multiauth refactor

packages/api/src/controllers/auth.js

@@ -5,7 +5,12 @@ const { getLogger } = require('dbgate-tools');
 const AD = require('activedirectory2').promiseWrapper;
 const crypto = require('crypto');
 const { getTokenSecret, getTokenLifetime } = require('../auth/authCommon');
-const { getAuthProviderFromReq, getAuthProviders, getDefaultAuthProvider, getAuthProviderById } = require('../auth/authProvider');
+const {
+  getAuthProviderFromReq,
+  getAuthProviders,
+  getDefaultAuthProvider,
+  getAuthProviderById,
+} = require('../auth/authProvider');
 const storage = require('./storage');
 
 const logger = getLogger('auth');
@@ -27,6 +32,7 @@ function authMiddleware(req, res, next) {
     '/config/get-settings',
     '/auth/oauth-token',
     '/auth/login',
+    '/auth/redirect',
     '/stream',
     'storage/get-connections-for-login-page',
     'auth/get-providers',
@@ -37,11 +43,13 @@ function authMiddleware(req, res, next) {
 
   // console.log('********************* getAuthProvider()', getAuthProvider());
 
-  const isAdminPage = req.headers['x-is-admin-page'] == 'true';
+  // const isAdminPage = req.headers['x-is-admin-page'] == 'true';
 
-  if (!isAdminPage && !getAuthProviderFromReq(req).shouldAuthorizeApi()) {
+  if (process.env.BASIC_AUTH) {
+    // API is not authorized for basic auth
     return next();
   }
+
   let skipAuth = !!SKIP_AUTH_PATHS.find(x => req.path == getExpressPath(x));
 
   const authHeader = req.headers.authorization;
@@ -70,7 +78,8 @@ function authMiddleware(req, res, next) {
 module.exports = {
   oauthToken_meta: true,
   async oauthToken(params) {
-    return getDefaultAuthProvider().oauthToken(params);
+    const { amoid } = params;
+    return getAuthProviderById(amoid).oauthToken(params);
   },
   login_meta: true,
   async login(params) {
@@ -107,5 +116,11 @@ module.exports = {
     };
   },
 
+  redirect_meta: true,
+  async redirect(params) {
+    const { amoid } = params;
+    return getAuthProviderById(amoid).redirect(params);
+  },
+
   authMiddleware,
 };

packages/api/src/controllers/config.js

@@ -31,8 +31,6 @@ module.exports = {
     const authProvider = getAuthProviderFromReq(req);
     const login = authProvider.getCurrentLogin(req);
     const permissions = authProvider.getCurrentPermissions(req);
-    const isLoginForm = authProvider.isLoginForm();
-    const additionalConfigProps = authProvider.getAdditionalConfigProps();
     const isUserLoggedIn = authProvider.isUserLoggedIn(req);
 
     const singleConid = authProvider.getSingleConnectionId(req);
@@ -52,12 +50,17 @@ module.exports = {
       isDocker: platformInfo.isDocker,
       isElectron: platformInfo.isElectron,
       isLicenseValid: platformInfo.isLicenseValid,
-      licenseError: platformInfo.licenseError,
+      checkedLicense: platformInfo.checkedLicense,
       permissions,
       login,
-      ...additionalConfigProps,
-      isLoginForm,
-      isAdminLoginForm: !!(process.env.STORAGE_DATABASE && process.env.ADMIN_PASSWORD && !process.env.BASIC_AUTH),
+      // ...additionalConfigProps,
+      isBasicAuth: !!process.env.BASIC_AUTH,
+      isAdminLoginForm: !!(
+        process.env.STORAGE_DATABASE &&
+        process.env.ADMIN_PASSWORD &&
+        !process.env.BASIC_AUTH &&
+        platformInfo.checkedLicense?.type == 'premium'
+      ),
       storageDatabase: process.env.STORAGE_DATABASE,
       logsFilePath: getLogsFilePath(),
       connectionsFilePath: path.join(datadir(), 'connections.jsonl'),