summaryrefslogtreecommitdiffstats
path: root/packages/wekan-oidc/oidc_client.js
diff options
context:
space:
mode:
Diffstat (limited to 'packages/wekan-oidc/oidc_client.js')
-rw-r--r--packages/wekan-oidc/oidc_client.js68
1 files changed, 68 insertions, 0 deletions
diff --git a/packages/wekan-oidc/oidc_client.js b/packages/wekan-oidc/oidc_client.js
new file mode 100644
index 00000000..744bd841
--- /dev/null
+++ b/packages/wekan-oidc/oidc_client.js
@@ -0,0 +1,68 @@
+Oidc = {};
+
+// Request OpenID Connect credentials for the user
+// @param options {optional}
+// @param credentialRequestCompleteCallback {Function} Callback function to call on
+// completion. Takes one argument, credentialToken on success, or Error on
+// error.
+Oidc.requestCredential = function (options, credentialRequestCompleteCallback) {
+ // support both (options, callback) and (callback).
+ if (!credentialRequestCompleteCallback && typeof options === 'function') {
+ credentialRequestCompleteCallback = options;
+ options = {};
+ }
+
+ var config = ServiceConfiguration.configurations.findOne({service: 'oidc'});
+ if (!config) {
+ credentialRequestCompleteCallback && credentialRequestCompleteCallback(
+ new ServiceConfiguration.ConfigError('Service oidc not configured.'));
+ return;
+ }
+
+ var credentialToken = Random.secret();
+ var loginStyle = OAuth._loginStyle('oidc', config, options);
+ var scope = config.requestPermissions || ['openid', 'profile', 'email'];
+
+ // options
+ options = options || {};
+ options.client_id = config.clientId;
+ options.response_type = options.response_type || 'code';
+ options.redirect_uri = OAuth._redirectUri('oidc', config);
+ options.state = OAuth._stateParam(loginStyle, credentialToken, options.redirectUrl);
+ options.scope = scope.join(' ');
+
+ if (config.loginStyle && config.loginStyle == 'popup') {
+ options.display = 'popup';
+ }
+
+ var loginUrl = config.serverUrl + config.authorizationEndpoint;
+ // check if the loginUrl already contains a "?"
+ var first = loginUrl.indexOf('?') === -1;
+ for (var k in options) {
+ if (first) {
+ loginUrl += '?';
+ first = false;
+ }
+ else {
+ loginUrl += '&'
+ }
+ loginUrl += encodeURIComponent(k) + '=' + encodeURIComponent(options[k]);
+ }
+
+ //console.log('XXX: loginURL: ' + loginUrl)
+
+ options.popupOptions = options.popupOptions || {};
+ var popupOptions = {
+ width: options.popupOptions.width || 320,
+ height: options.popupOptions.height || 450
+ };
+
+ OAuth.launchLogin({
+ loginService: 'oidc',
+ loginStyle: loginStyle,
+ loginUrl: loginUrl,
+ credentialRequestCompleteCallback: credentialRequestCompleteCallback,
+ credentialToken: credentialToken,
+ popupOptions: popupOptions,
+ });
+};
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-06-02 13:17:32 +0000