diff --git a/package.json b/package.json index 161e8611..75dc2668 100644 --- a/package.json +++ b/package.json @@ -16,6 +16,7 @@ "start:app:debug:ssh": "cd app && cross-env DEBUG=ssh yarn start", "start:api:portal": "yarn workspace dbgate-api start:portal", "start:api:singledb": "yarn workspace dbgate-api start:singledb", + "start:api:auth": "yarn workspace dbgate-api start:auth", "start:web": "yarn workspace dbgate-web dev", "start:sqltree": "yarn workspace dbgate-sqltree start", "start:tools": "yarn workspace dbgate-tools start", diff --git a/packages/api/env/auth/.env b/packages/api/env/auth/.env new file mode 100644 index 00000000..1737c73e --- /dev/null +++ b/packages/api/env/auth/.env @@ -0,0 +1,4 @@ +DEVMODE=1 +OAUTH=http://auth.metrostav.vychozi.cz/auth/realms/metrostav/protocol/openid-connect +OAUTH_CLIENT_ID=dbgate +OAUTH_CLIENT_SECRET=ffd5634b-b60a-4c3a-bbec-b4144c73ea2a \ No newline at end of file diff --git a/packages/api/package.json b/packages/api/package.json index 8190e580..35822cea 100644 --- a/packages/api/package.json +++ b/packages/api/package.json @@ -57,6 +57,7 @@ "start": "env-cmd node src/index.js --listen-api", "start:portal": "env-cmd -f env/portal/.env node src/index.js --listen-api", "start:singledb": "env-cmd -f env/singledb/.env node src/index.js --listen-api", + "start:auth": "env-cmd -f env/auth/.env node src/index.js --listen-api", "start:filedb": "env-cmd node src/index.js /home/jena/test/chinook/Chinook.db --listen-api", "start:singleconn": "env-cmd node src/index.js --server localhost --user root --port 3307 --engine mysql@dbgate-plugin-mysql --password test --listen-api", "ts": "tsc", diff --git a/packages/api/src/controllers/auth.js b/packages/api/src/controllers/auth.js new file mode 100644 index 00000000..27a1c3e1 --- /dev/null +++ b/packages/api/src/controllers/auth.js @@ -0,0 +1,17 @@ +const axios = require('axios'); + +module.exports = { + oauthToken_meta: true, + async oauthToken(params) { + const { redirectUri, code } = params; + + const resp = await axios.default.post( + `${process.env.OAUTH}/token`, + `grant_type=authorization_code&code=${encodeURIComponent(code)}&redirect_uri=${encodeURIComponent( + redirectUri + )}&client_id=${process.env.OAUTH_CLIENT_ID}&client_secret=${process.env.OAUTH_CLIENT_SECRET}` + ); + + return resp.data; + }, +}; diff --git a/packages/api/src/controllers/config.js b/packages/api/src/controllers/config.js index 34e3e3c8..a75fd12b 100644 --- a/packages/api/src/controllers/config.js +++ b/packages/api/src/controllers/config.js @@ -40,6 +40,7 @@ module.exports = { isDocker: platformInfo.isDocker, permissions, login, + oauth: process.env.OAUTH, ...currentVersion, }; }, diff --git a/packages/api/src/main.js b/packages/api/src/main.js index eec93c02..9ce31bb6 100644 --- a/packages/api/src/main.js +++ b/packages/api/src/main.js @@ -20,6 +20,7 @@ const jsldata = require('./controllers/jsldata'); const config = require('./controllers/config'); const archive = require('./controllers/archive'); const apps = require('./controllers/apps'); +const auth = require('./controllers/auth'); const uploads = require('./controllers/uploads'); const plugins = require('./controllers/plugins'); const files = require('./controllers/files'); @@ -157,6 +158,7 @@ function useAllControllers(app, electron) { useController(app, electron, '/scheduler', scheduler); useController(app, electron, '/query-history', queryHistory); useController(app, electron, '/apps', apps); + useController(app, electron, '/auth', auth); } function setElectronSender(electronSender) { diff --git a/packages/web/src/App.svelte b/packages/web/src/App.svelte index 6938737e..c3000f83 100644 --- a/packages/web/src/App.svelte +++ b/packages/web/src/App.svelte @@ -24,6 +24,34 @@ let loadedApi = false; let loadedPlugins = false; + async function handleAuth(config) { + if (config.oauth) { + const params = new URLSearchParams(location.search); + const sentCode = params.get('code'); + const sentState = params.get('state'); + if ( + sentCode && + sentState && + sentState.startsWith('dbg-oauth:') && + sentState == sessionStorage.getItem('oauthState') + ) { + const accessToken = await apiCall('auth/oauth-token', { + code: sentCode, + redirectUri: location.origin, + }); + console.log('TOKEN', accessToken); + } else { + const state = `dbg-oauth:${Math.random().toString().substr(2)}`; + sessionStorage.setItem('oauthState', state); + location.replace( + `${config.oauth}/auth?client_id=dbgate&response_type=code&redirect_uri=${encodeURIComponent( + location.origin + )}&state=${encodeURIComponent(state)}` + ); + } + } + } + async function loadApi() { // if (shouldWaitForElectronInitialize()) { // setTimeout(loadApi, 100); @@ -36,6 +64,7 @@ const connections = await apiCall('connections/list'); const settings = await getSettings(); const config = await getConfig(); + handleAuth(config); const apps = await getUsedApps(); loadedApi = settings && connections && config && apps; diff --git a/packages/web/src/main.ts b/packages/web/src/main.ts index 2a72600c..bfb1df04 100644 --- a/packages/web/src/main.ts +++ b/packages/web/src/main.ts @@ -4,6 +4,22 @@ import './utility/changeCurrentDbByTab'; import './commands/stdCommands'; import localStorageGarbageCollector from './utility/localStorageGarbageCollector'; +const params = new URLSearchParams(location.search); +console.log('CODE', params.get('code')); +// console.log( +// `http://auth.metrostav.vychozi.cz/auth/realms/metrostav/protocol/openid-connect/auth?client_id=dbgate&response_type=code&redirect_uri=${encodeURIComponent( +// 'http://localhost:5001/oauth-redirect' +// )}&state=1234` +// ); + +console.log(location); + +// location.replace( +// `http://auth.metrostav.vychozi.cz/auth/realms/metrostav/protocol/openid-connect/auth?client_id=dbgate&response_type=code&redirect_uri=${encodeURIComponent( +// 'http://localhost:5001/' +// )}&state=1234` +// ); + localStorageGarbageCollector(); const app = new App({