From b17359ec6fd0e8526a623691f87f55158999b43a Mon Sep 17 00:00:00 2001 From: Samuel Date: Fri, 26 Apr 2019 18:21:42 +0200 Subject: fix(oidc): can not log in Trying to configure wekan authenticating against LemonLDAP-NG, I used to read about errors like the following: ``` XXX: getUserInfo response: { sub: 'demoone' } XXX: userinfo: { sub: 'demoone' } {"line":"431","file":"oauth.js","message":"Error in OAuth Server: id is not defined","time":{"$date":1556286530412},"level":"warn"} Exception while invoking method 'login' { stack: 'ReferenceError: id is not defined\n at Object.handleOauthRequest (packages/wekan-oidc.js:39:68)\n at OAuth._requestHandlers.(anonymous function) (packages/oauth2.js:27:31)\n at middleware (packages/oauth.js:203:5)\n at packages/oauth.js:176:5', source: 'method' } ``` Looking at the sources, that error message seems to be right: we have several references to `id`, `uid`, `displayName` or `email`, which are not defined. Probably a typo, assuming we meant these to be strings. Applying that patch, I confirm I can finally log in: ``` XXX: getUserInfo response: { sub: 'demoone' } XXX: userinfo: { sub: 'demoone' } XXX: serviceData: { id: undefined, username: undefined, fullname: undefined, accessToken: 'e57dc4e9e81cc98c279db3ed08b1c72f', expiresAt: 1556298699213, email: undefined } XXX: profile: { name: undefined, email: undefined } ``` All the credit goes to @pcurie . --- packages/wekan-oidc/oidc_server.js | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'packages') diff --git a/packages/wekan-oidc/oidc_server.js b/packages/wekan-oidc/oidc_server.js index fb948c52..ec615cd1 100644 --- a/packages/wekan-oidc/oidc_server.js +++ b/packages/wekan-oidc/oidc_server.js @@ -13,12 +13,12 @@ OAuth.registerService('oidc', 2, null, function (query) { if (debug) console.log('XXX: userinfo:', userinfo); var serviceData = {}; - serviceData.id = userinfo[process.env.OAUTH2_ID_MAP] || userinfo[id]; - serviceData.username = userinfo[process.env.OAUTH2_USERNAME_MAP] || userinfo[uid]; - serviceData.fullname = userinfo[process.env.OAUTH2_FULLNAME_MAP] || userinfo[displayName]; + serviceData.id = userinfo[process.env.OAUTH2_ID_MAP] || userinfo["id"]; + serviceData.username = userinfo[process.env.OAUTH2_USERNAME_MAP] || userinfo["uid"]; + serviceData.fullname = userinfo[process.env.OAUTH2_FULLNAME_MAP] || userinfo["displayName"]; serviceData.accessToken = accessToken; serviceData.expiresAt = expiresAt; - serviceData.email = userinfo[process.env.OAUTH2_EMAIL_MAP] || userinfo[email]; + serviceData.email = userinfo[process.env.OAUTH2_EMAIL_MAP] || userinfo["email"]; if (accessToken) { var tokenContent = getTokenContent(accessToken); @@ -31,8 +31,8 @@ OAuth.registerService('oidc', 2, null, function (query) { if (debug) console.log('XXX: serviceData:', serviceData); var profile = {}; - profile.name = userinfo[process.env.OAUTH2_FULLNAME_MAP] || userinfo[displayName]; - profile.email = userinfo[process.env.OAUTH2_EMAIL_MAP] || userinfo[email]; + profile.name = userinfo[process.env.OAUTH2_FULLNAME_MAP] || userinfo["displayName"]; + profile.email = userinfo[process.env.OAUTH2_EMAIL_MAP] || userinfo["email"]; if (debug) console.log('XXX: profile:', profile); return { -- cgit v1.2.3-1-g7c22