Tools/Notes
1
0
Fork 0
mirror of https://github.com/TriliumNext/Notes.git synced 2025-08-17 15:42:34 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: 🎸 fix open_id error

Browse Source
This commit is contained in:
Jin 2025-03-22 12:46:59 +01:00
parent 0871d16fbc
commit b320553d18
1 changed files with 109 additions and 109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

218
src/services/open_id.ts
View File

@ -1,154 +1,154 @@
import OpenIDError from "../errors/open_id_error.js"; import OpenIDError from "../errors/open_id_error.js";
import { NextFunction, Request, Response } from "express"; import type { NextFunction, Request, Response } from "express";
import openIDEncryption from "./encryption/open_id_encryption.js"; import openIDEncryption from "./encryption/open_id_encryption.js";
import sqlInit from "./sql_init.js"; import sqlInit from "./sql_init.js";
import options from "./options.js"; import options from "./options.js";
import { Session, auth } from "express-openid-connect"; import type { Session } from "express-openid-connect";
import sql from "./sql.js"; import sql from "./sql.js";
function isOpenIDEnabled() { function isOpenIDEnabled() {
return checkOpenIDRequirements(); return checkOpenIDRequirements();
} }
function isUserSaved() { function isUserSaved() {
const data = sql.getValue<string>("SELECT isSetup FROM user_data;"); const data = sql.getValue<string>("SELECT isSetup FROM user_data;");
return data === "true" ? true : false; return data === "true" ? true : false;
} }
function getUsername() { function getUsername() {
const username = sql.getValue<string>("SELECT username FROM user_data;"); const username = sql.getValue<string>("SELECT username FROM user_data;");
return username; return username;
} }
function getUserEmail() { function getUserEmail() {
const email = sql.getValue<string>("SELECT email FROM user_data;"); const email = sql.getValue<string>("SELECT email FROM user_data;");
return email; return email;
} }
function clearSavedUser() { function clearSavedUser() {
sql.execute("DELETE FROM user_data"); sql.execute("DELETE FROM user_data");
options.setOption("isUserSaved", false); options.setOption("userSubjectIdentifierSaved", false);
return { return {
success: true, success: true,
message: "Account data removed." message: "Account data removed."
}; };
} }
function checkOpenIDRequirements() { function checkOpenIDRequirements() {
if (process.env.SSO_ENABLED === undefined) { if (process.env.SSO_ENABLED === undefined) {
return false; return false;
} }
if (process.env.SSO_ENABLED.toLocaleLowerCase() !== "true") { if (process.env.SSO_ENABLED.toLocaleLowerCase() !== "true") {
return false; return false;
} }
if (process.env.TOTP_ENABLED?.toLocaleLowerCase() === "true"){ if (process.env.TOTP_ENABLED?.toLocaleLowerCase() === "true") {
throw new OpenIDError("Cannot enable both OpenID and TOTP!"); throw new OpenIDError("Cannot enable both OpenID and TOTP!");
} }
if (process.env.BASE_URL === undefined) { if (process.env.BASE_URL === undefined) {
throw new OpenIDError("BASE_URL is undefined in .env!"); throw new OpenIDError("BASE_URL is undefined in .env!");
} }
if (process.env.CLIENT_ID === undefined) { if (process.env.CLIENT_ID === undefined) {
throw new OpenIDError("CLIENT_ID is undefined in .env!"); throw new OpenIDError("CLIENT_ID is undefined in .env!");
} }
if (process.env.SECRET === undefined) { if (process.env.SECRET === undefined) {
throw new OpenIDError("SECRET is undefined in .env!"); throw new OpenIDError("SECRET is undefined in .env!");
} }
return true; return true;
} }
function getOAuthStatus() { function getOAuthStatus() {
return { return {
success: true, success: true,
name: getUsername(), name: getUsername(),
email: getUserEmail(), email: getUserEmail(),
enabled: isOpenIDEnabled(), enabled: isOpenIDEnabled(),
}; };
} }
function isTokenValid(req: Request, res: Response, next: NextFunction) { function isTokenValid(req: Request, res: Response, next: NextFunction) {
const userStatus = openIDEncryption.isSubjectIdentifierSaved(); const userStatus = openIDEncryption.isSubjectIdentifierSaved();
if (req.oidc !== undefined) { if (req.oidc !== undefined) {
const result = req.oidc const result = req.oidc
.fetchUserInfo() .fetchUserInfo()
.then((result) => { .then((result) => {
return {
success: true,
message: "Token is valid",
user: userStatus,
};
})
.catch((result) => {
return {
success: false,
message: "Token is not valid",
user: userStatus,
};
});
return result;
} else {
return { return {
success: true, success: false,
message: "Token is valid", message: "Token not set up",
user: userStatus, user: userStatus,
}; };
}) }
.catch((result) => {
return {
success: false,
message: "Token is not valid",
user: userStatus,
};
});
return result;
} else {
return {
success: false,
message: "Token not set up",
user: userStatus,
};
}
} }
function generateOAuthConfig() { function generateOAuthConfig() {
const authRoutes = { const authRoutes = {
callback: "/callback", callback: "/callback",
login: "/authenticate", login: "/authenticate",
postLogoutRedirect: "/login", postLogoutRedirect: "/login",
logout: "/logout", logout: "/logout",
}; };
const logoutParams = { const logoutParams = {
}; };
const authConfig = { const authConfig = {
authRequired: true, authRequired: true,
auth0Logout: false, auth0Logout: false,
baseURL: process.env.BASE_URL, baseURL: process.env.BASE_URL,
clientID: process.env.CLIENT_ID, clientID: process.env.CLIENT_ID,
issuerBaseURL: "https://accounts.google.com/.well-known/openid-configuration", issuerBaseURL: "https://accounts.google.com/.well-known/openid-configuration",
secret: process.env.SECRET, secret: process.env.SECRET,
clientSecret: process.env.SECRET, clientSecret: process.env.SECRET,
authorizationParams: { authorizationParams: {
response_type: "code", response_type: "code",
scope: "openid profile email", scope: "openid profile email",
}, },
routes: authRoutes, routes: authRoutes,
idpLogout: false, idpLogout: false,
logoutParams: logoutParams, logoutParams: logoutParams,
afterCallback: async (req: Request, res: Response, session: Session) => { afterCallback: async (req: Request, res: Response, session: Session) => {
if (!sqlInit.isDbInitialized()) return session; if (!sqlInit.isDbInitialized()) return session;
if (isUserSaved()) return session; if (isUserSaved()) return session;
if (req.oidc.user === undefined) { if (req.oidc.user === undefined) {
console.log("user invalid!"); console.log("user invalid!");
}else { } else {
openIDEncryption.saveUser( openIDEncryption.saveUser(
req.oidc.user.sub.toString(), req.oidc.user.sub.toString(),
req.oidc.user.name.toString(), req.oidc.user.name.toString(),
req.oidc.user.email.toString()); req.oidc.user.email.toString());
} }
return session; return session;
}, },
}; };
return authConfig; return authConfig;
} }
export default { export default {
generateOAuthConfig, generateOAuthConfig,
getOAuthStatus, getOAuthStatus,
isOpenIDEnabled, isOpenIDEnabled,
clearSavedUser, clearSavedUser,
checkOpenIDRequirements, checkOpenIDRequirements,
isTokenValid, isTokenValid,
isUserSaved, isUserSaved,
}; };