diff --git a/packages/api/src/auth/authProvider.js b/packages/api/src/auth/authProvider.js index 074a351cc..131757ee6 100644 --- a/packages/api/src/auth/authProvider.js +++ b/packages/api/src/auth/authProvider.js @@ -62,6 +62,10 @@ class AuthProviderBase { status: 'error', }; } + + async getLogoutUrl() { + return null; + } } class OAuthProvider extends AuthProviderBase { @@ -118,13 +122,8 @@ class OAuthProvider extends AuthProviderBase { return { error: 'Token not found' }; } - getAdditionalConfigProps() { - return { - oauth: process.env.OAUTH_AUTH, - oauthClient: process.env.OAUTH_CLIENT_ID, - oauthScope: process.env.OAUTH_SCOPE, - oauthLogout: process.env.OAUTH_LOGOUT, - }; + async getLogoutUrl() { + return process.env.OAUTH_LOGOUT; } toJson() { diff --git a/packages/api/src/controllers/config.js b/packages/api/src/controllers/config.js index 1c70c64a5..f7ce0ec14 100644 --- a/packages/api/src/controllers/config.js +++ b/packages/api/src/controllers/config.js @@ -51,6 +51,7 @@ module.exports = { isElectron: platformInfo.isElectron, isLicenseValid: platformInfo.isLicenseValid, checkedLicense: platformInfo.checkedLicense, + logoutUrl: await authProvider.getLogoutUrl(), permissions, login, // ...additionalConfigProps, diff --git a/packages/api/src/controllers/connections.js b/packages/api/src/controllers/connections.js index 193d5fd5b..f8b3461ec 100644 --- a/packages/api/src/controllers/connections.js +++ b/packages/api/src/controllers/connections.js @@ -17,7 +17,7 @@ const platformInfo = require('../utility/platformInfo'); const { connectionHasPermission, testConnectionPermission } = require('../utility/hasPermission'); const pipeForkLogs = require('../utility/pipeForkLogs'); const requireEngineDriver = require('../utility/requireEngineDriver'); -const { getAuthProvider } = require('../auth/authProvider'); +const { getAuthProviderById } = require('../auth/authProvider'); const logger = getLogger('connections'); @@ -413,13 +413,13 @@ module.exports = { }, dbloginAuthToken_meta: true, - async dbloginAuthToken({ code, conid, redirectUri }) { + async dbloginAuthToken({ amoid, code, conid, redirectUri }) { try { const connection = await this.getCore({ conid }); const driver = requireEngineDriver(connection); const accessToken = await driver.getAuthTokenFromCode(connection, { code, redirectUri }); const volatile = await this.saveVolatile({ conid, accessToken }); - const authProvider = getAuthProvider(); + const authProvider = getAuthProviderById(amoid); const resp = await authProvider.login(null, null, { conid: volatile._id }); return resp; } catch (err) { @@ -429,18 +429,18 @@ module.exports = { }, dbloginAuth_meta: true, - async dbloginAuth({ conid, user, password }) { + async dbloginAuth({ amoid, conid, user, password }) { if (user || password) { const saveResp = await this.saveVolatile({ conid, user, password, test: true }); if (saveResp.msgtype == 'connected') { - const loginResp = await getAuthProvider().login(user, password, { conid: saveResp._id }); + const loginResp = await getAuthProviderById(amoid).login(user, password, { conid: saveResp._id }); return loginResp; } return saveResp; } // user and password is stored in connection, volatile connection is not needed - const loginResp = await getAuthProvider().login(null, null, { conid }); + const loginResp = await getAuthProviderById(amoid).login(null, null, { conid }); return loginResp; }, }; diff --git a/packages/web/src/LoginPage.svelte b/packages/web/src/LoginPage.svelte index e01ee7a3d..e4880d6c0 100644 --- a/packages/web/src/LoginPage.svelte +++ b/packages/web/src/LoginPage.svelte @@ -130,7 +130,7 @@ { - const state = `dbg-dblogin:${strmid}:${selectedConnection?.conid}`; + const state = `dbg-dblogin:${strmid}:${selectedConnection?.conid}:${$values.amoid}`; sessionStorage.setItem('dbloginAuthState', state); // openWebLink( // `connections/dblogin?conid=${selectedConnection?.conid}&state=${encodeURIComponent(state)}&redirectUri=${ @@ -154,6 +154,7 @@ testIdRef.update(x => x + 1); const testid = testIdRef.get(); const resp = await apiCall('connections/dblogin-auth', { + amoid: $values.amoid, conid: selectedConnection.conid, user: $values['login'], password: $values['password'], @@ -169,6 +170,7 @@ } else { enableApi(); const resp = await apiCall('connections/dblogin-auth', { + amoid: $values.amoid, conid: selectedConnection.conid, }); localStorage.setItem('accessToken', resp.accessToken); diff --git a/packages/web/src/clientAuth.ts b/packages/web/src/clientAuth.ts index 582f597da..e543d5826 100644 --- a/packages/web/src/clientAuth.ts +++ b/packages/web/src/clientAuth.ts @@ -1,3 +1,4 @@ +import { ca } from 'date-fns/locale'; import { apiCall, enableApi, getAuthCategory } from './utility/api'; import { getConfig } from './utility/metadataLoaders'; import { isAdminPage } from './utility/pageDefs'; @@ -86,13 +87,14 @@ export function handleOauthCallback() { } if (isDbLoginAuthCallback()) { - const [_prefix, strmid, conid] = sessionStorage.getItem('dbloginAuthState').split(':'); + const [_prefix, strmid, conid, amoid] = sessionStorage.getItem('dbloginAuthState').split(':'); sessionStorage.removeItem('dbloginAuthState'); apiCall('connections/dblogin-auth-token', { code: sentCode, conid, redirectUri: location.origin + location.pathname, + amoid, }).then(authResp => { if (authResp.accessToken) { localStorage.setItem('accessToken', authResp.accessToken); @@ -182,20 +184,36 @@ export function internalRedirectTo(path) { export async function doLogout() { enableApi(); const config = await getConfig(); - if (config.oauth) { - localStorage.removeItem(isAdminPage() ? 'adminAccessToken' : 'accessToken'); - if (config.oauthLogout) { - window.location.href = config.oauthLogout; + const category = getAuthCategory(config); + + if (category == 'admin') { + localStorage.removeItem('adminAccessToken'); + internalRedirectTo('/?page=admin-login&is-admin=true'); + } else if (category == 'token') { + localStorage.removeItem('accessToken'); + if (config.logoutUrl) { + window.location.href = config.logoutUrl; } else { internalRedirectTo('/?page=not-logged'); } - } else if (config.isLoginForm) { - localStorage.removeItem(isAdminPage() ? 'adminAccessToken' : 'accessToken'); - internalRedirectTo(`/?page=not-logged&is-admin=${isAdminPage() ? 'true' : ''}`); - } else if (config.isAdminLoginForm && isAdminPage()) { - localStorage.removeItem('adminAccessToken'); - internalRedirectTo('/?page=admin-login&is-admin=true'); - } else { + } else if (category == 'basic') { window.location.href = 'config/logout'; } + + // if (config.oauth) { + // localStorage.removeItem(isAdminPage() ? 'adminAccessToken' : 'accessToken'); + // if (config.oauthLogout) { + // window.location.href = config.oauthLogout; + // } else { + // internalRedirectTo('/?page=not-logged'); + // } + // } else if (config.isLoginForm) { + // localStorage.removeItem(isAdminPage() ? 'adminAccessToken' : 'accessToken'); + // internalRedirectTo(`/?page=not-logged&is-admin=${isAdminPage() ? 'true' : ''}`); + // } else if (config.isAdminLoginForm && isAdminPage()) { + // localStorage.removeItem('adminAccessToken'); + // internalRedirectTo('/?page=admin-login&is-admin=true'); + // } else { + // window.location.href = 'config/logout'; + // } }