Tidy up OAuth, allow pulling properties from decoded JWT

nrn · Oct 31, 2024 · b28d90f · b28d90f
1 parent 8cecd04
commit b28d90f
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 12 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -7,6 +7,7 @@
   "dependencies": {
     "@passport-js/passport-twitter": "^1.0.8",
     "coffeescript": "^2.4.1",
+    "jwt-decode": "^4.0.0",
     "lodash": "^4.17.19",
     "passport": "^0.3.2",
     "passport-github2": "^0.1.12",

diff --git a/server/social.coffee b/server/social.coffee
@@ -17,6 +17,8 @@ url = require 'url'
 _ = require 'lodash'
 glob = require 'glob'
 
+{ jwtDecode } = require('jwt-decode');
+
 passport = require('passport')
 
 # Export a function that generates security handler
@@ -50,10 +52,6 @@ module.exports = exports = (log, loga, argv) ->
       callbackHost = callbackHost + ":" + url.parse(argv.url).port
   else
     callbackHost = url.parse(argv.url).host
-    if argv.oauth2_CallbackPort?
-      callbackHost = callbackHost + ":" + argv.oauth2_CallbackPort
-
-  console.log "callbackHost", callbackHost
 
   ids = []
 
@@ -135,7 +133,7 @@ module.exports = exports = (log, loga, argv) ->
       return false
 
     switch idProvider
-      when "github", "google", "twitter", "oauth2"
+      when "github", "google", "twitter", 'oauth2'
         if _.isEqual(admin[idProvider], req.session.passport.user[idProvider].id)
           return true
         else
@@ -165,13 +163,10 @@ module.exports = exports = (log, loga, argv) ->
       OAuth2Strategy = require('passport-oauth2').Strategy
 
       oauth2StrategyName = callbackHost + 'OAuth'
-      console.log "callbackHost", callbackHost
 
       if argv.oauth2_UserInfoURL?
         OAuth2Strategy::userProfile = (accesstoken, done) -> 
           @_oauth2._request "GET", argv.oauth2_UserInfoURL, null, null, accesstoken, (err, data) ->
-            console.log "data", data
-            console.log "err", err
             if err
               return done err 
             try
@@ -190,13 +185,17 @@ module.exports = exports = (log, loga, argv) ->
         userInfoURL: argv.oauth2_UserInfoURL
         }, (accessToken, refreshToken, params, profile, cb) ->
 
+          token = jwtDecode(accessToken)
+
           extractUserInfo = (uiParam, uiDef) ->
             uiPath = ''
             if typeof uiParam == 'undefined' then (uiPath = uiDef) else (uiPath = uiParam)
             console.log('extractUI', uiParam, uiDef, uiPath)
             sParts = uiPath.split('.')
             sFrom = sParts.shift()
             switch sFrom
+              when "token"
+                obj = token
               when "params"
                 obj = params
               when "profile"
@@ -209,10 +208,6 @@ module.exports = exports = (log, loga, argv) ->
               obj = obj[sParts.shift()]
             return obj
 
-          console.log("accessToken", accessToken)
-          console.log("refreshToken", refreshToken)
-          console.log("params", params)
-          console.log("profile", profile)
           if argv.oauth2_UsernameField?
             username_query = argv.oauth2_UsernameField 
           else