE_TEACHER_VALUE: "teacher-claim-value", OIDC_ROLE_STUDENT_VALUE: "student-claim-value", }, diff --git a/server/auth_config.json.example b/server/auth_config.json.example index c2aa256..c4bdaae 100644 --- a/server/auth_config.json.example +++ b/server/auth_config.json.example @@ -16,11 +16,22 @@ } }, { - "oidc":{ - "type":"oidc" + "oidc_gmatte": { + "type": "oidc", + "OIDC_CONFIG_URL": "https://auth.gmatte.xyz/application/o/evaluetonsavoir/.well-known/openid-configuration", + "OIDC_CLIENT_ID": "clientID", + "OIDC_CLIENT_SECRET": "clientSecret", + "OIDC_ADD_SCOPE": "groups", + "OIDC_ROLE_TEACHER_VALUE": "groups_evaluetonsavoir-prof", + "OIDC_ROLE_STUDENT_VALUE": "groups_evaluetonsavoir" } } ], + "simple-login": { + "enabled": true, + "name": "provider3", + "SESSION_SECRET": "your_session_secret" + } "Module X":{ } diff --git a/server/config/auth.js b/server/config/auth.js index 6d2b425..40f8e10 100644 --- a/server/config/auth.js +++ b/server/config/auth.js @@ -94,7 +94,7 @@ class AuthConfig { ]; const requiredOIDCFields = [ - 'OIDC_CLIENT_ID', 'OIDC_CLIENT_SECRET', 'OIDC_ISSUER_URL', 'OIDC_ROLE_TEACHER_VALUE', 'OIDC_ROLE_STUDENT_VALUE' + 'OIDC_CLIENT_ID', 'OIDC_CLIENT_SECRET', 'OIDC_CONFIG_URL', 'OIDC_ROLE_TEACHER_VALUE', 'OIDC_ROLE_STUDENT_VALUE','OIDC_ADD_SCOPE' ]; const missingFieldsReport = []; From 8d31bc8f8cbd99f829234d8453ed6851f50d8357 Mon Sep 17 00:00:00 2001 From: Bruno Roesner Date: Mon, 30 Sep 2024 20:40:37 -0400 Subject: [PATCH 2/3] added groups in oidc response --- server/auth/modules/passport-providers/oidc.js | 1 + 1 file changed, 1 insertion(+) diff --git a/server/auth/modules/passport-providers/oidc.js b/server/auth/modules/passport-providers/oidc.js index 7f7ffa2..44cadb7 100644 --- a/server/auth/modules/passport-providers/oidc.js +++ b/server/auth/modules/passport-providers/oidc.js @@ -34,6 +34,7 @@ class PassportOpenIDConnect { id: profile.id, email: profile.emails[0].value, name: profile.name.givenName, + groups: profile.groups[0].value ?? [] }; return done(null, user); } catch (error) { From ee580005b26f7061172964a10c3566635b758cb3 Mon Sep 17 00:00:00 2001 From: MathieuSevignyLavallee <89943988+MathieuSevignyLavallee@users.noreply.github.com> Date: Mon, 30 Sep 2024 21:15:09 -0400 Subject: [PATCH 3/3] Fix bug --- server/config/auth.js | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/server/config/auth.js b/server/config/auth.js index 40f8e10..cefdb1e 100644 --- a/server/config/auth.js +++ b/server/config/auth.js @@ -151,15 +151,11 @@ class AuthConfig { if (providerConfig.type === 'oauth') { passportConfig[providerName] = { - type: providerConfig.type, - authorizationUrl: providerConfig.OAUTH_AUTHORIZATION_URL, - callbackUrl: providerConfig.OAUTH_CALLBACK_URL, + type: providerConfig.type }; } else if (providerConfig.type === 'oidc') { passportConfig[providerName] = { type: providerConfig.type, - issuerUrl: providerConfig.OIDC_ISSUER_URL, - callbackUrl: providerConfig.OIDC_CALLBACK_URL }; } });