oauth returns access token

This commit is contained in:
Jan Prochazka 2022-11-14 21:20:58 +01:00
parent 792fa75ccd
commit f42d78b2fb
8 changed files with 71 additions and 0 deletions

View File

@ -16,6 +16,7 @@
"start:app:debug:ssh": "cd app && cross-env DEBUG=ssh yarn start",
"start:api:portal": "yarn workspace dbgate-api start:portal",
"start:api:singledb": "yarn workspace dbgate-api start:singledb",
"start:api:auth": "yarn workspace dbgate-api start:auth",
"start:web": "yarn workspace dbgate-web dev",
"start:sqltree": "yarn workspace dbgate-sqltree start",
"start:tools": "yarn workspace dbgate-tools start",

4
packages/api/env/auth/.env vendored Normal file
View File

@ -0,0 +1,4 @@
DEVMODE=1
OAUTH=http://auth.metrostav.vychozi.cz/auth/realms/metrostav/protocol/openid-connect
OAUTH_CLIENT_ID=dbgate
OAUTH_CLIENT_SECRET=ffd5634b-b60a-4c3a-bbec-b4144c73ea2a

View File

@ -57,6 +57,7 @@
"start": "env-cmd node src/index.js --listen-api",
"start:portal": "env-cmd -f env/portal/.env node src/index.js --listen-api",
"start:singledb": "env-cmd -f env/singledb/.env node src/index.js --listen-api",
"start:auth": "env-cmd -f env/auth/.env node src/index.js --listen-api",
"start:filedb": "env-cmd node src/index.js /home/jena/test/chinook/Chinook.db --listen-api",
"start:singleconn": "env-cmd node src/index.js --server localhost --user root --port 3307 --engine mysql@dbgate-plugin-mysql --password test --listen-api",
"ts": "tsc",

View File

@ -0,0 +1,17 @@
const axios = require('axios');
module.exports = {
oauthToken_meta: true,
async oauthToken(params) {
const { redirectUri, code } = params;
const resp = await axios.default.post(
`${process.env.OAUTH}/token`,
`grant_type=authorization_code&code=${encodeURIComponent(code)}&redirect_uri=${encodeURIComponent(
redirectUri
)}&client_id=${process.env.OAUTH_CLIENT_ID}&client_secret=${process.env.OAUTH_CLIENT_SECRET}`
);
return resp.data;
},
};

View File

@ -40,6 +40,7 @@ module.exports = {
isDocker: platformInfo.isDocker,
permissions,
login,
oauth: process.env.OAUTH,
...currentVersion,
};
},

View File

@ -20,6 +20,7 @@ const jsldata = require('./controllers/jsldata');
const config = require('./controllers/config');
const archive = require('./controllers/archive');
const apps = require('./controllers/apps');
const auth = require('./controllers/auth');
const uploads = require('./controllers/uploads');
const plugins = require('./controllers/plugins');
const files = require('./controllers/files');
@ -157,6 +158,7 @@ function useAllControllers(app, electron) {
useController(app, electron, '/scheduler', scheduler);
useController(app, electron, '/query-history', queryHistory);
useController(app, electron, '/apps', apps);
useController(app, electron, '/auth', auth);
}
function setElectronSender(electronSender) {

View File

@ -24,6 +24,34 @@
let loadedApi = false;
let loadedPlugins = false;
async function handleAuth(config) {
if (config.oauth) {
const params = new URLSearchParams(location.search);
const sentCode = params.get('code');
const sentState = params.get('state');
if (
sentCode &&
sentState &&
sentState.startsWith('dbg-oauth:') &&
sentState == sessionStorage.getItem('oauthState')
) {
const accessToken = await apiCall('auth/oauth-token', {
code: sentCode,
redirectUri: location.origin,
});
console.log('TOKEN', accessToken);
} else {
const state = `dbg-oauth:${Math.random().toString().substr(2)}`;
sessionStorage.setItem('oauthState', state);
location.replace(
`${config.oauth}/auth?client_id=dbgate&response_type=code&redirect_uri=${encodeURIComponent(
location.origin
)}&state=${encodeURIComponent(state)}`
);
}
}
}
async function loadApi() {
// if (shouldWaitForElectronInitialize()) {
// setTimeout(loadApi, 100);
@ -36,6 +64,7 @@
const connections = await apiCall('connections/list');
const settings = await getSettings();
const config = await getConfig();
handleAuth(config);
const apps = await getUsedApps();
loadedApi = settings && connections && config && apps;

View File

@ -4,6 +4,22 @@ import './utility/changeCurrentDbByTab';
import './commands/stdCommands';
import localStorageGarbageCollector from './utility/localStorageGarbageCollector';
const params = new URLSearchParams(location.search);
console.log('CODE', params.get('code'));
// console.log(
// `http://auth.metrostav.vychozi.cz/auth/realms/metrostav/protocol/openid-connect/auth?client_id=dbgate&response_type=code&redirect_uri=${encodeURIComponent(
// 'http://localhost:5001/oauth-redirect'
// )}&state=1234`
// );
console.log(location);
// location.replace(
// `http://auth.metrostav.vychozi.cz/auth/realms/metrostav/protocol/openid-connect/auth?client_id=dbgate&response_type=code&redirect_uri=${encodeURIComponent(
// 'http://localhost:5001/'
// )}&state=1234`
// );
localStorageGarbageCollector();
const app = new App({