1
0
mirror of https://github.com/node-red/node-red.git synced 2023-10-10 13:36:53 +02:00

Merge pull request #3460 from ArFe/feature-add-store-external-token-when-authenticate

Feature add: Store external token when authenticate if provided
This commit is contained in:
Nick O'Leary 2022-04-22 09:51:20 +01:00 committed by GitHub
commit d802ce1484
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 26 additions and 4 deletions

View File

@ -92,10 +92,16 @@ var passwordTokenExchange = function(client, username, password, scope, done) {
loginAttempts = loginAttempts.filter(function(logEntry) { loginAttempts = loginAttempts.filter(function(logEntry) {
return logEntry.user !== username; return logEntry.user !== username;
}); });
Tokens.create(username,client.id,scope).then(function(tokens) { // Check if the user contains a user defined token and use it
log.audit({event: "auth.login",user,username:username,client:client.id,scope:scope}); // instead of generating a new token
done(null,tokens.accessToken,null,{expires_in:tokens.expires_in}); if(user.token){
}); done(null,user.token,null,null);
} else {
Tokens.create(username,client.id,scope).then(function(tokens) {
log.audit({event: "auth.login",user,username:username,client:client.id,scope:scope});
done(null,tokens.accessToken,null,{expires_in:tokens.expires_in});
});
}
} else { } else {
log.audit({event: "auth.login.fail.permissions",username:username,client:client.id,scope:scope}); log.audit({event: "auth.login.fail.permissions",username:username,client:client.id,scope:scope});
done(null,false); done(null,false);

View File

@ -92,7 +92,23 @@ describe("api/auth/strategies", function() {
tokenCreate.restore(); tokenCreate.restore();
} }
}); });
});
it('Uses provided token on authentication success and token provided',function(done) {
userAuthentication = sinon.stub(Users,"authenticate").callsFake(function(username,password) {
return Promise.resolve({username:"user",permissions:"*",token:"123456"});
});
strategies.passwordTokenExchange({id:"myclient"},"user","password","read",function(err,token) {
try {
should.not.exist(err);
token.should.equal("123456");
done();
} catch(e) {
done(e);
}
});
}); });
}); });