Merge branch 'devel' of https://github.com/salleman33/wekan into salleman33-devel

2025-04-22 21:17:18 -04:00 · 2018-08-24 19:46:42 +03:00 · 2018-08-24 19:46:42 +03:00 · 96173ad431
commit 96173ad431
parent 3d76b8e1c1 3e927b4e58
3 changed files with 47 additions and 0 deletions
--- a/.meteor/packages
+++ b/.meteor/packages
@ -31,6 +31,7 @@ kenton:accounts-sandstorm
 service-configuration@1.0.11
 useraccounts:unstyled
 useraccounts:flow-routing
+salleman:accounts-oidc

 # Utilities
 check@1.2.5
--- a/models/users.js
+++ b/models/users.js
@ -478,6 +478,33 @@ if (Meteor.isServer) {
      return user;
    }

+    if (user.services.oidc) {
+      var email = user.services.oidc.email.toLowerCase();
+      
+      user.username = user.services.oidc.username;
+      user.emails = [{ address: email,
+		       verified: true }];
+      var initials = user.services.oidc.fullname.match(/\b[a-zA-Z]/g).join('').toUpperCase();
+      user.profile = { initials: initials, fullname: user.services.oidc.fullname };
+
+      // see if any existing user has this email address or username, otherwise create new
+      var existingUser = Meteor.users.findOne({$or: [{'emails.address': email}, {'username':user.username}]});
+	    console.log("user to create : ");
+	    console.log(user);
+      if (!existingUser)
+        return user;
+
+      // copy across new service info
+      var service = _.keys(user.services)[0];
+      existingUser.services[service] = user.services[service];
+      existingUser.emails = user.emails;
+      existingUser.username = user.username;
+      existingUser.profile = user.profile;
+
+      Meteor.users.remove({_id: existingUser._id}); // remove existing record
+      return existingUser;
+    }
+
    if (options.from === 'admin') {
      user.createdThroughApi = true;
      return user;
--- a/server/authentication.js
+++ b/server/authentication.js
@ -62,5 +62,24 @@ Meteor.startup(() => {
    Authentication.checkAdminOrCondition(userId, normalAccess);
  };

+  if (Meteor.isServer) {
+    ServiceConfiguration.configurations.upsert(
+      { service: 'oidc' },
+      {
+        $set: {
+          loginStyle: 'redirect',
+          clientId: 'CLIENT_ID',
+          secret: 'SECRET',
+          serverUrl: 'https://my-server',
+          authorizationEndpoint: '/oauth/authorize',
+          userinfoEndpoint: '/oauth/userinfo',
+          tokenEndpoint: '/oauth/token',
+          idTokenWhitelistFields: [],
+          requestPermissions: ['openid']
+        }
+      }
+    );
+    }
+
 });