ghaymah_dev/codepill-sfu
1
0
نسخ 0
الشفرة المشكلات طلبات السحب Actions Packages المشاريع الإصدارات الويكي النشاط

[mirotalksfu] - add OIDC (OpenID Connect)

تصفح المصدر
هذا الالتزام موجود في:
Miroslav Pejic
2024-05-01 17:51:25 +02:00
الأصل 5840183da7
التزام 626be62eeb
3 ملفات معدلة مع 78 إضافات و5 حذوفات
تنزيل ملف التصحيح تنزيل ملف الاختلاف توسيع جميع الملفات طي جميع الملفات

50
app/src/Server.js
عرض الملف

@@ -17,6 +17,7 @@ dependencies: {
cors : https://www.npmjs.com/package/cors
crypto-js : https://www.npmjs.com/package/crypto-js
express : https://www.npmjs.com/package/express
express-openid-connect : https://www.npmjs.com/package/express-openid-connect
httpolyglot : https://www.npmjs.com/package/httpolyglot
jsonwebtoken : https://www.npmjs.com/package/jsonwebtoken
mediasoup : https://www.npmjs.com/package/mediasoup
@@ -46,6 +47,7 @@ dependencies: {
*/
const express = require('express');
const { auth, requiresAuth } = require('express-openid-connect');
const cors = require('cors');
const compression = require('compression');
const https = require('httpolyglot');
@@ -171,6 +173,9 @@ if (config.chatGPT.enabled) {
}
}
// OpenID Connect
const OIDC = config.oidc ? config.oidc : { enabled: false };
// directory
const dir = {
public: path.join(__dirname, '../../', 'public'),
@@ -247,6 +252,15 @@ if (!announcedAddress && IPv4 === '0.0.0.0') {
startServer();
}
// Custom middleware function for OIDC authentication
function OIDCAuth(req, res, next) {
if (OIDC.enabled) {
requiresAuth()(req, res, next); // Apply requiresAuth() middleware conditionally
} else {
next();
}
}
function startServer() {
// Start the app
app.use(cors(corsOptions));
@@ -298,6 +312,33 @@ function startServer() {
}
});
// OpenID Connect
if (OIDC.enabled) {
try {
app.use(auth(OIDC.config));
} catch (err) {
log.error(err);
process.exit(1);
}
}
// Route to display user information
app.get('/profile', OIDCAuth, (req, res) => {
const user = OIDC.enabled ? req.oidc.user : { message: 'Profile not found!' };
res.json(user); // Send user information as JSON
});
// Authentication Callback Route
app.get('/auth/callback', (req, res, next) => {
next(); // Let express-openid-connect handle this route
});
// Logout Route
app.get('/logout', (req, res) => {
if (OIDC.enabled) req.logout();
res.redirect('/'); // Redirect to the home page after logout
});
// UI buttons configuration
app.get('/config', (req, res) => {
res.status(200).json({ message: config.ui ? config.ui.buttons : false });
@@ -309,7 +350,7 @@ function startServer() {
});
// main page
app.get(['/'], (req, res) => {
app.get(['/'], OIDCAuth, (req, res) => {
//log.debug('/ - hostCfg ----->', hostCfg);
if ((hostCfg.protected && !hostCfg.authenticated) || authHost.isRoomActive()) {
const ip = getIP(req);
@@ -326,7 +367,7 @@ function startServer() {
});
// set new room name and join
app.get(['/newroom'], (req, res) => {
app.get(['/newroom'], OIDCAuth, (req, res) => {
//log.info('/newroom - hostCfg ----->', hostCfg);
if ((hostCfg.protected && !hostCfg.authenticated) || authHost.isRoomActive()) {
@@ -344,7 +385,7 @@ function startServer() {
});
// Handle Direct join room with params
app.get('/join/', async (req, res) => {
app.get('/join/', OIDCAuth, async (req, res) => {
if (Object.keys(req.query).length > 0) {
//log.debug('/join/params - hostCfg ----->', hostCfg);
@@ -403,7 +444,7 @@ function startServer() {
});
// join room by id
app.get('/join/:roomId', (req, res) => {
app.get('/join/:roomId', OIDCAuth, (req, res) => {
//log.debug('/join/room - hostCfg ----->', hostCfg);
if (hostCfg.authenticated || authHost.isRoomActive()) {
res.sendFile(views.room);
@@ -733,6 +774,7 @@ function startServer() {
chatGPT_enabled: config.chatGPT.enabled,
configUI: config.ui,
serverRec: config?.server?.recording,
oidc: OIDC,
};
}