65 lines
1.6 KiB
JavaScript
65 lines
1.6 KiB
JavaScript
import User from '../models/user.js';
|
|
import Identity from '../models/identity.ee.js';
|
|
|
|
const getUser = (user, providerConfig) => ({
|
|
name: user[providerConfig.firstnameAttributeName],
|
|
surname: user[providerConfig.surnameAttributeName],
|
|
id: user.nameID,
|
|
email: user[providerConfig.emailAttributeName],
|
|
role: user[providerConfig.roleAttributeName],
|
|
});
|
|
|
|
const findOrCreateUserBySamlIdentity = async (
|
|
userIdentity,
|
|
samlAuthProvider
|
|
) => {
|
|
const mappedUser = getUser(userIdentity, samlAuthProvider);
|
|
const identity = await Identity.query().findOne({
|
|
remote_id: mappedUser.id,
|
|
provider_type: 'saml',
|
|
});
|
|
|
|
if (identity) {
|
|
const user = await identity.$relatedQuery('user');
|
|
|
|
return user;
|
|
}
|
|
|
|
const mappedRoles = Array.isArray(mappedUser.role)
|
|
? mappedUser.role
|
|
: [mappedUser.role];
|
|
|
|
const samlAuthProviderRoleMapping = await samlAuthProvider
|
|
.$relatedQuery('samlAuthProvidersRoleMappings')
|
|
.whereIn('remote_role_name', mappedRoles)
|
|
.limit(1)
|
|
.first();
|
|
|
|
const createdUser = await User.query()
|
|
.insertGraph(
|
|
{
|
|
fullName: [mappedUser.name, mappedUser.surname]
|
|
.filter(Boolean)
|
|
.join(' '),
|
|
email: mappedUser.email,
|
|
roleId:
|
|
samlAuthProviderRoleMapping?.roleId || samlAuthProvider.defaultRoleId,
|
|
identities: [
|
|
{
|
|
remoteId: mappedUser.id,
|
|
providerId: samlAuthProvider.id,
|
|
providerType: 'saml',
|
|
},
|
|
],
|
|
},
|
|
{
|
|
relate: ['identities'],
|
|
}
|
|
)
|
|
.returning('*');
|
|
|
|
return createdUser;
|
|
};
|
|
|
|
export default findOrCreateUserBySamlIdentity;
|