external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-02-12 11:01:52 +00:00
Code Issues Releases Wiki Activity

fix oidc paths with aliasport #6148

Browse source 
Signed-off-by: si458 <simonsmith5521@gmail.com>
This commit is contained in:
si458 2024-06-04 10:26:29 +01:00
parent b1c3e2a8e7
commit 6976992735
1 changed files with 12 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
webserver.js
View file

@ -6772,13 +6772,13 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
if (domain.passport == null) { next(); return; } if (domain.passport == null) { next(); return; }
domain.passport.authenticate(`oidc-${domain.id}`, { failureRedirect: '/', failureFlash: true })(req, res, next); domain.passport.authenticate(`oidc-${domain.id}`, { failureRedirect: '/', failureFlash: true })(req, res, next);
}); });
let redirectPath let redirectPath;
if (typeof domain.authstrategies.oidc.client.redirect_uri == 'string') { if (typeof domain.authstrategies.oidc.client.redirect_uri == 'string') {
redirectPath = (new URL(domain.authstrategies.oidc.client.redirect_uri)).pathname redirectPath = (new URL(domain.authstrategies.oidc.client.redirect_uri)).pathname;
} else if (Array.isArray(domain.authstrategies.oidc.client.redirect_uris)) { } else if (Array.isArray(domain.authstrategies.oidc.client.redirect_uris)) {
redirectPath = (new URL(domain.authstrategies.oidc.client.redirect_uris[0])).pathname redirectPath = (new URL(domain.authstrategies.oidc.client.redirect_uris[0])).pathname;
} else { } else {
redirectPath = url + 'auth-oidc-callback' redirectPath = url + 'auth-oidc-callback';
} }
parent.authLog('setupHTTPHandlers', `OIDC: Callback URL: ${redirectPath}`); parent.authLog('setupHTTPHandlers', `OIDC: Callback URL: ${redirectPath}`);
obj.app.get(redirectPath, obj.bodyParser.urlencoded({ extended: false }), function (req, res, next) { obj.app.get(redirectPath, obj.bodyParser.urlencoded({ extended: false }), function (req, res, next) {
@ -7417,15 +7417,19 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
parent.authLog('setupDomainAuthStrategy', `OIDC: Adding Issuer Metadata: ${JSON.stringify(strategy.issuer)}`); parent.authLog('setupDomainAuthStrategy', `OIDC: Adding Issuer Metadata: ${JSON.stringify(strategy.issuer)}`);
issuer = new strategy.obj.openidClient.Issuer(Object.assign(issuer?.metadata, strategy.issuer)); issuer = new strategy.obj.openidClient.Issuer(Object.assign(issuer?.metadata, strategy.issuer));
} }
strategy.issuer = issuer?.metadata strategy.issuer = issuer?.metadata;
strategy.obj.issuer = issuer strategy.obj.issuer = issuer;
var httpport = ((args.aliasport != null) ? args.aliasport : args.port);
var origin = 'https://' + (domain.dns ? domain.dns : parent.certificates.CommonName);
if (httpport != 443) { origin += ':' + httpport; }
// Make sure redirect_uri and post_logout_redirect_uri exist before continuing // Make sure redirect_uri and post_logout_redirect_uri exist before continuing
if (!strategy.client.redirect_uri) { if (!strategy.client.redirect_uri) {
strategy.client.redirect_uri = 'https://' + parent.config.settings.cert + url + 'auth-oidc-callback'; strategy.client.redirect_uri = origin + url + 'auth-oidc-callback';
} }
if (!strategy.client.post_logout_redirect_uri) { if (!strategy.client.post_logout_redirect_uri) {
strategy.client.post_logout_redirect_uri = 'https://' + parent.config.settings.cert + url + 'login'; strategy.client.post_logout_redirect_uri = origin + url + 'login';
} }
// Create client and overwrite in options // Create client and overwrite in options