Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🔧 fix(openidStrategy): avatar not persistent #2065

Closed
wants to merge 6 commits into from
Closed

🔧 fix(openidStrategy): avatar not persistent #2065

Changes from 1 commit
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
5cad335
fix(openidStrategy): fixed avatar not persistent; refactor(opendidStr…
berry-13 Mar 11, 2024
2506bd6
fix(openidStrateg): limit the nesting
berry-13 Mar 11, 2024
304cecd
Merge branch 'main' into fix-opendid-bugs
berry-13 Mar 23, 2024
8d571c7
feat: avatar download from provider; docs: update for the OPENID_AVAT…
berry-13 Mar 23, 2024
d66c08c
feat: avatar download from provider; docs: update for the OPENID_AVAT…
berry-13 Mar 23, 2024
a70c2fb
Update .env.example
berry-13 Mar 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
123 changes: 28 additions & 95 deletions api/strategies/openidStrategy.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,75 +1,40 @@
const fs = require('fs');
const path = require('path');
const axios = require('axios');
const passport = require('passport');
const { Issuer, Strategy: OpenIDStrategy } = require('openid-client');
const { logger } = require('~/config');
const User = require('~/models/User');

let crypto;
try {
crypto = require('node:crypto');
} catch (err) {
logger.error('[openidStrategy] crypto support is disabled!', err);
}

const downloadImage = async (url, imagePath, accessToken) => {
try {
const response = await axios.get(url, {
headers: {
Authorization: `Bearer ${accessToken}`,
},
responseType: 'arraybuffer',
});

fs.mkdirSync(path.dirname(imagePath), { recursive: true });
fs.writeFileSync(imagePath, response.data);

const fileName = path.basename(imagePath);

return `/images/openid/${fileName}`;
} catch (error) {
logger.error(
`[openidStrategy] downloadImage: Error downloading image at URL "${url}": ${error}`,
);
return '';
}
const { handleExistingUser } = require('./process');

const getFullName = (userinfo) => {
const { given_name, family_name, username, email } = userinfo;
return given_name && family_name
? `${given_name} ${family_name}`
: given_name
berry-13 marked this conversation as resolved.
Show resolved Hide resolved
? given_name
: family_name
? family_name
: username || email;
};

async function setupOpenId() {
const setupOpenId = async () => {
try {
const issuer = await Issuer.discover(process.env.OPENID_ISSUER);
const client = new issuer.Client({
client_id: process.env.OPENID_CLIENT_ID,
client_secret: process.env.OPENID_CLIENT_SECRET,
redirect_uris: [process.env.DOMAIN_SERVER + process.env.OPENID_CALLBACK_URL],
redirect_uris: [`${process.env.DOMAIN_SERVER}${process.env.OPENID_CALLBACK_URL}`],
});

const openidLogin = new OpenIDStrategy(
const strategy = new OpenIDStrategy(
{
client,
params: {
scope: process.env.OPENID_SCOPE,
},
params: { scope: process.env.OPENID_SCOPE },
},
async (tokenset, userinfo, done) => {
try {
let user = await User.findOne({ openidId: userinfo.sub });

if (!user) {
user = await User.findOne({ email: userinfo.email });
}

let fullName = '';
if (userinfo.given_name && userinfo.family_name) {
fullName = userinfo.given_name + ' ' + userinfo.family_name;
} else if (userinfo.given_name) {
fullName = userinfo.given_name;
} else if (userinfo.family_name) {
fullName = userinfo.family_name;
} else {
fullName = userinfo.username || userinfo.email;
}
let user =
(await User.findOne({ openidId: userinfo.sub })) ||
(await User.findOne({ email: userinfo.email }));
const fullName = getFullName(userinfo);

if (!user) {
user = new User({
Expand All @@ -81,59 +46,27 @@ async function setupOpenId() {
name: fullName,
});
} else {
user.provider = 'openid';
user.openidId = userinfo.sub;
user.username = userinfo.username || userinfo.given_name || '';
user.name = fullName;
}

if (userinfo.picture) {
const imageUrl = userinfo.picture;

let fileName;
if (crypto) {
const hash = crypto.createHash('sha256');
hash.update(userinfo.sub);
fileName = hash.digest('hex') + '.png';
} else {
fileName = userinfo.sub + '.png';
}

const imagePath = path.join(
__dirname,
'..',
'..',
'client',
'public',
'images',
'openid',
fileName,
);

const imagePathOrEmpty = await downloadImage(
imageUrl,
imagePath,
tokenset.access_token,
);

user.avatar = imagePathOrEmpty;
} else {
user.avatar = '';
Object.assign(user, {
provider: 'openid',
openidId: userinfo.sub,
username: userinfo.username || userinfo.given_name || '',
name: fullName,
});
await handleExistingUser(user, userinfo.picture);
}

await user.save();

done(null, user);
} catch (err) {
done(err);
}
},
);

passport.use('openid', openidLogin);
passport.use('openid', strategy);
} catch (err) {
logger.error('[openidStrategy]', err);
}
}
};

module.exports = setupOpenId;