Commit 9d956240 authored by Wolfgang Knopki's avatar Wolfgang Knopki
Browse files

[fix] saml auth finished

parent f0b219f5
Pipeline #975 failed with stages
in 2 minutes and 1 second
...@@ -64,17 +64,77 @@ const uuidv4 = require('uuid/v4'); ...@@ -64,17 +64,77 @@ const uuidv4 = require('uuid/v4');
router.post('/saml/SSO', passport.authenticate('saml', { failureRedirect: '/login', failureFlash: true}), function(req, res){ router.post('/saml/SSO', passport.authenticate('saml', { failureRedirect: '/login', failureFlash: true}), function(req, res){
const xmlResponse = req.body.SAMLResponse; const xmlResponse = req.body.SAMLResponse;
const parser = new Saml2js(xmlResponse); const parser = new Saml2js(xmlResponse);
const userid = parser.get('email'); const response = parser.toObject();
const email = response["mail"];
console.log(parser.toJSON());
console.log("Nickname "+ response["givenName"])
const nickname = response["givenName"];
//check, if user exists, if not create. //check, if user exists, if not create.
db.User.findAll({where: {email: email}})
.then(users => {
if (users.length == 0) {
crypto.randomBytes(16, function(ex, buf) {
var token = buf.toString('hex');
//else get userid and create session -> set cookie var u = {
_id: uuidv4(),
email: email,
account_type: "email",
nickname: nickname,
password_hash: "00000",
prefs_language: req.i18n.locale,
confirmation_token: token
};
db.User.create(u)
.error(err => {
res.sendStatus(400);
})
.then(u => {
var homeFolder = {
_id: uuidv4(),
name: req.i18n.__("home"),
space_type: "folder",
creator_id: u._id
};
db.Space.create(homeFolder)
.error(err => {
res.sendStatus(400);
})
.then(homeFolder => {
u.home_folder_id = homeFolder._id;
u.save()
.then(() => {
// home folder created,
// auto accept pending invites
db.Membership.update({
"state": "active"
}, {
where: {
"email_invited": u.email,
"state": "pending"
}
});
res.status(201).json({});
})
.error(err => {
res.status(400).json(err);
});
})
});
});
}
}).then(user =>{
db.User.findOne({where: {email: email}})
.error(err => {
res.sendStatus(404);
})
.then(user => {
crypto.randomBytes(48, function(ex, buf) { crypto.randomBytes(48, function(ex, buf) {
var token = buf.toString('hex'); var token = buf.toString('hex');
var session = { var session = {
user_id: userid, user_id: user._id,
token: token, token: token,
ip: req.ip, ip: req.ip,
device: "web", device: "web",
...@@ -89,10 +149,13 @@ router.post('/saml/SSO', passport.authenticate('saml', { failureRedirect: '/logi ...@@ -89,10 +149,13 @@ router.post('/saml/SSO', passport.authenticate('saml', { failureRedirect: '/logi
}) })
.then(() => { .then(() => {
var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : req.headers.hostname; var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : req.headers.hostname;
console.log("session set successfully");
res.cookie('sdsession', token, { domain: domain, httpOnly: true }); res.cookie('sdsession', token, { domain: domain, httpOnly: true });
res.redirect(302, "/") res.redirect(302, "/")
}); });
}); });
});
});
}); });
router.get('/', (req, res) => { router.get('/', (req, res) => {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment