summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.meteor/packages1
-rw-r--r--models/users.js11
-rw-r--r--server/authentication.js19
3 files changed, 31 insertions, 0 deletions
diff --git a/.meteor/packages b/.meteor/packages
index c1b8ab88..1b64a0a8 100644
--- a/.meteor/packages
+++ b/.meteor/packages
@@ -31,6 +31,7 @@ kenton:accounts-sandstorm
service-configuration@1.0.11
useraccounts:unstyled
useraccounts:flow-routing
+salleman:accounts-oidc
# Utilities
check@1.2.5
diff --git a/models/users.js b/models/users.js
index da8ca77c..364f7fd7 100644
--- a/models/users.js
+++ b/models/users.js
@@ -459,6 +459,17 @@ if (Meteor.isServer) {
return user;
}
+ if (user.services.oidc) {
+ user.username = user.services.oidc.username;
+ user.emails = [{
+ address: user.services.oidc.email.toLowerCase(),
+ verified: false,
+ }];
+ const initials = user.services.oidc.fullname.match(/\b[a-zA-Z]/g).join('').toUpperCase();
+ user.profile = { initials: initials, fullname: user.services.oidc.fullname };
+ }
+
+
if (options.from === 'admin') {
user.createdThroughApi = true;
return user;
diff --git a/server/authentication.js b/server/authentication.js
index acc101cc..03b4c464 100644
--- a/server/authentication.js
+++ b/server/authentication.js
@@ -54,5 +54,24 @@ Meteor.startup(() => {
Authentication.checkAdminOrCondition(userId, normalAccess);
};
+ if (Meteor.isServer) {
+ ServiceConfiguration.configurations.upsert(
+ { service: 'oidc' },
+ {
+ $set: {
+ loginStyle: 'redirect',
+ clientId: 'CLIENT_ID',
+ secret: 'SECRET',
+ serverUrl: 'https://my-server',
+ authorizationEndpoint: '/oauth/authorize',
+ userinfoEndpoint: '/oauth/userinfo',
+ tokenEndpoint: '/oauth/token',
+ idTokenWhitelistFields: [],
+ requestPermissions: ['openid']
+ }
+ }
+ );
+ }
+
});