From fa44a5343b65e9f223f645c340cd528e7112a5f5 Mon Sep 17 00:00:00 2001 From: Jin <22962980+JYC333@users.noreply.github.com> Date: Fri, 6 Jun 2025 17:12:13 +0200 Subject: [PATCH 1/4] =?UTF-8?q?feat:=20=F0=9F=8E=B8=20support=20custon=20o?= =?UTF-8?q?idc=20server?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/server/src/assets/config-sample.ini | 12 ++++++++++++ apps/server/src/services/config.ts | 14 +++++++++++++- 2 files changed, 25 insertions(+), 1 deletion(-) diff --git a/apps/server/src/assets/config-sample.ini b/apps/server/src/assets/config-sample.ini index f89790163..41eb3d2b6 100644 --- a/apps/server/src/assets/config-sample.ini +++ b/apps/server/src/assets/config-sample.ini @@ -55,3 +55,15 @@ oauthClientId= # Set the client secret for OAuth/OpenID authentication # This is the secret of the client that will be used to verify the user's identity oauthClientSecret= + +# Set the issuer base URL for OAuth/OpenID authentication +# This is the base URL of the service that will be used to verify the user's identity +oauthIssuerBaseUrl= + +# Set the issuer name for OAuth/OpenID authentication +# This is the name of the service that will be used to verify the user's identity +oauthIssuerName= + +# Set the issuer icon for OAuth/OpenID authentication +# This is the icon of the service that will be used to verify the user's identity +oauthIssuerIcon= diff --git a/apps/server/src/services/config.ts b/apps/server/src/services/config.ts index 2089c03ce..d88236b52 100644 --- a/apps/server/src/services/config.ts +++ b/apps/server/src/services/config.ts @@ -46,6 +46,9 @@ export interface TriliumConfig { oauthBaseUrl: string; oauthClientId: string; oauthClientSecret: string; + oauthIssuerBaseUrl: string; + oauthIssuerName: string; + oauthIssuerIcon: string; }; } @@ -123,7 +126,16 @@ const config: TriliumConfig = { process.env.TRILIUM_OAUTH_CLIENT_ID || iniConfig?.MultiFactorAuthentication?.oauthClientId || "", oauthClientSecret: - process.env.TRILIUM_OAUTH_CLIENT_SECRET || iniConfig?.MultiFactorAuthentication?.oauthClientSecret || "" + process.env.TRILIUM_OAUTH_CLIENT_SECRET || iniConfig?.MultiFactorAuthentication?.oauthClientSecret || "", + + oauthIssuerBaseUrl: + process.env.TRILIUM_OAUTH_ISSUER_BASE_URL || iniConfig?.MultiFactorAuthentication?.oauthIssuerBaseUrl || "https://accounts.google.com", + + oauthIssuerName: + process.env.TRILIUM_OAUTH_ISSUER_NAME || iniConfig?.MultiFactorAuthentication?.oauthIssuerName || "Google", + + oauthIssuerIcon: + process.env.TRILIUM_OAUTH_ISSUER_ICON || iniConfig?.MultiFactorAuthentication?.oauthIssuerIcon || "" } }; From db3bf4c12c1b011963f0cebf35afc61575332904 Mon Sep 17 00:00:00 2001 From: Jin <22962980+JYC333@users.noreply.github.com> Date: Fri, 6 Jun 2025 17:16:11 +0200 Subject: [PATCH 2/4] =?UTF-8?q?feat:=20=F0=9F=8E=B8=20set=20SSO=20login=20?= =?UTF-8?q?logic?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/server/src/routes/login.ts | 2 ++ apps/server/src/services/open_id.ts | 14 ++++++++++++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/apps/server/src/routes/login.ts b/apps/server/src/routes/login.ts index d428f21bf..10bfa5b94 100644 --- a/apps/server/src/routes/login.ts +++ b/apps/server/src/routes/login.ts @@ -19,6 +19,8 @@ function loginPage(req: Request, res: Response) { wrongTotp: false, totpEnabled: totp.isTotpEnabled(), ssoEnabled: openID.isOpenIDEnabled(), + ssoIssuerName: openID.getSSOIssuerName(), + ssoIssuerIcon: openID.getSSOIssuerIcon(), assetPath: assetPath, assetPathFragment: assetUrlFragment, appPath: appPath, diff --git a/apps/server/src/services/open_id.ts b/apps/server/src/services/open_id.ts index e45ed6599..2ae3bbe1e 100644 --- a/apps/server/src/services/open_id.ts +++ b/apps/server/src/services/open_id.ts @@ -8,7 +8,7 @@ import config from "./config.js"; function checkOpenIDConfig() { - let missingVars: string[] = [] + const missingVars: string[] = [] if (config.MultiFactorAuthentication.oauthBaseUrl === "") { missingVars.push("oauthBaseUrl"); } @@ -89,6 +89,14 @@ function isTokenValid(req: Request, res: Response, next: NextFunction) { } } +function getSSOIssuerName() { + return config.MultiFactorAuthentication.oauthIssuerName; +} + +function getSSOIssuerIcon() { + return config.MultiFactorAuthentication.oauthIssuerIcon; +} + function generateOAuthConfig() { const authRoutes = { callback: "/callback", @@ -105,7 +113,7 @@ function generateOAuthConfig() { auth0Logout: false, baseURL: config.MultiFactorAuthentication.oauthBaseUrl, clientID: config.MultiFactorAuthentication.oauthClientId, - issuerBaseURL: "https://accounts.google.com", + issuerBaseURL: config.MultiFactorAuthentication.oauthIssuerBaseUrl, secret: config.MultiFactorAuthentication.oauthClientSecret, clientSecret: config.MultiFactorAuthentication.oauthClientSecret, authorizationParams: { @@ -147,6 +155,8 @@ function generateOAuthConfig() { export default { generateOAuthConfig, getOAuthStatus, + getSSOIssuerName, + getSSOIssuerIcon, isOpenIDEnabled, clearSavedUser, isTokenValid, From 4cafd83c25d7d938879fc4fd590cd33e7e192683 Mon Sep 17 00:00:00 2001 From: Jin <22962980+JYC333@users.noreply.github.com> Date: Fri, 6 Jun 2025 17:18:52 +0200 Subject: [PATCH 3/4] =?UTF-8?q?feat:=20=F0=9F=8E=B8=20set=20SSO=20login=20?= =?UTF-8?q?page=20ui?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/server/src/assets/translations/cn/server.json | 2 +- apps/server/src/assets/translations/en/server.json | 2 +- apps/server/src/assets/views/login.ejs | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/apps/server/src/assets/translations/cn/server.json b/apps/server/src/assets/translations/cn/server.json index 8af485c5d..4daf1d49b 100644 --- a/apps/server/src/assets/translations/cn/server.json +++ b/apps/server/src/assets/translations/cn/server.json @@ -103,7 +103,7 @@ "password": "密码", "remember-me": "记住我", "button": "登录", - "sign_in_with_google": "使用 Google 登录" + "sign_in_with_sso": "使用 {{ ssoIssuerName }} 登录" }, "set_password": { "title": "设置密码", diff --git a/apps/server/src/assets/translations/en/server.json b/apps/server/src/assets/translations/en/server.json index 33147a8d2..ffa7a0eb3 100644 --- a/apps/server/src/assets/translations/en/server.json +++ b/apps/server/src/assets/translations/en/server.json @@ -112,7 +112,7 @@ "password": "Password", "remember-me": "Remember me", "button": "Login", - "sign_in_with_google": "Sign in with Google" + "sign_in_with_sso": "Sign in with {{ ssoIssuerName }}" }, "set_password": { "title": "Set Password", diff --git a/apps/server/src/assets/views/login.ejs b/apps/server/src/assets/views/login.ejs index 1daf91a3d..98752a373 100644 --- a/apps/server/src/assets/views/login.ejs +++ b/apps/server/src/assets/views/login.ejs @@ -26,8 +26,8 @@ <% if (ssoEnabled) { %> - Google logo - <%= t("login.sign_in_with_google") %> + <%= ssoIssuerName %> + <%= t("login.sign_in_with_sso", { ssoIssuerName: ssoIssuerName }) %> <% } else { %>
From bffb47645c220088e0f4f8e022b25b8f92696eed Mon Sep 17 00:00:00 2001 From: Jin <22962980+JYC333@users.noreply.github.com> Date: Sat, 7 Jun 2025 12:00:37 +0200 Subject: [PATCH 4/4] =?UTF-8?q?fix:=20=F0=9F=90=9B=20fix=20SSO=20icon=20lo?= =?UTF-8?q?ading?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/server/src/assets/views/login.ejs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/server/src/assets/views/login.ejs b/apps/server/src/assets/views/login.ejs index 98752a373..4cd3c6a00 100644 --- a/apps/server/src/assets/views/login.ejs +++ b/apps/server/src/assets/views/login.ejs @@ -26,7 +26,7 @@ <% if (ssoEnabled) { %> - <%= ssoIssuerName %> + <%= ssoIssuerName %> <%= t("login.sign_in_with_sso", { ssoIssuerName: ssoIssuerName }) %> <% } else { %>