diff options
author | Lauri Ojansivu <x@xet7.org> | 2019-06-12 06:29:57 +0300 |
---|---|---|
committer | Lauri Ojansivu <x@xet7.org> | 2019-06-12 06:29:57 +0300 |
commit | 8b31c0768c34fc4557b54cec936a0b4288a8e722 (patch) | |
tree | 41b49db46cfe8e64f3fd8e6e67eaee40258c1648 | |
parent | 25e294fd92667807a93ebd73d70888cab66c104d (diff) | |
download | wekan-8b31c0768c34fc4557b54cec936a0b4288a8e722.tar.gz wekan-8b31c0768c34fc4557b54cec936a0b4288a8e722.tar.bz2 wekan-8b31c0768c34fc4557b54cec936a0b4288a8e722.zip |
Try to fix OIDC login.
Thanks to xet7 !
-rw-r--r-- | packages/wekan-oidc/oidc_server.js | 12 | ||||
-rw-r--r-- | server/authentication.js | 6 |
2 files changed, 10 insertions, 8 deletions
diff --git a/packages/wekan-oidc/oidc_server.js b/packages/wekan-oidc/oidc_server.js index e826d1f5..326238da 100644 --- a/packages/wekan-oidc/oidc_server.js +++ b/packages/wekan-oidc/oidc_server.js @@ -13,12 +13,12 @@ OAuth.registerService('oidc', 2, null, function (query) { if (debug) console.log('XXX: userinfo:', userinfo); var serviceData = {}; - serviceData.id = userinfo[process.env.OAUTH2_ID_MAP] || userinfo["id"]; - serviceData.username = userinfo[process.env.OAUTH2_USERNAME_MAP] || userinfo["uid"]; - serviceData.fullname = userinfo[process.env.OAUTH2_FULLNAME_MAP] || userinfo["displayName"]; + serviceData.id = userinfo[process.env.OAUTH2_ID_MAP]; // || userinfo["id"]; + serviceData.username = userinfo[process.env.OAUTH2_USERNAME_MAP]; // || userinfo["uid"]; + serviceData.fullname = userinfo[process.env.OAUTH2_FULLNAME_MAP]; // || userinfo["displayName"]; serviceData.accessToken = accessToken; serviceData.expiresAt = expiresAt; - serviceData.email = userinfo[process.env.OAUTH2_EMAIL_MAP] || userinfo["email"]; + serviceData.email = userinfo[process.env.OAUTH2_EMAIL_MAP]; // || userinfo["email"]; if (accessToken) { var tokenContent = getTokenContent(accessToken); @@ -31,8 +31,8 @@ OAuth.registerService('oidc', 2, null, function (query) { if (debug) console.log('XXX: serviceData:', serviceData); var profile = {}; - profile.name = userinfo[process.env.OAUTH2_FULLNAME_MAP] || userinfo["displayName"]; - profile.email = userinfo[process.env.OAUTH2_EMAIL_MAP] || userinfo["email"]; + profile.name = userinfo[process.env.OAUTH2_FULLNAME_MAP]; // || userinfo["displayName"]; + profile.email = userinfo[process.env.OAUTH2_EMAIL_MAP]; // || userinfo["email"]; if (debug) console.log('XXX: profile:', profile); return { diff --git a/server/authentication.js b/server/authentication.js index b0da74f8..b1e7f8ec 100644 --- a/server/authentication.js +++ b/server/authentication.js @@ -76,9 +76,11 @@ Meteor.startup(() => { authorizationEndpoint: process.env.OAUTH2_AUTH_ENDPOINT, userinfoEndpoint: process.env.OAUTH2_USERINFO_ENDPOINT, tokenEndpoint: process.env.OAUTH2_TOKEN_ENDPOINT, - idTokenWhitelistFields: process.env.OAUTH2_ID_TOKEN_WHITELIST_FIELDS || [], - requestPermissions: process.env.OAUTH2_REQUEST_PERMISSIONS || 'openid profile email', + idTokenWhitelistFields: process.env.OAUTH2_ID_TOKEN_WHITELIST_FIELDS, + requestPermissions: process.env.OAUTH2_REQUEST_PERMISSIONS, }, + // OAUTH2_ID_TOKEN_WHITELIST_FIELDS || [], + // OAUTH2_REQUEST_PERMISSIONS || 'openid profile email', } ); } |