mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-12-23 22:13:14 +03:00
Fixed SSO CallBack URL's
This commit is contained in:
parent
b7f09f32f8
commit
9ea93a658e
54
webserver.js
54
webserver.js
@ -4363,11 +4363,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Twitter
|
// Twitter
|
||||||
if ((typeof domain.authstrategies.twitter == 'object') && (typeof domain.authstrategies.twitter.clientid == 'string') && (typeof domain.authstrategies.twitter.clientsecret == 'string')) {
|
if ((typeof domain.authstrategies.twitter == 'object') && (typeof domain.authstrategies.twitter.clientid == 'string') && (typeof domain.authstrategies.twitter.clientsecret == 'string')) {
|
||||||
const TwitterStrategy = require('passport-twitter');
|
const TwitterStrategy = require('passport-twitter');
|
||||||
var options = {
|
var options = { consumerKey: domain.authstrategies.twitter.clientid, consumerSecret: domain.authstrategies.twitter.clientsecret };
|
||||||
consumerKey: domain.authstrategies.twitter.clientid,
|
if (typeof domain.authstrategies.twitter.callbackurl == 'string') { options.callbackURL = domain.authstrategies.twitter.callbackurl; } else { options.path = url + 'auth-twitter-callback'; }
|
||||||
consumerSecret: domain.authstrategies.twitter.clientsecret,
|
|
||||||
callbackURL: (typeof domain.authstrategies.twitter.callbackurl == 'string') ? domain.authstrategies.twitter.callbackurl : (url + 'auth-twitter-callback')
|
|
||||||
};
|
|
||||||
parent.debug('web', 'Adding Twitter SSO with options: ' + JSON.stringify(options));
|
parent.debug('web', 'Adding Twitter SSO with options: ' + JSON.stringify(options));
|
||||||
passport.use(new TwitterStrategy(options,
|
passport.use(new TwitterStrategy(options,
|
||||||
function (token, tokenSecret, profile, cb) {
|
function (token, tokenSecret, profile, cb) {
|
||||||
@ -4400,11 +4397,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Google
|
// Google
|
||||||
if ((typeof domain.authstrategies.google == 'object') && (typeof domain.authstrategies.google.clientid == 'string') && (typeof domain.authstrategies.google.clientsecret == 'string')) {
|
if ((typeof domain.authstrategies.google == 'object') && (typeof domain.authstrategies.google.clientid == 'string') && (typeof domain.authstrategies.google.clientsecret == 'string')) {
|
||||||
const GoogleStrategy = require('passport-google-oauth20');
|
const GoogleStrategy = require('passport-google-oauth20');
|
||||||
var options = {
|
var options = { clientID: domain.authstrategies.google.clientid, clientSecret: domain.authstrategies.google.clientsecret };
|
||||||
clientID: domain.authstrategies.google.clientid,
|
if (typeof domain.authstrategies.google.callbackurl == 'string') { options.callbackURL = domain.authstrategies.google.callbackurl; } else { options.path = url + 'auth-google-callback'; }
|
||||||
clientSecret: domain.authstrategies.google.clientsecret,
|
|
||||||
callbackURL: (typeof domain.authstrategies.google.callbackurl == 'string') ? domain.authstrategies.google.callbackurl : (url + 'auth-google-callback')
|
|
||||||
};
|
|
||||||
parent.debug('web', 'Adding Google SSO with options: ' + JSON.stringify(options));
|
parent.debug('web', 'Adding Google SSO with options: ' + JSON.stringify(options));
|
||||||
passport.use(new GoogleStrategy(options,
|
passport.use(new GoogleStrategy(options,
|
||||||
function (token, tokenSecret, profile, cb) {
|
function (token, tokenSecret, profile, cb) {
|
||||||
@ -4429,11 +4423,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Github
|
// Github
|
||||||
if ((typeof domain.authstrategies.github == 'object') && (typeof domain.authstrategies.github.clientid == 'string') && (typeof domain.authstrategies.github.clientsecret == 'string')) {
|
if ((typeof domain.authstrategies.github == 'object') && (typeof domain.authstrategies.github.clientid == 'string') && (typeof domain.authstrategies.github.clientsecret == 'string')) {
|
||||||
const GitHubStrategy = require('passport-github2');
|
const GitHubStrategy = require('passport-github2');
|
||||||
var options = {
|
var options = { clientID: domain.authstrategies.github.clientid, clientSecret: domain.authstrategies.github.clientsecret };
|
||||||
clientID: domain.authstrategies.github.clientid,
|
if (typeof domain.authstrategies.github.callbackurl == 'string') { options.callbackURL = domain.authstrategies.github.callbackurl; } else { options.path = url + 'auth-github-callback'; }
|
||||||
clientSecret: domain.authstrategies.github.clientsecret,
|
|
||||||
callbackURL: (typeof domain.authstrategies.github.callbackurl == 'string') ? domain.authstrategies.github.callbackurl : (url + 'auth-github-callback')
|
|
||||||
};
|
|
||||||
parent.debug('web', 'Adding Github SSO with options: ' + JSON.stringify(options));
|
parent.debug('web', 'Adding Github SSO with options: ' + JSON.stringify(options));
|
||||||
passport.use(new GitHubStrategy(options,
|
passport.use(new GitHubStrategy(options,
|
||||||
function (token, tokenSecret, profile, cb) {
|
function (token, tokenSecret, profile, cb) {
|
||||||
@ -4458,11 +4449,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Reddit
|
// Reddit
|
||||||
if ((typeof domain.authstrategies.reddit == 'object') && (typeof domain.authstrategies.reddit.clientid == 'string') && (typeof domain.authstrategies.reddit.clientsecret == 'string')) {
|
if ((typeof domain.authstrategies.reddit == 'object') && (typeof domain.authstrategies.reddit.clientid == 'string') && (typeof domain.authstrategies.reddit.clientsecret == 'string')) {
|
||||||
const RedditStrategy = require('passport-reddit');
|
const RedditStrategy = require('passport-reddit');
|
||||||
var options = {
|
var options = { clientID: domain.authstrategies.reddit.clientid, clientSecret: domain.authstrategies.reddit.clientsecret };
|
||||||
clientID: domain.authstrategies.reddit.clientid,
|
if (typeof domain.authstrategies.reddit.callbackurl == 'string') { options.callbackURL = domain.authstrategies.reddit.callbackurl; } else { options.path = url + 'auth-reddit-callback'; }
|
||||||
clientSecret: domain.authstrategies.reddit.clientsecret,
|
|
||||||
callbackURL: (typeof domain.authstrategies.reddit.callbackurl == 'string') ? domain.authstrategies.reddit.callbackurl : (url + 'auth-reddit-callback')
|
|
||||||
};
|
|
||||||
parent.debug('web', 'Adding Reddit SSO with options: ' + JSON.stringify(options));
|
parent.debug('web', 'Adding Reddit SSO with options: ' + JSON.stringify(options));
|
||||||
passport.use(new RedditStrategy.Strategy(options,
|
passport.use(new RedditStrategy.Strategy(options,
|
||||||
function (token, tokenSecret, profile, cb) {
|
function (token, tokenSecret, profile, cb) {
|
||||||
@ -4502,12 +4490,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
// Azure
|
// Azure
|
||||||
if ((typeof domain.authstrategies.azure == 'object') && (typeof domain.authstrategies.azure.clientid == 'string') && (typeof domain.authstrategies.azure.clientsecret == 'string')) {
|
if ((typeof domain.authstrategies.azure == 'object') && (typeof domain.authstrategies.azure.clientid == 'string') && (typeof domain.authstrategies.azure.clientsecret == 'string')) {
|
||||||
const AzureOAuth2Strategy = require('passport-azure-oauth2');
|
const AzureOAuth2Strategy = require('passport-azure-oauth2');
|
||||||
var options = {
|
var options = { clientID: domain.authstrategies.azure.clientid, clientSecret: domain.authstrategies.azure.clientsecret, tenant: domain.authstrategies.azure.tenantid };
|
||||||
clientID: domain.authstrategies.azure.clientid,
|
if (typeof domain.authstrategies.azure.callbackurl == 'string') { options.callbackURL = domain.authstrategies.azure.callbackurl; } else { options.path = url + 'auth-azure-callback'; }
|
||||||
clientSecret: domain.authstrategies.azure.clientsecret,
|
|
||||||
tenant: domain.authstrategies.azure.tenantid,
|
|
||||||
callbackURL: (typeof domain.authstrategies.azure.callbackurl == 'string') ? domain.authstrategies.azure.callbackurl : (url + 'auth-azure-callback')
|
|
||||||
};
|
|
||||||
parent.debug('web', 'Adding Azure SSO with options: ' + JSON.stringify(options));
|
parent.debug('web', 'Adding Azure SSO with options: ' + JSON.stringify(options));
|
||||||
passport.use('azure', new AzureOAuth2Strategy(options,
|
passport.use('azure', new AzureOAuth2Strategy(options,
|
||||||
function (accessToken, refreshtoken, params, profile, done) {
|
function (accessToken, refreshtoken, params, profile, done) {
|
||||||
@ -4558,10 +4542,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
if (cert == null) {
|
if (cert == null) {
|
||||||
console.log('ERROR: Unable to read SAML IdP certificate: ' + domain.authstrategies.saml.cert);
|
console.log('ERROR: Unable to read SAML IdP certificate: ' + domain.authstrategies.saml.cert);
|
||||||
} else {
|
} else {
|
||||||
var options = {
|
var options = { entryPoint: domain.authstrategies.saml.idpurl, issuer: 'meshcentral' };
|
||||||
callbackUrl: (typeof domain.authstrategies.saml.callbackurl == 'string') ? domain.authstrategies.saml.callbackurl : (url + 'auth-saml-callback'),
|
if (typeof domain.authstrategies.saml.callbackurl == 'string') { options.callbackUrl = domain.authstrategies.saml.callbackurl; } else { options.path = url + 'auth-saml-callback'; }
|
||||||
entryPoint: domain.authstrategies.saml.idpurl, issuer: 'meshcentral'
|
|
||||||
};
|
|
||||||
if (domain.authstrategies.saml.disablerequestedauthncontext != null) { options.disableRequestedAuthnContext = domain.authstrategies.saml.disablerequestedauthncontext; }
|
if (domain.authstrategies.saml.disablerequestedauthncontext != null) { options.disableRequestedAuthnContext = domain.authstrategies.saml.disablerequestedauthncontext; }
|
||||||
parent.debug('web', 'Adding SAML SSO with options: ' + JSON.stringify(options));
|
parent.debug('web', 'Adding SAML SSO with options: ' + JSON.stringify(options));
|
||||||
if (typeof domain.authstrategies.saml.entityid == 'string') { options.issuer = domain.authstrategies.saml.entityid; }
|
if (typeof domain.authstrategies.saml.entityid == 'string') { options.issuer = domain.authstrategies.saml.entityid; }
|
||||||
@ -4600,10 +4582,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
if (cert == null) {
|
if (cert == null) {
|
||||||
console.log('ERROR: Unable to read Intel SAML IdP certificate: ' + domain.authstrategies.intel.cert);
|
console.log('ERROR: Unable to read Intel SAML IdP certificate: ' + domain.authstrategies.intel.cert);
|
||||||
} else {
|
} else {
|
||||||
var options = {
|
var options = { entryPoint: domain.authstrategies.intel.idpurl, issuer: 'meshcentral' };
|
||||||
callbackUrl: (typeof domain.authstrategies.intel.callbackurl == 'string') ? domain.authstrategies.intel.callbackurl : (url + 'auth-intel-callback'),
|
if (typeof domain.authstrategies.intel.callbackurl == 'string') { options.callbackUrl = domain.authstrategies.intel.callbackurl; } else { options.path = url + 'auth-intel-callback'; }
|
||||||
entryPoint: domain.authstrategies.intel.idpurl, issuer: 'meshcentral'
|
|
||||||
};
|
|
||||||
if (domain.authstrategies.intel.disablerequestedauthncontext != null) { options.disableRequestedAuthnContext = domain.authstrategies.intel.disablerequestedauthncontext; }
|
if (domain.authstrategies.intel.disablerequestedauthncontext != null) { options.disableRequestedAuthnContext = domain.authstrategies.intel.disablerequestedauthncontext; }
|
||||||
parent.debug('web', 'Adding Intel SSO with options: ' + JSON.stringify(options));
|
parent.debug('web', 'Adding Intel SSO with options: ' + JSON.stringify(options));
|
||||||
if (typeof domain.authstrategies.intel.entityid == 'string') { options.issuer = domain.authstrategies.intel.entityid; }
|
if (typeof domain.authstrategies.intel.entityid == 'string') { options.issuer = domain.authstrategies.intel.entityid; }
|
||||||
@ -4644,10 +4624,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
|
|||||||
if (cert == null) {
|
if (cert == null) {
|
||||||
console.log('ERROR: Unable to read JumpCloud IdP certificate: ' + domain.authstrategies.jumpcloud.cert);
|
console.log('ERROR: Unable to read JumpCloud IdP certificate: ' + domain.authstrategies.jumpcloud.cert);
|
||||||
} else {
|
} else {
|
||||||
var options = {
|
var options = { entryPoint: domain.authstrategies.jumpcloud.idpurl, issuer: 'meshcentral' };
|
||||||
callbackUrl: (typeof domain.authstrategies.jumpcloud.callbackurl == 'string') ? domain.authstrategies.jumpcloud.callbackurl : (url + 'auth-jumpcloud-callback'),
|
if (typeof domain.authstrategies.jumpcloud.callbackurl == 'string') { options.callbackUrl = domain.authstrategies.jumpcloud.callbackurl; } else { options.path = url + 'auth-jumpcloud-callback'; }
|
||||||
entryPoint: domain.authstrategies.jumpcloud.idpurl, issuer: 'meshcentral'
|
|
||||||
};
|
|
||||||
parent.debug('web', 'Adding JumpCloud SSO with options: ' + JSON.stringify(options));
|
parent.debug('web', 'Adding JumpCloud SSO with options: ' + JSON.stringify(options));
|
||||||
if (typeof domain.authstrategies.jumpcloud.entityid == 'string') { options.issuer = domain.authstrategies.jumpcloud.entityid; }
|
if (typeof domain.authstrategies.jumpcloud.entityid == 'string') { options.issuer = domain.authstrategies.jumpcloud.entityid; }
|
||||||
options.cert = cert.toString().split('-----BEGIN CERTIFICATE-----').join('').split('-----END CERTIFICATE-----').join('');
|
options.cert = cert.toString().split('-----BEGIN CERTIFICATE-----').join('').split('-----END CERTIFICATE-----').join('');
|
||||||
|
Loading…
Reference in New Issue
Block a user