Skip to content

Commit

Permalink
refactor(service)!: users/auth: remove deprecated devices/authorizati…
Browse files Browse the repository at this point in the history 
…on routes from saml auth protocol
  • Loading branch information
@restjohn
restjohn committed Aug 28, 2024
1 parent bbbabff commit d26fe11
Showing 1 changed file with 75 additions and 76 deletions.
151 changes: 75 additions & 76 deletions service/src/authentication/saml.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,9 @@ const SamlStrategy = require('@node-saml/passport-saml').Strategy
, log = require('winston')
, User = require('../models/user')
, Role = require('../models/role')
, Device = require('../models/device')
, TokenAssertion = require('./verification').TokenAssertion
, api = require('../api')
, userTransformer = require('../transformers/user')
, AuthenticationInitializer = require('./index')
, authenticationApiAppender = require('../utilities/authenticationApiAppender');

function configure(strategy) {
log.info('Configuring ' + strategy.title + ' authentication');
Expand Down Expand Up @@ -221,19 +218,19 @@ function setDefaults(strategy) {
function initialize(strategy) {
const app = AuthenticationInitializer.app;
const passport = AuthenticationInitializer.passport;
const provision = AuthenticationInitializer.provision;
// const provision = AuthenticationInitializer.provision;

setDefaults(strategy);
configure(strategy);

function parseLoginMetadata(req, res, next) {
req.loginOptions = {
userAgent: req.headers['user-agent'],
appVersion: req.param('appVersion')
};
// function parseLoginMetadata(req, res, next) {
// req.loginOptions = {
// userAgent: req.headers['user-agent'],
// appVersion: req.param('appVersion')
// };

next();
}
// next();
// }
app.get(
'/auth/' + strategy.name + '/signin',
function (req, res, next) {
Expand All @@ -252,79 +249,81 @@ function initialize(strategy) {
// Create a new device
// Any authenticated user can create a new device, the registered field
// will be set to false.
app.post('/auth/' + strategy.name + '/devices',
function (req, res, next) {
if (req.user) {
next();
} else {
res.sendStatus(401);
}
},
function (req, res, next) {
const newDevice = {
uid: req.param('uid'),
name: req.param('name'),
registered: false,
description: req.param('description'),
userAgent: req.headers['user-agent'],
appVersion: req.param('appVersion'),
userId: req.user.id
};
// TODO: users-next: is this ok to remove now?
// app.post('/auth/' + strategy.name + '/devices',
// function (req, res, next) {
// if (req.user) {
// next();
// } else {
// res.sendStatus(401);
// }
// },
// function (req, res, next) {
// const newDevice = {
// uid: req.param('uid'),
// name: req.param('name'),
// registered: false,
// description: req.param('description'),
// userAgent: req.headers['user-agent'],
// appVersion: req.param('appVersion'),
// userId: req.user.id
// };

Device.getDeviceByUid(newDevice.uid)
.then(device => {
if (device) {
// already exists, do not register
return res.json(device);
}
// Device.getDeviceByUid(newDevice.uid)
// .then(device => {
// if (device) {
// // already exists, do not register
// return res.json(device);
// }

Device.createDevice(newDevice)
.then(device => res.json(device))
.catch(err => next(err));
})
.catch(err => next(err));
}
);
// Device.createDevice(newDevice)
// .then(device => res.json(device))
// .catch(err => next(err));
// })
// .catch(err => next(err));
// }
// );

// DEPRECATED session authorization, remove in next version.
app.post(
'/auth/' + strategy.name + '/authorize',
function (req, res, next) {
if (req.user) {
log.warn('session authorization is deprecated, please use jwt');
return next();
}
// TODO: users-next: is this ok to remove now? no other auth type has this
// app.post(
// '/auth/' + strategy.name + '/authorize',
// function (req, res, next) {
// if (req.user) {
// log.warn('session authorization is deprecated, please use jwt');
// return next();
// }

passport.authenticate('authorization', function (err, user, info = {}) {
if (!user) return res.status(401).send(info.message);
// passport.authenticate('authorization', function (err, user, info = {}) {
// if (!user) return res.status(401).send(info.message);

req.user = user;
next();
})(req, res, next);
},
provision.check(strategy.name),
parseLoginMetadata,
function (req, res, next) {
// TODO: users-next
new api.User().login(req.user, req.provisionedDevice, req.loginOptions, function (err, token) {
if (err) return next(err);
// req.user = user;
// next();
// })(req, res, next);
// },
// provision.check(strategy.name),
// parseLoginMetadata,
// function (req, res, next) {
// // TODO: users-next
// new api.User().login(req.user, req.provisionedDevice, req.loginOptions, function (err, token) {
// if (err) return next(err);

authenticationApiAppender.append(strategy.api).then(api => {
res.json({
token: token.token,
expirationDate: token.expirationDate,
user: userTransformer.transform(req.user, { path: req.getRoot() }),
device: req.provisionedDevice,
api: api
});
}).catch(err => {
next(err);
});
});
// authenticationApiAppender.append(strategy.api).then(api => {
// res.json({
// token: token.token,
// expirationDate: token.expirationDate,
// user: userTransformer.transform(req.user, { path: req.getRoot() }),
// device: req.provisionedDevice,
// api: api
// });
// }).catch(err => {
// next(err);
// });
// });

req.session = null;
}
);
// req.session = null;
// }
// );
}

module.exports = {
Expand Down

0 comments on commit d26fe11

Please sign in to comment.