mt77/synapse-admin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add option for access token login (#58)

Browse Source 
* Fix SSO login flow, redirect is done after auth

* Add accessToken login

* Add confirmation for session destroy on accessToken logout

* add translations, fix tests, minor renaming

* update readme
This commit is contained in:
Borislav Pantaleev
2024-10-17 18:34:20 +03:00
committed by GitHub
parent 19302466ef
commit 0d021021df
15 changed files with 709 additions and 542 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/synapse/authProvider.test.ts
View File

@@ -23,13 +23,13 @@ describe("authProvider", () => {
})
);
const ret: undefined = await authProvider.login({
const ret = await authProvider.login({
base_url: "http://example.com",
username: "@user:example.com",
password: "secret",
});
expect(ret).toBe(undefined);
expect(ret).toEqual({redirectTo: "/"});
expect(fetch).toBeCalledWith("http://example.com/_matrix/client/r0/login", {
body: '{"device_id":null,"initial_device_display_name":"Synapse Admin","type":"m.login.password","identifier":{"type":"m.id.user","user":"@user:example.com"},"password":"secret"}',
headers: new Headers({
@@ -55,12 +55,12 @@ describe("authProvider", () => {
})
);
const ret: undefined = await authProvider.login({
const ret = await authProvider.login({
base_url: "https://example.com/",
loginToken: "login_token",
});
expect(ret).toBe(undefined);
expect(ret).toEqual({redirectTo: "/"});
expect(fetch).toHaveBeenCalledWith("https://example.com/_matrix/client/r0/login", {
body: '{"device_id":null,"initial_device_display_name":"Synapse Admin","type":"m.login.token","token":"login_token"}',
headers: new Headers({

34
src/synapse/authProvider.ts
View File

@@ -10,14 +10,16 @@ const authProvider: AuthProvider = {
username,
password,
loginToken,
accessToken,
}: {
base_url: string;
username: string;
password: string;
loginToken: string;
accessToken: string;
}) => {
console.log("login ");
const options: Options = {
let options: Options = {
method: "POST",
body: JSON.stringify(
Object.assign(
@@ -55,11 +57,30 @@ const authProvider: AuthProvider = {
storage.setItem("base_url", base_url);
const decoded_base_url = window.decodeURIComponent(base_url);
const login_api_url = decoded_base_url + "/_matrix/client/r0/login";
let login_api_url = decoded_base_url + (accessToken ? "/_matrix/client/v3/account/whoami" : "/_matrix/client/r0/login");
let response;
try {
if (accessToken) {
// this a login with an already obtained access token, let's just validate it
options = {
headers: new Headers({
Accept: 'application/json',
Authorization: `Bearer ${accessToken}`,
}),
};
}
response = await fetchUtils.fetchJson(login_api_url, options);
const json = response.json;
storage.setItem("home_server", accessToken ? base_url : json.home_server);
storage.setItem("user_id", json.user_id);
storage.setItem("access_token", accessToken ? accessToken : json.access_token);
storage.setItem("device_id", json.device_id);
storage.setItem("login_type", accessToken ? "accessToken" : "credentials");
return Promise.resolve({redirectTo: "/"});
} catch(err) {
const error = err as HttpError;
const errorStatus = error.status;
@@ -71,14 +92,8 @@ const authProvider: AuthProvider = {
errMsg,
errorStatus,
)
);
);
}
const json = response.json;
storage.setItem("home_server", json.home_server);
storage.setItem("user_id", json.user_id);
storage.setItem("access_token", json.access_token);
storage.setItem("device_id", json.device_id);
},
// called when the user clicks on the logout button
logout: async () => {
@@ -102,6 +117,7 @@ const authProvider: AuthProvider = {
console.log("Error logging out", err);
} finally {
storage.removeItem("access_token");
storage.removeItem("login_type");
}
}
},