Skip to content

Commit 2dc137b

Browse files
skadefroskadefro
committed
oauth improve
1 parent d108286 commit 2dc137b

14 files changed

Lines changed: 758 additions & 69 deletions

OpenFlow/src/DBHelper.ts

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -51,11 +51,9 @@ export class DBHelper {
5151
if (ids.indexOf(role._id) == -1) {
5252
ids.push(role._id);
5353
result.push(role);
54-
// console.log(role.name + " " + role._id);
5554
const _subroles: Role[] = await this.GetRoles(role._id, ident + 1);
5655
for (let y = 0; y < _subroles.length; y++) {
5756
const subrole = _subroles[y];
58-
// console.log(role.name + " " + subrole.name + " " + subrole._id);
5957
if (ids.indexOf(subrole._id) == -1) {
6058
ids.push(subrole._id);
6159
result.push(subrole);

OpenFlow/src/DatabaseConnection.ts

Lines changed: 15 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ import { Config } from "./Config";
88
import { TokenUser, Base, WellknownIds, Rights, NoderedUtil, mapFunc, finalizeFunc, reduceFunc, Ace, UpdateOneMessage, UpdateManyMessage, InsertOrUpdateOneMessage, Role, Rolemember, User } from "@openiap/openflow-api";
99
import { DBHelper } from "./DBHelper";
1010
import * as client from "prom-client";
11+
import { OAuthProvider } from "./OAuthProvider";
1112
// tslint:disable-next-line: typedef
1213
const safeObjectID = (s: string | number | ObjectID) => ObjectID.isValid(s) ? new ObjectID(s) : null;
1314
const isoDatePattern = new RegExp(/\d{4}-[01]\d-[0-3]\dT[0-2]\d:[0-5]\d:[0-5]\d\.\d+([+-][0-2]\d:[0-5]\d|Z)/);
@@ -23,7 +24,7 @@ Object.defineProperty(Promise, 'retry', {
2324
configurable: true,
2425
writable: true,
2526
value: function retry(retries, executor) {
26-
console.log(`${retries} retries left!`)
27+
console.warn(`${retries} retries left!`)
2728

2829
if (typeof retries !== 'number') {
2930
throw new TypeError('retries is not a number')
@@ -374,7 +375,7 @@ export class DatabaseConnection {
374375
mysort = neworderby;
375376
}
376377
} catch (error) {
377-
console.log(error, orderby);
378+
console.error(error, orderby);
378379
}
379380
if (neworderby == null) mysort[(orderby as string)] = 1;
380381
} else {
@@ -391,7 +392,7 @@ export class DatabaseConnection {
391392
myhint = newhint;
392393
}
393394
} catch (error) {
394-
console.log(error, hint);
395+
console.error(error, hint);
395396
}
396397
if (newhint == null) myhint[(hint as string)] = 1;
397398
} else {
@@ -457,8 +458,6 @@ export class DatabaseConnection {
457458
if (!top) { top = 500; }
458459
if (!skip) { skip = 0; }
459460
let arr: T[] = [];
460-
461-
462461
DatabaseConnection.mongodb_query_count.labels(collectionname).inc();
463462
const end = DatabaseConnection.mongodb_query.startTimer();
464463
let _pipe = this.db.collection(collectionname).find(_query);
@@ -546,7 +545,7 @@ export class DatabaseConnection {
546545
myhint = newhint;
547546
}
548547
} catch (error) {
549-
console.log(error, hint);
548+
console.error(error, hint);
550549
}
551550
if (newhint == null) myhint[(hint as string)] = 1;
552551
} else {
@@ -818,6 +817,11 @@ export class DatabaseConnection {
818817
end({ collection: collectionname });
819818
DBHelper.cached_roles = [];
820819
}
820+
if (collectionname == "config" && item._type == "oauthclient") {
821+
if (user.HasRoleName("admins")) {
822+
setTimeout(() => OAuthProvider.LoadClients(), 1000);
823+
}
824+
}
821825
DatabaseConnection.traversejsondecode(item);
822826
if (Config.log_inserts) this._logger.debug("[" + user.username + "][" + collectionname + "] inserted " + item.name);
823827
return item;
@@ -1019,6 +1023,11 @@ export class DatabaseConnection {
10191023
(q.item as any).passwordhash = await Crypt.hash((q.item as any).newpassword);
10201024
delete (q.item as any).newpassword;
10211025
}
1026+
if (q.collectionname == "config" && q.item._type == "oauthclient") {
1027+
if (user.HasRoleName("admins")) {
1028+
setTimeout(() => OAuthProvider.LoadClients(), 1000);
1029+
}
1030+
}
10221031
this._logger.silly("[" + user.username + "][" + q.collectionname + "] Updating " + (q.item.name || q.item._name) + " in database");
10231032

10241033
if (q.query === null || q.query === undefined) {
@@ -1363,7 +1372,6 @@ export class DatabaseConnection {
13631372
await this._DeleteFile(arr[i]._id);
13641373
end({ collection: collectionname });
13651374
}
1366-
// if (Config.log_deletes) console.log(JSON.parse(JSON.stringify(query)));
13671375
if (Config.log_deletes) this._logger.verbose("[" + user.username + "][" + collectionname + "] deleted " + arr.length + " items in database");
13681376
return arr.length;
13691377
} else {

OpenFlow/src/LoginProvider.ts

Lines changed: 22 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -144,12 +144,23 @@ export class LoginProvider {
144144
});
145145

146146
app.use(function (req, res, next) {
147-
res.header('Access-Control-Allow-Origin', (req.headers.origin as any));
148-
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
147+
logger.debug(req.originalUrl);
148+
const origin: string = (req.headers.origin as any);
149+
if (NoderedUtil.IsNullEmpty(origin)) {
150+
res.header('Access-Control-Allow-Origin', '*');
151+
} else {
152+
res.header('Access-Control-Allow-Origin', origin);
153+
}
154+
res.header("Access-Control-Allow-Methods", "DELETE, POST, PUT, GET, OPTIONS");
155+
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Headers, Authorization");
149156
res.header('Cache-Control', 'private, no-cache, no-store, must-revalidate');
150157
res.header('Expires', '-1');
151158
res.header('Pragma', 'no-cache');
152-
next();
159+
if (req.originalUrl == "/oidc/me" && req.method == "OPTIONS") {
160+
res.send("ok");
161+
} else {
162+
next();
163+
}
153164
});
154165
app.get("/Signout", (req: any, res: any, next: any): void => {
155166
// const providerid: string = req.cookies.provider;
@@ -187,7 +198,7 @@ export class LoginProvider {
187198
});
188199
await LoginProvider.RegisterProviders(app, baseurl);
189200
app.get("/user", async (req: any, res: any, next: any): Promise<void> => {
190-
// console.log("/user " + !(req.user == null));
201+
// logger.debug("/user " + !(req.user == null));
191202
res.setHeader("Content-Type", "application/json");
192203
if (req.user) {
193204
const user: User = await DBHelper.FindById(req.user._id);
@@ -198,7 +209,7 @@ export class LoginProvider {
198209
res.end();
199210
});
200211
app.get("/jwt", (req: any, res: any, next: any): void => {
201-
// console.log("/jwt " + !(req.user == null));
212+
// logger.debug("/jwt " + !(req.user == null));
202213
res.setHeader("Content-Type", "application/json");
203214
if (req.user) {
204215
const user: TokenUser = TokenUser.From(req.user);
@@ -209,7 +220,7 @@ export class LoginProvider {
209220
res.end();
210221
});
211222
app.get("/jwtlong", (req: any, res: any, next: any): void => {
212-
// console.log("/jwtlong " + !(req.user == null));
223+
// logger.debug("/jwtlong " + !(req.user == null));
213224
res.setHeader("Content-Type", "application/json");
214225
if (req.user) {
215226
const user: TokenUser = TokenUser.From(req.user);
@@ -224,7 +235,7 @@ export class LoginProvider {
224235
res.end();
225236
});
226237
app.post("/jwt", async (req: any, res: any, next: any): Promise<void> => {
227-
// console.log("/jwt " + !(req.user == null));
238+
// logger.debug("/jwt " + !(req.user == null));
228239
try {
229240
const rawAssertion = req.body.token;
230241
const user: User = await LoginProvider.validateToken(rawAssertion);
@@ -259,13 +270,13 @@ export class LoginProvider {
259270
res.end(JSON.stringify(res2));
260271
});
261272
app.get("/login", async (req: any, res: any, next: any): Promise<void> => {
262-
// console.log("/login " + !(req.user == null));
273+
// logger.debug("/login " + !(req.user == null));
263274
try {
264275
const originalUrl: any = req.cookies.originalUrl;
265276
const validateurl: any = req.cookies.validateurl;
266277
if (NoderedUtil.IsNullEmpty(originalUrl)) res.cookie("originalUrl", req.originalUrl, { maxAge: 900000, httpOnly: true });
267278
if (!NoderedUtil.IsNullEmpty(validateurl)) {
268-
// console.log("validateurl: " + validateurl);
279+
// logger.debug("validateurl: " + validateurl);
269280
if (req.user) {
270281
const user: User = await DBHelper.FindById(req.user._id);
271282
const tuser: TokenUser = TokenUser.From(user);
@@ -295,7 +306,7 @@ export class LoginProvider {
295306
}
296307
});
297308
app.get("/validateuserform", async (req: any, res: any, next: any): Promise<void> => {
298-
// console.log("/validateuserform " + !(req.user == null));
309+
// logger.debug("/validateuserform " + !(req.user == null));
299310
res.setHeader("Content-Type", "application/json");
300311
if (NoderedUtil.IsNullEmpty(Config.validate_user_form)) {
301312
res.end(JSON.stringify({}));
@@ -315,7 +326,7 @@ export class LoginProvider {
315326
return;
316327
});
317328
app.post("/validateuserform", async (req: any, res) => {
318-
// console.log("/validateuserform " + !(req.user == null));
329+
// logger.debug("/validateuserform " + !(req.user == null));
319330
res.setHeader("Content-Type", "application/json");
320331
try {
321332
if (req.user) {

0 commit comments

Comments
 (0)