Docker/planka
Docker/planka
1
0
Fork 0
mirror of https://github.com/plankanban/planka.git synced 2025-07-22 06:39:44 +02:00
Code Issues Releases Activity

Fix to retrieve oidcEmailAttribute from tokenSet.claims() that converts tie idToken in array, if the oidcEmailAttribute is not found in standard userInfo

Browse source
This commit is contained in:
Marco Matrella 2024-09-20 02:08:31 +02:00
parent e410e21363
commit 9290990ef9
1 changed files with 21 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

27
server/api/helpers/users/get-or-create-one-using-oidc.js
View file

@ -1,3 +1,4 @@
const { email } = require('sails-hook-orm/constants/deprecated-validations.list');
module.exports = { module.exports = {
inputs: { inputs: {
code: { code: {
@ -22,8 +23,9 @@ module.exports = {
const client = sails.hooks.oidc.getClient(); const client = sails.hooks.oidc.getClient();
let userInfo; let userInfo;
let tokenSet;
try { try {
const tokenSet = await client.callback( tokenSet = await client.callback(
sails.config.custom.oidcRedirectUri, sails.config.custom.oidcRedirectUri,
{ {
iss: sails.config.custom.oidcIssuer, iss: sails.config.custom.oidcIssuer,
@ -33,7 +35,9 @@ module.exports = {
nonce: inputs.nonce, nonce: inputs.nonce,
}, },
); );
userInfo = await client.userinfo(tokenSet); userInfo = await client.userinfo(tokenSet);
} catch (e) { } catch (e) {
if ( if (
e instanceof SyntaxError && e instanceof SyntaxError &&
@ -47,10 +51,21 @@ module.exports = {
throw 'invalidCodeOrNonce'; throw 'invalidCodeOrNonce';
} }
if ( /*
!userInfo[sails.config.custom.oidcEmailAttribute] || Try to take the emailAttribute (configured in parameter OIDC_EMAIL_ATTRIBUTE in .env)
!userInfo[sails.config.custom.oidcNameAttribute] from standard OIDC userInfo attribute
) { */
let emailAttribute = userInfo[sails.config.custom.oidcEmailAttribute];
/*
If undefined, I try to retrieve the token from the tokenSet.claims() that converts the
id_token in a token_array
*/
if(!emailAttribute) {
emailAttribute = tokenSet.claims()[sails.config.custom.oidcEmailAttribute];
}
if (!emailAttribute || !userInfo[sails.config.custom.oidcNameAttribute]) {
throw 'missingValues'; throw 'missingValues';
} }
@ -68,7 +83,7 @@ module.exports = {
const values = { const values = {
isAdmin, isAdmin,
email: userInfo[sails.config.custom.oidcEmailAttribute], email: emailAttribute,
isSso: true, isSso: true,
name: userInfo[sails.config.custom.oidcNameAttribute], name: userInfo[sails.config.custom.oidcNameAttribute],
subscribeToOwnCards: false, subscribeToOwnCards: false,