mirror of
https://github.com/DeNNiiInc/dbgate.git
synced 2026-04-18 00:56:02 +00:00
multiauth
This commit is contained in:
Jan Prochazka
@@ -62,6 +62,10 @@ class AuthProviderBase {
|
||||
status: 'error',
|
||||
};
|
||||
}
|
||||
|
||||
async getLogoutUrl() {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
class OAuthProvider extends AuthProviderBase {
|
||||
@@ -118,13 +122,8 @@ class OAuthProvider extends AuthProviderBase {
|
||||
return { error: 'Token not found' };
|
||||
}
|
||||
|
||||
getAdditionalConfigProps() {
|
||||
return {
|
||||
oauth: process.env.OAUTH_AUTH,
|
||||
oauthClient: process.env.OAUTH_CLIENT_ID,
|
||||
oauthScope: process.env.OAUTH_SCOPE,
|
||||
oauthLogout: process.env.OAUTH_LOGOUT,
|
||||
};
|
||||
async getLogoutUrl() {
|
||||
return process.env.OAUTH_LOGOUT;
|
||||
}
|
||||
|
||||
toJson() {
|
||||
|
||||
@@ -51,6 +51,7 @@ module.exports = {
|
||||
isElectron: platformInfo.isElectron,
|
||||
isLicenseValid: platformInfo.isLicenseValid,
|
||||
checkedLicense: platformInfo.checkedLicense,
|
||||
logoutUrl: await authProvider.getLogoutUrl(),
|
||||
permissions,
|
||||
login,
|
||||
// ...additionalConfigProps,
|
||||
|
||||
@@ -17,7 +17,7 @@ const platformInfo = require('../utility/platformInfo');
|
||||
const { connectionHasPermission, testConnectionPermission } = require('../utility/hasPermission');
|
||||
const pipeForkLogs = require('../utility/pipeForkLogs');
|
||||
const requireEngineDriver = require('../utility/requireEngineDriver');
|
||||
const { getAuthProvider } = require('../auth/authProvider');
|
||||
const { getAuthProviderById } = require('../auth/authProvider');
|
||||
|
||||
const logger = getLogger('connections');
|
||||
|
||||
@@ -413,13 +413,13 @@ module.exports = {
|
||||
},
|
||||
|
||||
dbloginAuthToken_meta: true,
|
||||
async dbloginAuthToken({ code, conid, redirectUri }) {
|
||||
async dbloginAuthToken({ amoid, code, conid, redirectUri }) {
|
||||
try {
|
||||
const connection = await this.getCore({ conid });
|
||||
const driver = requireEngineDriver(connection);
|
||||
const accessToken = await driver.getAuthTokenFromCode(connection, { code, redirectUri });
|
||||
const volatile = await this.saveVolatile({ conid, accessToken });
|
||||
const authProvider = getAuthProvider();
|
||||
const authProvider = getAuthProviderById(amoid);
|
||||
const resp = await authProvider.login(null, null, { conid: volatile._id });
|
||||
return resp;
|
||||
} catch (err) {
|
||||
@@ -429,18 +429,18 @@ module.exports = {
|
||||
},
|
||||
|
||||
dbloginAuth_meta: true,
|
||||
async dbloginAuth({ conid, user, password }) {
|
||||
async dbloginAuth({ amoid, conid, user, password }) {
|
||||
if (user || password) {
|
||||
const saveResp = await this.saveVolatile({ conid, user, password, test: true });
|
||||
if (saveResp.msgtype == 'connected') {
|
||||
const loginResp = await getAuthProvider().login(user, password, { conid: saveResp._id });
|
||||
const loginResp = await getAuthProviderById(amoid).login(user, password, { conid: saveResp._id });
|
||||
return loginResp;
|
||||
}
|
||||
return saveResp;
|
||||
}
|
||||
|
||||
// user and password is stored in connection, volatile connection is not needed
|
||||
const loginResp = await getAuthProvider().login(null, null, { conid });
|
||||
const loginResp = await getAuthProviderById(amoid).login(null, null, { conid });
|
||||
return loginResp;
|
||||
},
|
||||
};
|
||||
|
||||
@@ -130,7 +130,7 @@
|
||||
<FormSubmit
|
||||
value="Open database login page"
|
||||
on:click={async e => {
|
||||
const state = `dbg-dblogin:${strmid}:${selectedConnection?.conid}`;
|
||||
const state = `dbg-dblogin:${strmid}:${selectedConnection?.conid}:${$values.amoid}`;
|
||||
sessionStorage.setItem('dbloginAuthState', state);
|
||||
// openWebLink(
|
||||
// `connections/dblogin?conid=${selectedConnection?.conid}&state=${encodeURIComponent(state)}&redirectUri=${
|
||||
@@ -154,6 +154,7 @@
|
||||
testIdRef.update(x => x + 1);
|
||||
const testid = testIdRef.get();
|
||||
const resp = await apiCall('connections/dblogin-auth', {
|
||||
amoid: $values.amoid,
|
||||
conid: selectedConnection.conid,
|
||||
user: $values['login'],
|
||||
password: $values['password'],
|
||||
@@ -169,6 +170,7 @@
|
||||
} else {
|
||||
enableApi();
|
||||
const resp = await apiCall('connections/dblogin-auth', {
|
||||
amoid: $values.amoid,
|
||||
conid: selectedConnection.conid,
|
||||
});
|
||||
localStorage.setItem('accessToken', resp.accessToken);
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
import { ca } from 'date-fns/locale';
|
||||
import { apiCall, enableApi, getAuthCategory } from './utility/api';
|
||||
import { getConfig } from './utility/metadataLoaders';
|
||||
import { isAdminPage } from './utility/pageDefs';
|
||||
@@ -86,13 +87,14 @@ export function handleOauthCallback() {
|
||||
}
|
||||
|
||||
if (isDbLoginAuthCallback()) {
|
||||
const [_prefix, strmid, conid] = sessionStorage.getItem('dbloginAuthState').split(':');
|
||||
const [_prefix, strmid, conid, amoid] = sessionStorage.getItem('dbloginAuthState').split(':');
|
||||
sessionStorage.removeItem('dbloginAuthState');
|
||||
|
||||
apiCall('connections/dblogin-auth-token', {
|
||||
code: sentCode,
|
||||
conid,
|
||||
redirectUri: location.origin + location.pathname,
|
||||
amoid,
|
||||
}).then(authResp => {
|
||||
if (authResp.accessToken) {
|
||||
localStorage.setItem('accessToken', authResp.accessToken);
|
||||
@@ -182,20 +184,36 @@ export function internalRedirectTo(path) {
|
||||
export async function doLogout() {
|
||||
enableApi();
|
||||
const config = await getConfig();
|
||||
if (config.oauth) {
|
||||
localStorage.removeItem(isAdminPage() ? 'adminAccessToken' : 'accessToken');
|
||||
if (config.oauthLogout) {
|
||||
window.location.href = config.oauthLogout;
|
||||
const category = getAuthCategory(config);
|
||||
|
||||
if (category == 'admin') {
|
||||
localStorage.removeItem('adminAccessToken');
|
||||
internalRedirectTo('/?page=admin-login&is-admin=true');
|
||||
} else if (category == 'token') {
|
||||
localStorage.removeItem('accessToken');
|
||||
if (config.logoutUrl) {
|
||||
window.location.href = config.logoutUrl;
|
||||
} else {
|
||||
internalRedirectTo('/?page=not-logged');
|
||||
}
|
||||
} else if (config.isLoginForm) {
|
||||
localStorage.removeItem(isAdminPage() ? 'adminAccessToken' : 'accessToken');
|
||||
internalRedirectTo(`/?page=not-logged&is-admin=${isAdminPage() ? 'true' : ''}`);
|
||||
} else if (config.isAdminLoginForm && isAdminPage()) {
|
||||
localStorage.removeItem('adminAccessToken');
|
||||
internalRedirectTo('/?page=admin-login&is-admin=true');
|
||||
} else {
|
||||
} else if (category == 'basic') {
|
||||
window.location.href = 'config/logout';
|
||||
}
|
||||
|
||||
// if (config.oauth) {
|
||||
// localStorage.removeItem(isAdminPage() ? 'adminAccessToken' : 'accessToken');
|
||||
// if (config.oauthLogout) {
|
||||
// window.location.href = config.oauthLogout;
|
||||
// } else {
|
||||
// internalRedirectTo('/?page=not-logged');
|
||||
// }
|
||||
// } else if (config.isLoginForm) {
|
||||
// localStorage.removeItem(isAdminPage() ? 'adminAccessToken' : 'accessToken');
|
||||
// internalRedirectTo(`/?page=not-logged&is-admin=${isAdminPage() ? 'true' : ''}`);
|
||||
// } else if (config.isAdminLoginForm && isAdminPage()) {
|
||||
// localStorage.removeItem('adminAccessToken');
|
||||
// internalRedirectTo('/?page=admin-login&is-admin=true');
|
||||
// } else {
|
||||
// window.location.href = 'config/logout';
|
||||
// }
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user