Rename oauth auth scheme to strategy as it works for openid

2017-04-21 21:54:48 +01:00 · 2017-04-21 21:54:48 +01:00 · 72da7e6c54
parent fb05960d79
commit 72da7e6c54
4 changed files with 17 additions and 17 deletions
--- a/editor/js/user.js
+++ b/editor/js/user.js
@ -109,7 +109,7 @@ RED.user = (function() {
                        event.preventDefault();
                    });

-                } else if (data.type == "oauth") {
+                } else if (data.type == "strategy") {
                    i = 0;
                    for (;i<data.prompts.length;i++) {
                        var field = data.prompts[i];
--- a/red/api/auth/index.js
+++ b/red/api/auth/index.js
@ -86,10 +86,10 @@ function login(req,res) {
                "type":"credentials",
                "prompts":[{id:"username",type:"text",label:"Username"},{id:"password",type:"password",label:"Password"}]
            }
-        } else if (settings.adminAuth.type === "oauth") {
+        } else if (settings.adminAuth.type === "strategy") {
            response = {
-                "type":"oauth",
-                "prompts":[{type:"button",label:settings.adminAuth.strategy.label, url:"/auth/oauth"}]
+                "type":"strategy",
+                "prompts":[{type:"button",label:settings.adminAuth.strategy.label, url:"/auth/strategy"}]
            }
            if (settings.adminAuth.strategy.icon) {
                response.prompts[0].icon = settings.adminAuth.strategy.icon;
@ -120,6 +120,7 @@ function revoke(req,res) {

 function completeVerify(profile,done) {
    Users.authenticate(profile).then(function(user) {
+        console.log(user);
        if (user) {
            Tokens.create(user.username,"node-red-editor",user.permissions).then(function(tokens) {
                log.audit({event: "auth.login",username:user.username,scope:user.permissions});
@ -127,7 +128,7 @@ function completeVerify(profile,done) {
                done(null,user);
            });
        } else {
-            log.audit({event: "auth.login.fail.oauth",username:profile.id});
+            log.audit({event: "auth.login.fail.oauth",username:typeof profile === "string"?profile:profile.username});
            done(null,false);
        }
    });
@ -147,11 +148,11 @@ module.exports = {
    },
    login: login,
    revoke: revoke,
-    oauthStrategy: function(adminApp,strategy) {
+    genericStrategy: function(adminApp,strategy) {
        var session = require('express-session');
        var crypto = require("crypto");
        adminApp.use(session({
-            // As the session is only used across the life-span of an oauth
+            // As the session is only used across the life-span of an auth
            // hand-shake, we can use a instance specific random string
            secret: crypto.randomBytes(20).toString('hex'),
            resave: false,
@ -184,8 +185,8 @@ module.exports = {
            }
        ));

-        adminApp.get('/auth/oauth', passport.authenticate(strategy.name));
-        adminApp.get('/auth/oauth/callback',
+        adminApp.get('/auth/strategy', passport.authenticate(strategy.name));
+        adminApp.get('/auth/strategy/callback',
            passport.authenticate(strategy.name, {session:false, failureRedirect: '/' }),
            function(req, res) {
                var tokens = req.user.tokens;
--- a/red/api/auth/users.js
+++ b/red/api/auth/users.js
@ -24,15 +24,14 @@ var passwords = {};
 var defaultUser = null;

 function authenticate() {
-    var username;
-    if (arguments.length === 2) {
-        username = arguments[0];
-    } else {
-        username = arguments[0].username;
+    var username = arguments[0];
+    if (typeof username !== 'string') {
+        username = username.username;
    }
    var user = users[username];
    if (user) {
        if (arguments.length === 2) {
+            // Username/password authentication
            var password = arguments[1];
            return when.promise(function(resolve,reject) {
                bcrypt.compare(password, passwords[username], function(err, res) {
@ -66,7 +65,7 @@ function init(config) {
    users = {};
    passwords = {};
    defaultUser = null;
-    if (config.type == "credentials" || config.type == "oauth") {
+    if (config.type == "credentials" || config.type == "strategy") {
        if (config.users) {
            if (typeof config.users === "function") {
                api.get = config.users;
--- a/red/api/index.js
+++ b/red/api/index.js
@ -107,8 +107,8 @@ function init(_server,_runtime) {
        adminApp.get("/auth/login",auth.login,errorHandler);

        if (settings.adminAuth) {
-            if (settings.adminAuth.type === "oauth") {
-                auth.oauthStrategy(adminApp,settings.adminAuth.strategy);
+            if (settings.adminAuth.type === "strategy") {
+                auth.genericStrategy(adminApp,settings.adminAuth.strategy);
            } else if (settings.adminAuth.type === "credentials") {
                adminApp.use(passport.initialize());
                adminApp.post("/auth/token",