Mirrors/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2025-11-04 03:03:18 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
fb097ca09518e3c306c8173f46d032418461b84f
mealie/frontend/schemes/DynamicOpenIDConnectScheme.js
Hayden 5f6844eceb feat: Login with OAuth via OpenID Connect (OIDC) (#3280) 
* initial oidc implementation

* add dynamic scheme

* e2e test setup

* add caching

* fix

* try this

* add libldap-2.5 to runtime dependencies (#2849)

* New translations en-us.json (Norwegian) (#2851)

* New Crowdin updates (#2855)

* New translations en-us.json (Italian)

* New translations en-us.json (Norwegian)

* New translations en-us.json (Portuguese)

* fix

* remove cache

* cache yarn deps

* cache docker image

* cleanup action

* lint

* fix tests

* remove not needed variables

* run code gen

* fix tests

* add docs

* move code into custom scheme

* remove unneeded type

* fix oidc admin

* add more tests

* add better spacing on login page

* create auth providers

* clean up testing stuff

* type fixes

* add OIDC auth method to postgres enum

* add option to bypass login screen and go directly to iDP

* remove check so we can fallback to another auth method oauth fails

* Add provider name to be shown at the login screen

* add new properties to admin about api

* fix spec

* add a prompt to change auth method when changing password

* Create new auth section. Add more info on auth methods

* update docs

* run ruff

* update docs

* format

* docs gen

* formatting

* initialize logger in class

* mypy type fixes

* docs gen

* add models to get proper fields in docs and fix serialization

* validate id token before using it

* only request a mealie token on initial callback

* remove unused method

* fix unit tests

* docs gen

* check for valid idToken before getting token

* add iss to mealie token

* check to see if we already have a mealie token before getting one

* fix lock file

* update authlib

* update lock file

* add remember me environment variable

* add user group setting to allow only certain groups to log in

---------

Co-authored-by: Carter Mintey <cmintey8@gmail.com>
Co-authored-by: Carter <35710697+cmintey@users.noreply.github.com>
2024-03-10 13:51:36 -05:00

88 lines
2.2 KiB
JavaScript
Raw Blame History

import jwtDecode from "jwt-decode"
import { ConfigurationDocument, OpenIDConnectScheme } from "~auth/runtime"
/**
* Custom Scheme that dynamically gets the OpenID Connect configuration from the backend.
* This is needed because the SPA frontend does not have access to runtime environment variables.
*/
export default class DynamicOpenIDConnectScheme extends OpenIDConnectScheme {
async mounted() {
await this.getConfiguration();
this.options.scope = ["openid", "profile", "email", "groups"]
this.configurationDocument = new ConfigurationDocument(
this,
this.$auth.$storage
)
// eslint-disable-next-line @typescript-eslint/no-unsafe-return
return await super.mounted()
}
async fetchUser() {
if (!this.check().valid) {
return
}
const { data } = await this.$auth.requestWith(this.name, {
url: "/api/users/self"
})
this.$auth.setUser(data)
}
async _handleCallback() {
const redirect = await super._handleCallback()
await this.updateAccessToken()
// eslint-disable-next-line @typescript-eslint/no-unsafe-return
return redirect;
}
async updateAccessToken() {
if (!this.idToken.sync()) {
return
}
if (this.isValidMealieToken()) {
return
}
const response = await this.$auth.requestWith(this.name, {
url: "/api/auth/token",
method: "post"
})
// Update tokens with mealie token
this.updateTokens(response)
}
isValidMealieToken() {
if (this.token.status().valid()) {
let iss = null;
try {
// eslint-disable-next-line @typescript-eslint/no-unsafe-argument
iss = jwtDecode(this.token.get()).iss
} catch (e) {
// pass
}
return iss === "mealie"
}
return false
}
async getConfiguration() {
const route = "/api/app/about/oidc";
try {
const response = await fetch(route);
const data = await response.json();
this.options.endpoints.configuration = data.configurationUrl;
this.options.clientId = data.clientId;
} catch (error) {
// pass
}
}
}
Reference in New Issue View Git Blame Copy Permalink