dennii/dbgate
1
0
Fork 0
mirror of https://github.com/DeNNiiInc/dbgate.git synced 2026-05-01 17:53:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

multiauth

Browse Source
This commit is contained in:
Jan Prochazka
2024-08-07 17:02:19 +02:00
parent 5f14da3844
commit e537b43563
5 changed files with 46 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
packages/api/src/auth/authProvider.js
View File

@@ -62,6 +62,10 @@ class AuthProviderBase {
status: 'error', status: 'error',
}; };
} }
async getLogoutUrl() {
return null;
}
} }
class OAuthProvider extends AuthProviderBase { class OAuthProvider extends AuthProviderBase {
@@ -118,13 +122,8 @@ class OAuthProvider extends AuthProviderBase {
return { error: 'Token not found' }; return { error: 'Token not found' };
} }
getAdditionalConfigProps() { async getLogoutUrl() {
return { return process.env.OAUTH_LOGOUT;
oauth: process.env.OAUTH_AUTH,
oauthClient: process.env.OAUTH_CLIENT_ID,
oauthScope: process.env.OAUTH_SCOPE,
oauthLogout: process.env.OAUTH_LOGOUT,
};
} }
toJson() { toJson() {

1
packages/api/src/controllers/config.js
View File

@@ -51,6 +51,7 @@ module.exports = {
isElectron: platformInfo.isElectron, isElectron: platformInfo.isElectron,
isLicenseValid: platformInfo.isLicenseValid, isLicenseValid: platformInfo.isLicenseValid,
checkedLicense: platformInfo.checkedLicense, checkedLicense: platformInfo.checkedLicense,
logoutUrl: await authProvider.getLogoutUrl(),
permissions, permissions,
login, login,
// ...additionalConfigProps, // ...additionalConfigProps,

12
packages/api/src/controllers/connections.js
View File

@@ -17,7 +17,7 @@ const platformInfo = require('../utility/platformInfo');
const { connectionHasPermission, testConnectionPermission } = require('../utility/hasPermission'); const { connectionHasPermission, testConnectionPermission } = require('../utility/hasPermission');
const pipeForkLogs = require('../utility/pipeForkLogs'); const pipeForkLogs = require('../utility/pipeForkLogs');
const requireEngineDriver = require('../utility/requireEngineDriver'); const requireEngineDriver = require('../utility/requireEngineDriver');
const { getAuthProvider } = require('../auth/authProvider'); const { getAuthProviderById } = require('../auth/authProvider');
const logger = getLogger('connections'); const logger = getLogger('connections');
@@ -413,13 +413,13 @@ module.exports = {
}, },
dbloginAuthToken_meta: true, dbloginAuthToken_meta: true,
async dbloginAuthToken({ code, conid, redirectUri }) { async dbloginAuthToken({ amoid, code, conid, redirectUri }) {
try { try {
const connection = await this.getCore({ conid }); const connection = await this.getCore({ conid });
const driver = requireEngineDriver(connection); const driver = requireEngineDriver(connection);
const accessToken = await driver.getAuthTokenFromCode(connection, { code, redirectUri }); const accessToken = await driver.getAuthTokenFromCode(connection, { code, redirectUri });
const volatile = await this.saveVolatile({ conid, accessToken }); const volatile = await this.saveVolatile({ conid, accessToken });
const authProvider = getAuthProvider(); const authProvider = getAuthProviderById(amoid);
const resp = await authProvider.login(null, null, { conid: volatile._id }); const resp = await authProvider.login(null, null, { conid: volatile._id });
return resp; return resp;
} catch (err) { } catch (err) {
@@ -429,18 +429,18 @@ module.exports = {
}, },
dbloginAuth_meta: true, dbloginAuth_meta: true,
async dbloginAuth({ conid, user, password }) { async dbloginAuth({ amoid, conid, user, password }) {
if (user || password) { if (user || password) {
const saveResp = await this.saveVolatile({ conid, user, password, test: true }); const saveResp = await this.saveVolatile({ conid, user, password, test: true });
if (saveResp.msgtype == 'connected') { if (saveResp.msgtype == 'connected') {
const loginResp = await getAuthProvider().login(user, password, { conid: saveResp._id }); const loginResp = await getAuthProviderById(amoid).login(user, password, { conid: saveResp._id });
return loginResp; return loginResp;
} }
return saveResp; return saveResp;
} }
// user and password is stored in connection, volatile connection is not needed // user and password is stored in connection, volatile connection is not needed
const loginResp = await getAuthProvider().login(null, null, { conid }); const loginResp = await getAuthProviderById(amoid).login(null, null, { conid });
return loginResp; return loginResp;
}, },
}; };

4
packages/web/src/LoginPage.svelte
View File

@@ -130,7 +130,7 @@
<FormSubmit <FormSubmit
value="Open database login page" value="Open database login page"
on:click={async e => { on:click={async e => {
const state = `dbg-dblogin:${strmid}:${selectedConnection?.conid}`; const state = `dbg-dblogin:${strmid}:${selectedConnection?.conid}:${$values.amoid}`;
sessionStorage.setItem('dbloginAuthState', state); sessionStorage.setItem('dbloginAuthState', state);
// openWebLink( // openWebLink(
// `connections/dblogin?conid=${selectedConnection?.conid}&state=${encodeURIComponent(state)}&redirectUri=${ // `connections/dblogin?conid=${selectedConnection?.conid}&state=${encodeURIComponent(state)}&redirectUri=${
@@ -154,6 +154,7 @@
testIdRef.update(x => x + 1); testIdRef.update(x => x + 1);
const testid = testIdRef.get(); const testid = testIdRef.get();
const resp = await apiCall('connections/dblogin-auth', { const resp = await apiCall('connections/dblogin-auth', {
amoid: $values.amoid,
conid: selectedConnection.conid, conid: selectedConnection.conid,
user: $values['login'], user: $values['login'],
password: $values['password'], password: $values['password'],
@@ -169,6 +170,7 @@
} else { } else {
enableApi(); enableApi();
const resp = await apiCall('connections/dblogin-auth', { const resp = await apiCall('connections/dblogin-auth', {
amoid: $values.amoid,
conid: selectedConnection.conid, conid: selectedConnection.conid,
}); });
localStorage.setItem('accessToken', resp.accessToken); localStorage.setItem('accessToken', resp.accessToken);

42
packages/web/src/clientAuth.ts
View File

@@ -1,3 +1,4 @@
import { ca } from 'date-fns/locale';
import { apiCall, enableApi, getAuthCategory } from './utility/api'; import { apiCall, enableApi, getAuthCategory } from './utility/api';
import { getConfig } from './utility/metadataLoaders'; import { getConfig } from './utility/metadataLoaders';
import { isAdminPage } from './utility/pageDefs'; import { isAdminPage } from './utility/pageDefs';
@@ -86,13 +87,14 @@ export function handleOauthCallback() {
} }
if (isDbLoginAuthCallback()) { if (isDbLoginAuthCallback()) {
const [_prefix, strmid, conid] = sessionStorage.getItem('dbloginAuthState').split(':'); const [_prefix, strmid, conid, amoid] = sessionStorage.getItem('dbloginAuthState').split(':');
sessionStorage.removeItem('dbloginAuthState'); sessionStorage.removeItem('dbloginAuthState');
apiCall('connections/dblogin-auth-token', { apiCall('connections/dblogin-auth-token', {
code: sentCode, code: sentCode,
conid, conid,
redirectUri: location.origin + location.pathname, redirectUri: location.origin + location.pathname,
amoid,
}).then(authResp => { }).then(authResp => {
if (authResp.accessToken) { if (authResp.accessToken) {
localStorage.setItem('accessToken', authResp.accessToken); localStorage.setItem('accessToken', authResp.accessToken);
@@ -182,20 +184,36 @@ export function internalRedirectTo(path) {
export async function doLogout() { export async function doLogout() {
enableApi(); enableApi();
const config = await getConfig(); const config = await getConfig();
if (config.oauth) { const category = getAuthCategory(config);
localStorage.removeItem(isAdminPage() ? 'adminAccessToken' : 'accessToken');
if (config.oauthLogout) { if (category == 'admin') {
window.location.href = config.oauthLogout; localStorage.removeItem('adminAccessToken');
internalRedirectTo('/?page=admin-login&is-admin=true');
} else if (category == 'token') {
localStorage.removeItem('accessToken');
if (config.logoutUrl) {
window.location.href = config.logoutUrl;
} else { } else {
internalRedirectTo('/?page=not-logged'); internalRedirectTo('/?page=not-logged');
} }
} else if (config.isLoginForm) { } else if (category == 'basic') {
localStorage.removeItem(isAdminPage() ? 'adminAccessToken' : 'accessToken');
internalRedirectTo(`/?page=not-logged&is-admin=${isAdminPage() ? 'true' : ''}`);
} else if (config.isAdminLoginForm && isAdminPage()) {
localStorage.removeItem('adminAccessToken');
internalRedirectTo('/?page=admin-login&is-admin=true');
} else {
window.location.href = 'config/logout'; window.location.href = 'config/logout';
} }
// if (config.oauth) {
// localStorage.removeItem(isAdminPage() ? 'adminAccessToken' : 'accessToken');
// if (config.oauthLogout) {
// window.location.href = config.oauthLogout;
// } else {
// internalRedirectTo('/?page=not-logged');
// }
// } else if (config.isLoginForm) {
// localStorage.removeItem(isAdminPage() ? 'adminAccessToken' : 'accessToken');
// internalRedirectTo(`/?page=not-logged&is-admin=${isAdminPage() ? 'true' : ''}`);
// } else if (config.isAdminLoginForm && isAdminPage()) {
// localStorage.removeItem('adminAccessToken');
// internalRedirectTo('/?page=admin-login&is-admin=true');
// } else {
// window.location.href = 'config/logout';
// }
} }