diff --git a/src/core/server/app/middleware/passport/index.ts b/src/core/server/app/middleware/passport/index.ts index 8ef4a7711..755b7f5ed 100644 --- a/src/core/server/app/middleware/passport/index.ts +++ b/src/core/server/app/middleware/passport/index.ts @@ -10,6 +10,7 @@ import { } from "talk-server/app/middleware/passport/jwt"; import { createLocalStrategy } from "talk-server/app/middleware/passport/local"; import { createOIDCStrategy } from "talk-server/app/middleware/passport/oidc"; +import { createSSOStrategy } from "talk-server/app/middleware/passport/sso"; import { User } from "talk-server/models/user"; import { Request } from "talk-server/types/express"; @@ -37,6 +38,9 @@ export function createPassport({ // Use the LocalStrategy. auth.use(createLocalStrategy({ db })); + // Use the SSOStrategy. + auth.use(createSSOStrategy({ db })); + // Use the JWTStrategy. auth.use(createJWTStrategy({ db, signingConfig })); diff --git a/src/core/server/app/middleware/passport/sso.ts b/src/core/server/app/middleware/passport/sso.ts index e009cf747..cd50a67de 100644 --- a/src/core/server/app/middleware/passport/sso.ts +++ b/src/core/server/app/middleware/passport/sso.ts @@ -177,28 +177,6 @@ export default class SSOStrategy extends Strategy { return findOrCreateSSOUser(this.db, tenant, token); } - /** - * wrapNewTokenHandler wraps the token handling with a promise. - */ - private wrapNewTokenHandler = (tenant: Tenant) => async ( - err: Error | undefined, - token: OIDCIDToken | SSOToken - ) => { - if (err) { - return this.fail(err, 401); - } - - try { - // Find or create the user based on the decoded token. - const user = await this.findOrCreateUser(tenant, token); - - // The user was found or created! - return this.success(user, null); - } catch (err) { - return this.error(err); - } - }; - public authenticate(req: Request) { const { tenant } = req; if (!tenant) { @@ -222,7 +200,26 @@ export default class SSOStrategy extends Strategy { // out in the future.. algorithms: ["HS256"], // TODO: (wyattjoh) investigate replacing algorithm. }, - this.wrapNewTokenHandler(tenant) + async (err: Error | undefined, decoded: OIDCIDToken | SSOToken) => { + if (err) { + // TODO: (wyattjoh) wrap error? + return this.error(err); + } + + try { + // Find or create the user based on the decoded token. + const user = await this.findOrCreateUser(tenant, decoded); + + // The user was found or created! + return this.success(user, null); + } catch (err) { + return this.error(err); + } + } ); } } + +export function createSSOStrategy(options: SSOStrategyOptions) { + return new SSOStrategy(options); +}