This commit is contained in:
Julian Lam 2014-01-29 11:42:06 -05:00
commit 9fd27ff2fc
9 changed files with 548 additions and 0 deletions

22
.gitattributes vendored Normal file
View File

@ -0,0 +1,22 @@
# Auto detect text files and perform LF normalization
* text=auto
# Custom for Visual Studio
*.cs diff=csharp
*.sln merge=union
*.csproj merge=union
*.vbproj merge=union
*.fsproj merge=union
*.dbproj merge=union
# Standard to msysgit
*.doc diff=astextplain
*.DOC diff=astextplain
*.docx diff=astextplain
*.DOCX diff=astextplain
*.dot diff=astextplain
*.DOT diff=astextplain
*.pdf diff=astextplain
*.PDF diff=astextplain
*.rtf diff=astextplain
*.RTF diff=astextplain

218
.gitignore vendored Normal file
View File

@ -0,0 +1,218 @@
#################
## Eclipse
#################
*.pydevproject
.project
.metadata
bin/
tmp/
*.tmp
*.bak
*.swp
*~.nib
local.properties
.classpath
.settings/
.loadpath
# External tool builders
.externalToolBuilders/
# Locally stored "Eclipse launch configurations"
*.launch
# CDT-specific
.cproject
# PDT-specific
.buildpath
#################
## Visual Studio
#################
## Ignore Visual Studio temporary files, build results, and
## files generated by popular Visual Studio add-ons.
# User-specific files
*.suo
*.user
*.sln.docstates
# Build results
[Dd]ebug/
[Rr]elease/
x64/
build/
[Bb]in/
[Oo]bj/
# MSTest test Results
[Tt]est[Rr]esult*/
[Bb]uild[Ll]og.*
*_i.c
*_p.c
*.ilk
*.meta
*.obj
*.pch
*.pdb
*.pgc
*.pgd
*.rsp
*.sbr
*.tlb
*.tli
*.tlh
*.tmp
*.tmp_proj
*.log
*.vspscc
*.vssscc
.builds
*.pidb
*.log
*.scc
# Visual C++ cache files
ipch/
*.aps
*.ncb
*.opensdf
*.sdf
*.cachefile
# Visual Studio profiler
*.psess
*.vsp
*.vspx
# Guidance Automation Toolkit
*.gpState
# ReSharper is a .NET coding add-in
_ReSharper*/
*.[Rr]e[Ss]harper
# TeamCity is a build add-in
_TeamCity*
# DotCover is a Code Coverage Tool
*.dotCover
# NCrunch
*.ncrunch*
.*crunch*.local.xml
# Installshield output folder
[Ee]xpress/
# DocProject is a documentation generator add-in
DocProject/buildhelp/
DocProject/Help/*.HxT
DocProject/Help/*.HxC
DocProject/Help/*.hhc
DocProject/Help/*.hhk
DocProject/Help/*.hhp
DocProject/Help/Html2
DocProject/Help/html
# Click-Once directory
publish/
# Publish Web Output
*.Publish.xml
*.pubxml
# NuGet Packages Directory
## TODO: If you have NuGet Package Restore enabled, uncomment the next line
#packages/
# Windows Azure Build Output
csx
*.build.csdef
# Windows Store app package directory
AppPackages/
# Others
sql/
*.Cache
ClientBin/
[Ss]tyle[Cc]op.*
~$*
*~
*.dbmdl
*.[Pp]ublish.xml
*.pfx
*.publishsettings
# RIA/Silverlight projects
Generated_Code/
# Backup & report files from converting an old project file to a newer
# Visual Studio version. Backup files are not needed, because we have git ;-)
_UpgradeReport_Files/
Backup*/
UpgradeLog*.XML
UpgradeLog*.htm
# SQL Server files
App_Data/*.mdf
App_Data/*.ldf
#############
## Windows detritus
#############
# Windows image file caches
Thumbs.db
ehthumbs.db
# Folder config file
Desktop.ini
# Recycle Bin used on file shares
$RECYCLE.BIN/
# Mac crap
.DS_Store
#############
## Python
#############
*.py[co]
# Packages
*.egg
*.egg-info
dist/
build/
eggs/
parts/
var/
sdist/
develop-eggs/
.installed.cfg
# Installer logs
pip-log.txt
# Unit test / coverage reports
.coverage
.tox
#Translations
*.mo
#Mr Developer
.mr.developer.cfg
sftp-config.json
node_modules/

2
.npmignore Normal file
View File

@ -0,0 +1,2 @@
sftp-config.json
node_modules/

8
LICENSE Normal file
View File

@ -0,0 +1,8 @@
Copyright (c) 2013-2014, psychobunny <psycho.bunny@hotmail.com>
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

7
README.md Normal file
View File

@ -0,0 +1,7 @@
# NodeBB OAuth SSO
NodeBB Plugin that allows users to login/register via any configured OAuth provider.
## Installation
npm install nodebb-plugin-sso-oauth

167
library.js Normal file
View File

@ -0,0 +1,167 @@
(function(module) {
"use strict";
var User = module.parent.require('./user'),
db = module.parent.require('../src/database'),
passport = module.parent.require('passport'),
fs = module.parent.require('fs'),
path = module.parent.require('path'),
nconf = module.parent.require('nconf'),
winston = module.parent.require('winston'),
passportOAuth;
if (meta.config['social:oauth:type'] === '2') {
passportOAuth = require('passport-oauth').OAuth2Strategy;
} else if (meta.config['social:oauth:type'] === '1') {
passportOAuth = require('passport-oauth').OAuthStrategy;
}
var constants = Object.freeze({
'name': "Generic OAuth",
'admin': {
'route': '/oauth',
'icon': 'fa-key'
}
});
var OAuth = {};
OAuth.getStrategy = function(strategies) {
var oAuthKeys = ['social:oauth:reqTokenUrl', 'social:oauth:accessTokenUrl', 'social:oauth:authUrl', 'social:oauth:key', 'social:oauth:secret'],
oAuth2Keys = ['social:oauth2:authUrl', 'social:oauth2:tokenUrl', 'social:oauth2:id', 'social:oauth2:secret'],
configOk = oAuthKeys.every(function(key) {
return meta.config[key];
}) || oAuth2Keys.every(function(key) {
return meta.config[key];
}),
opts;
if (passportOAuth && configOk) {
if (meta.config['social:oauth:type'] === '1') {
opts = {
requestTokenURL: meta.config['social:oauth:reqTokenUrl'],
accessTokenURL: meta.config['social:oauth:accessTokenUrl'],
userAuthorizationURL: meta.config['social:oauth:authUrl'],
consumerKey: meta.config['social:oauth:key'],
consumerSecret: meta.config['social:oauth:secret'],
callbackURL: nconf.get('url') + '/auth/generic/callback'
};
} else if (meta.config['social:oauth:type'] === '2') {
opts = {
authorizationURL: meta.config['social:oauth2:authUrl'],
tokenURL: meta.config['social:oauth2:tokenUrl'],
clientID: meta.config['social:oauth2:id'],
clientSecret: meta.config['social:oauth2:secret'],
callbackURL: nconf.get('url') + '/auth/generic/callback'
};
}
passport.use('Generic OAuth', new passportOAuth(opts, function(token, secret, profile, done) {
console.log('this is the info I get back:', arguments);
process.exit();
OAuth.login(profile.id, profile.displayName, profile.emails[0].value, function(err, user) {
if (err) {
return done(err);
}
done(null, user);
});
}));
strategies.push({
name: 'Generic OAuth',
url: '/auth/oauth',
callbackURL: '/auth/generic/callback',
icon: 'check',
scope: meta.config['social:oauth:scope'].split(',')
});
return strategies;
} else {
winston.info('[plugins/sso-oauth] OAuth Disabled or misconfigured. Proceeding without Generic OAuth Login');
return strategies;
}
};
OAuth.login = function(oAuthid, handle, email, callback) {
OAuth.getUidByOAuthid(oAuthid, function(err, uid) {
if(err) {
return callback(err);
}
if (uid !== null) {
// Existing User
callback(null, {
uid: uid
});
} else {
// New User
var success = function(uid) {
// Save provider-specific information to the user
User.setUserField(uid, 'oAuthid', oAuthid);
db.setObjectField('oAuthid:uid', oAuthid, uid);
callback(null, {
uid: uid
});
};
User.getUidByEmail(email, function(err, uid) {
if(err) {
return callback(err);
}
if (!uid) {
User.create({username: handle, email: email}, function(err, uid) {
if(err) {
return callback(err);
}
success(uid);
});
} else {
success(uid); // Existing account -- merge
}
});
}
});
};
OAuth.getUidByOAuthid = function(oAuthid, callback) {
db.getObjectField('oauthid:uid', oAuthid, function(err, uid) {
if (err) {
return callback(err);
}
callback(null, uid);
});
};
OAuth.addMenuItem = function(custom_header) {
custom_header.authentication.push({
"route": constants.admin.route,
"icon": constants.admin.icon,
"name": constants.name
});
return custom_header;
}
OAuth.addAdminRoute = function(custom_routes, callback) {
fs.readFile(path.resolve(__dirname, './static/admin.tpl'), function (err, template) {
custom_routes.routes.push({
"route": constants.admin.route,
"method": "get",
"options": function(req, res, callback) {
callback({
req: req,
res: res,
route: constants.admin.route,
name: constants.name,
content: template
});
}
});
callback(null, custom_routes);
});
};
module.exports = OAuth;
}(module));

31
package.json Normal file
View File

@ -0,0 +1,31 @@
{
"name": "nodebb-plugin-sso-oauth",
"version": "0.1.0-1",
"description": "NodeBB Generic OAuth SSO",
"main": "library.js",
"repository": {
"type": "git",
"url": "https://github.com/julianlam/nodebb-plugin-sso-oauth"
},
"keywords": [
"nodebb",
"plugin",
"oauth",
"sso",
"single sign on",
"registration"
],
"author": {
"name": "Julian Lam",
"email": "julian@nodebb.org"
},
"license": "MIT",
"bugs": {
"url": "https://github.com/julianlam/nodebb-plugin-sso-oauth/issues"
},
"readme": "",
"readmeFilename": "README.md",
"dependencies": {
"passport-oauth": "~1.0.0"
}
}

19
plugin.json Normal file
View File

@ -0,0 +1,19 @@
{
"id": "nodebb-plugin-sso-oauth",
"name": "NodeBB OAuth SSO",
"description": "NodeBB Plugin that allows users to login/register via any configured OAuth provider.",
"url": "https://github.com/julianlam/nodebb-plugin-sso-oauth",
"library": "./library.js",
"hooks": [
{
"hook": "filter:auth.init", "method": "getStrategy", "callbacked": false
},
{
"hook": "filter:admin.header.build", "method": "addMenuItem", "callbacked": false
},
{
"hook": "filter:admin.create_routes", "method": "addAdminRoute", "callbacked": true
}
],
"staticDir": "./static"
}

74
static/admin.tpl Normal file
View File

@ -0,0 +1,74 @@
<h1><i class="fa fa-key"></i> Generic OAuth Authentication</h1>
<hr />
<form>
<div class="alert alert-warning">
<p>
Please refer to your OAuth provider&apos;s documentation for appropriate values. All fields are mandatory.
</p>
<br />
<select data-field="social:oauth:type" title="OAuth Strategy" class="form-control">
<option value="x">Disabled</option>
<option value="1">OAuth</option>
<option value="2">OAuth2</option>
</select>
<hr />
<div class="form-group">
<input type="text" data-strategy="1" data-field="social:oauth:key" title="OAuth Key" class="form-control input-lg" placeholder="OAuth Key">
</div>
<div class="form-group">
<input type="text" data-strategy="1" data-field="social:oauth:secret" title="OAuth Secret" class="form-control" placeholder="OAuth Secret">
</div>
<div class="form-group">
<input type="text" data-strategy="1" data-field="social:oauth:reqTokenUrl" title="Token Request URL" class="form-control" placeholder="Token Request URL">
</div>
<div class="form-group">
<input type="text" data-strategy="1" data-field="social:oauth:accessTokenUrl" title="Access Token URL" class="form-control" placeholder="Access Token URL">
</div>
<div class="form-group">
<input type="text" data-strategy="1" data-field="social:oauth:authUrl" title="Authorization URL" class="form-control" placeholder="Authorization URL">
</div>
<div class="form-group">
<input type="text" data-strategy="2" data-field="social:oauth2:id" title="Client ID" class="form-control input-lg" placeholder="Client ID">
</div>
<div class="form-group">
<input type="text" data-strategy="2" data-field="social:oauth2:secret" title="Client Secret" class="form-control" placeholder="Client Secret">
</div>
<div class="form-group">
<input type="text" data-strategy="2" data-field="social:oauth2:authUrl" title="Authorization URL" class="form-control" placeholder="Authorization URL">
</div>
<div class="form-group">
<input type="text" data-strategy="2" data-field="social:oauth2:tokenUrl" title="Token URL" class="form-control" placeholder="Token URL">
</div>
<div class="form-group">
<input type="text" data-field="social:oauth:scope" title="Comma-separated scope" class="form-control" placeholder="Comma-separated scope (e.g. &quot;user,email,address&quot;)">
</div>
</div>
</form>
<button class="btn btn-lg btn-primary" id="save">Save</button>
<script>
require(['forum/admin/settings'], function(Settings) {
Settings.prepare(function() {
var OAuthType = $('[data-field="social:oauth:type"]').val();
toggleFields(OAuthType);
});
});
var toggleFields = function(value) {
if (value === '1') {
$('[data-strategy="2"]').hide();
$('[data-strategy="1"]').show();
} else if (value === '2') {
$('[data-strategy="1"]').hide();
$('[data-strategy="2"]').show();
}
}
$('[data-field="social:oauth:type"]').on('change', function() {
toggleFields(this.value);
})
</script>