From 74fd2643b43057c25558b3da79398efe104e2660 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Fri, 20 Nov 2020 15:36:43 +0100 Subject: Provide express request to onLogout call + pluginInfo related changes --- server/lib/auth.ts | 4 ++-- server/lib/oauth-model.ts | 10 ++++++---- server/lib/plugins/plugin-manager.ts | 12 ++++++++++-- 3 files changed, 18 insertions(+), 8 deletions(-) (limited to 'server/lib') diff --git a/server/lib/auth.ts b/server/lib/auth.ts index 3f8e18633..acf0da18a 100644 --- a/server/lib/auth.ts +++ b/server/lib/auth.ts @@ -52,7 +52,7 @@ async function handleTokenRevocation (req: express.Request, res: express.Respons const token = res.locals.oauth.token res.locals.explicitLogout = true - await revokeToken(token) + const result = await revokeToken(token) // FIXME: uncomment when https://github.com/oauthjs/node-oauth2-server/pull/289 is released // oAuthServer.revoke(req, res, err => { @@ -68,7 +68,7 @@ async function handleTokenRevocation (req: express.Request, res: express.Respons // } // }) - return res.json() + return res.json(result) } async function onExternalUserAuthenticated (options: { diff --git a/server/lib/oauth-model.ts b/server/lib/oauth-model.ts index 3273c6c2d..f7ea98b41 100644 --- a/server/lib/oauth-model.ts +++ b/server/lib/oauth-model.ts @@ -141,13 +141,15 @@ async function getUser (usernameOrEmail?: string, password?: string) { return user } -async function revokeToken (tokenInfo: { refreshToken: string }) { +async function revokeToken (tokenInfo: { refreshToken: string }): Promise<{ success: boolean, redirectUrl?: string }> { const res: express.Response = this.request.res const token = await OAuthTokenModel.getByRefreshTokenAndPopulateUser(tokenInfo.refreshToken) if (token) { + let redirectUrl: string + if (res.locals.explicitLogout === true && token.User.pluginAuth && token.authName) { - PluginManager.Instance.onLogout(token.User.pluginAuth, token.authName, token.User) + redirectUrl = await PluginManager.Instance.onLogout(token.User.pluginAuth, token.authName, token.User, this.request) } clearCacheByToken(token.accessToken) @@ -155,10 +157,10 @@ async function revokeToken (tokenInfo: { refreshToken: string }) { token.destroy() .catch(err => logger.error('Cannot destroy token when revoking token.', { err })) - return true + return { success: true, redirectUrl } } - return false + return { success: false } } async function saveToken (token: TokenInfo, client: OAuthClientModel, user: UserModel) { diff --git a/server/lib/plugins/plugin-manager.ts b/server/lib/plugins/plugin-manager.ts index 94b5ecc41..8e7491257 100644 --- a/server/lib/plugins/plugin-manager.ts +++ b/server/lib/plugins/plugin-manager.ts @@ -1,3 +1,4 @@ +import * as express from 'express' import { createReadStream, createWriteStream } from 'fs' import { outputFile, readJSON } from 'fs-extra' import { basename, join } from 'path' @@ -166,18 +167,25 @@ export class PluginManager implements ServerHook { // ###################### External events ###################### - onLogout (npmName: string, authName: string, user: MUser) { + async onLogout (npmName: string, authName: string, user: MUser, req: express.Request) { const auth = this.getAuth(npmName, authName) if (auth?.onLogout) { logger.info('Running onLogout function from auth %s of plugin %s', authName, npmName) try { - auth.onLogout(user) + // Force await, in case or onLogout returns a promise + const result = await auth.onLogout(user, req) + + return typeof result === 'string' + ? result + : undefined } catch (err) { logger.warn('Cannot run onLogout function from auth %s of plugin %s.', authName, npmName, { err }) } } + + return undefined } onSettingsChanged (name: string, settings: any) { -- cgit v1.2.3