authentification oauth2

2025-04-22 21:17:18 -04:00 · 2018-04-09 16:49:07 +02:00 · 2018-04-09 16:49:07 +02:00 · 1c8a00943c
commit 1c8a00943c
parent c115046a7c
3 changed files with 31 additions and 0 deletions
--- a/.meteor/packages
+++ b/.meteor/packages
@ -31,6 +31,7 @@ kenton:accounts-sandstorm
 service-configuration@1.0.11
 useraccounts:unstyled
 useraccounts:flow-routing
+salleman:accounts-oidc

 # Utilities
 check@1.2.5
--- a/models/users.js
+++ b/models/users.js
@ -459,6 +459,17 @@ if (Meteor.isServer) {
      return user;
    }

+    if (user.services.oidc) {
+      user.username = user.services.oidc.username;
+      user.emails = [{
+                               address: user.services.oidc.email.toLowerCase(),
+                               verified: false,
+                             }];
+      const initials = user.services.oidc.fullname.match(/\b[a-zA-Z]/g).join('').toUpperCase();
+      user.profile = { initials: initials, fullname: user.services.oidc.fullname };
+    }
+
+
    if (options.from === 'admin') {
      user.createdThroughApi = true;
      return user;
--- a/server/authentication.js
+++ b/server/authentication.js
@ -54,5 +54,24 @@ Meteor.startup(() => {
    Authentication.checkAdminOrCondition(userId, normalAccess);
  };

+  if (Meteor.isServer) {
+    ServiceConfiguration.configurations.upsert(
+      { service: 'oidc' },
+      {
+        $set: {
+          loginStyle: 'redirect',
+          clientId: 'CLIENT_ID',
+          secret: 'SECRET',
+          serverUrl: 'https://my-server',
+          authorizationEndpoint: '/oauth/authorize',
+          userinfoEndpoint: '/oauth/userinfo',
+          tokenEndpoint: '/oauth/token',
+          idTokenWhitelistFields: [],
+          requestPermissions: ['openid']
+        }
+      }
+    );
+    }
+
 });