feat: Convert helpers to use JS files

2024-01-04 19:55:41 +01:00
parent 8819ddefa7
commit 85141812d9
48 changed files with 259 additions and 384 deletions
--- a/packages/backend/src/helpers/passport.js
+++ b/packages/backend/src/helpers/passport.js
@@ -0,0 +1,89 @@
+import { URL } from 'node:url';
+import { MultiSamlStrategy } from '@node-saml/passport-saml';
+import passport from 'passport';
+
+import appConfig from '../config/app';
+import createAuthTokenByUserId from './create-auth-token-by-user-id';
+import SamlAuthProvider from '../models/saml-auth-provider.ee';
+import findOrCreateUserBySamlIdentity from './find-or-create-user-by-saml-identity.ee';
+
+export default function configurePassport(app) {
+  app.use(
+    passport.initialize({
+      userProperty: 'currentUser',
+    })
+  );
+
+  passport.use(
+    new MultiSamlStrategy(
+      {
+        passReqToCallback: true,
+        getSamlOptions: async function (request, done) {
+          const { issuer } = request.params;
+          const notFoundIssuer = new Error('Issuer cannot be found!');
+
+          if (!issuer) return done(notFoundIssuer);
+
+          const authProvider = await SamlAuthProvider.query().findOne({
+            issuer: request.params.issuer,
+          });
+
+          if (!authProvider) {
+            return done(notFoundIssuer);
+          }
+
+          return done(null, authProvider.config);
+        },
+      },
+      async function (request, user, done) {
+        const { issuer } = request.params;
+        const notFoundIssuer = new Error('Issuer cannot be found!');
+
+        if (!issuer) return done(notFoundIssuer);
+
+        const authProvider = await SamlAuthProvider.query().findOne({
+          issuer: request.params.issuer,
+        });
+
+        if (!authProvider) {
+          return done(notFoundIssuer);
+        }
+
+        const foundUserWithIdentity = await findOrCreateUserBySamlIdentity(
+          user,
+          authProvider
+        );
+        return done(null, foundUserWithIdentity);
+      },
+      function (request, user, done) {
+        return done(null, null);
+      }
+    )
+  );
+
+  app.get(
+    '/login/saml/:issuer',
+    passport.authenticate('saml', {
+      session: false,
+      successRedirect: '/',
+    })
+  );
+
+  app.post(
+    '/login/saml/:issuer/callback',
+    passport.authenticate('saml', {
+      session: false,
+      failureRedirect: '/',
+      failureFlash: true,
+    }),
+    (req, res) => {
+      const token = createAuthTokenByUserId(req.currentUser.id);
+
+      const redirectUrl = new URL(
+        `/login/callback?token=${token}`,
+        appConfig.webAppUrl
+      ).toString();
+      res.redirect(redirectUrl);
+    }
+  );
+}