From ed02a70522f5df5bf1104bbda3e2c79ae95d6cfa Mon Sep 17 00:00:00 2001 From: kolaente Date: Sat, 21 Nov 2020 12:41:57 +0100 Subject: [PATCH 1/8] Add openid auth component --- src/components/home/contentNoAuth.vue | 3 ++- src/router/index.js | 6 ++++++ src/views/user/OpenIdAuth.vue | 11 +++++++++++ 3 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 src/views/user/OpenIdAuth.vue diff --git a/src/components/home/contentNoAuth.vue b/src/components/home/contentNoAuth.vue index e9490002a..05a8dae21 100644 --- a/src/components/home/contentNoAuth.vue +++ b/src/components/home/contentNoAuth.vue @@ -32,7 +32,8 @@ export default { this.$route.name !== 'user.password-reset.request' && this.$route.name !== 'user.password-reset.reset' && this.$route.name !== 'user.register' && - this.$route.name !== 'link-share.auth' + this.$route.name !== 'link-share.auth' && + this.$route.name !== 'openid.auth' ) { this.$router.push({name: 'user.login'}) } diff --git a/src/router/index.js b/src/router/index.js index 163e29362..981bd97f8 100644 --- a/src/router/index.js +++ b/src/router/index.js @@ -8,6 +8,7 @@ import ErrorComponent from '../components/misc/error' // User Handling import LoginComponent from '../views/user/Login' import RegisterComponent from '../views/user/Register' +import OpenIdAuth from '@/views/user/OpenIdAuth' // Tasks import ShowTasksInRangeComponent from '../views/tasks/ShowTasksInRange' import LinkShareAuthComponent from '../views/sharing/LinkSharingAuth' @@ -267,5 +268,10 @@ export default new Router({ name: 'filters.create', component: CreateSavedFilter, }, + { + path: '/auth/openid/:provider', + name: 'openid.auth', + component: OpenIdAuth, + }, ], }) \ No newline at end of file diff --git a/src/views/user/OpenIdAuth.vue b/src/views/user/OpenIdAuth.vue new file mode 100644 index 000000000..96967202c --- /dev/null +++ b/src/views/user/OpenIdAuth.vue @@ -0,0 +1,11 @@ + + + -- 2.40.1 From ffed665bbba95a10505915eef4347d77d0aea965 Mon Sep 17 00:00:00 2001 From: kolaente Date: Sat, 21 Nov 2020 13:24:50 +0100 Subject: [PATCH 2/8] Add authentication through openid --- src/store/modules/auth.js | 34 ++++++++++++++++++++++++ src/views/user/OpenIdAuth.vue | 50 ++++++++++++++++++++++++++++++++++- 2 files changed, 83 insertions(+), 1 deletion(-) diff --git a/src/store/modules/auth.js b/src/store/modules/auth.js index a33d24ed1..befe20329 100644 --- a/src/store/modules/auth.js +++ b/src/store/modules/auth.js @@ -98,6 +98,40 @@ export default { ctx.commit(LOADING, false, {root: true}) }) }, + openIdAuth(ctx, {provider, code}) { + const HTTP = HTTPFactory() + ctx.commit(LOADING, true, {root: true}) + + const data = { + code: code, + } + + // Delete an eventually preexisting old token + localStorage.removeItem('token') + return HTTP.post(`/auth/openid/${provider}/callback`, data) + .then(response => { + // Save the token to local storage for later use + localStorage.setItem('token', response.data.token) + + // Tell others the user is autheticated + ctx.commit('isLinkShareAuth', false) + ctx.dispatch('checkAuth') + return Promise.resolve() + }) + .catch(e => { + if (e.response) { + let errorMsg = e.response.data.message + if (e.response.status === 401) { + errorMsg = 'Wrong username or password.' + } + ctx.commit(ERROR_MESSAGE, errorMsg, {root: true}) + } + return Promise.reject() + }) + .finally(() => { + ctx.commit(LOADING, false, {root: true}) + }) + }, linkShareAuth(ctx, hash) { const HTTP = HTTPFactory() diff --git a/src/views/user/OpenIdAuth.vue b/src/views/user/OpenIdAuth.vue index 96967202c..4c359cd57 100644 --- a/src/views/user/OpenIdAuth.vue +++ b/src/views/user/OpenIdAuth.vue @@ -1,11 +1,59 @@ -- 2.40.1 From 769a18c29df2434b5810842811334cc28730467e Mon Sep 17 00:00:00 2001 From: kolaente Date: Sat, 21 Nov 2020 14:56:14 +0100 Subject: [PATCH 3/8] Parse auth config from /info --- src/store/modules/config.js | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/store/modules/config.js b/src/store/modules/config.js index c9b65131f..aec9feb95 100644 --- a/src/store/modules/config.js +++ b/src/store/modules/config.js @@ -1,5 +1,6 @@ import {CONFIG} from '../mutation-types' import {HTTPFactory} from '@/http-common' +import {objectToCamelCase} from '@/helpers/case' export default { namespaced: true, @@ -20,6 +21,16 @@ export default { privacyPolicyUrl: '', }, caldavEnabled: false, + auth: { + local: { + enabled: false, + }, + openidConnect: { + enabled: false, + redirectUrl: '', + providers: [], + }, + }, }), mutations: { [CONFIG](state, config) { @@ -36,6 +47,7 @@ export default { state.legal.imprintUrl = config.legal.imprint_url state.legal.privacyPolicyUrl = config.legal.privacy_policy_url state.caldavEnabled = config.caldav_enabled + state.auth = objectToCamelCase(config.auth) }, }, actions: { -- 2.40.1 From a3541ac1e9fb6d8318cc4b51dc2bb25ebc17c1c3 Mon Sep 17 00:00:00 2001 From: kolaente Date: Sat, 21 Nov 2020 15:20:27 +0100 Subject: [PATCH 4/8] Add showing openid providers on login --- src/views/user/Login.vue | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/src/views/user/Login.vue b/src/views/user/Login.vue index 7b65fd7f5..49ecf4d18 100644 --- a/src/views/user/Login.vue +++ b/src/views/user/Login.vue @@ -54,15 +54,16 @@ @@ -70,6 +71,13 @@ {{ errorMessage }} + +
+ + Log in with {{ p.name }} + +
+ @@ -128,6 +136,8 @@ export default { errorMessage: ERROR_MESSAGE, needsTotpPasscode: state => state.auth.needsTotpPasscode, authenticated: state => state.auth.authenticated, + localAuthEnabled: state => state.config.auth.enabled, + openidConnect: state => state.config.auth.openidConnect, }), methods: { submit() { @@ -151,6 +161,12 @@ export default { .catch(() => { }) }, + redirectToProvider(provider) { + const state = Math.random().toString(36).substring(2, 24) + localStorage.setItem('state', state) + + window.location.href = `${provider.authUrl}?client_id=${provider.clientId}&redirect_uri=${this.openidConnect.redirectUrl}${provider.key}&response_type=code&scope=&state=${state}` + }, }, } -- 2.40.1 From ab0c30013b65996e95b9e33b514efd83d9a96b62 Mon Sep 17 00:00:00 2001 From: kolaente Date: Sat, 21 Nov 2020 15:31:13 +0100 Subject: [PATCH 5/8] Verify auth state before authenticating --- src/views/user/Login.vue | 4 ++-- src/views/user/OpenIdAuth.vue | 7 +++++++ 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/src/views/user/Login.vue b/src/views/user/Login.vue index 49ecf4d18..98cc03a6f 100644 --- a/src/views/user/Login.vue +++ b/src/views/user/Login.vue @@ -6,7 +6,7 @@ You successfully confirmed your email! You can log in now. -
+
@@ -136,7 +136,7 @@ export default { errorMessage: ERROR_MESSAGE, needsTotpPasscode: state => state.auth.needsTotpPasscode, authenticated: state => state.auth.authenticated, - localAuthEnabled: state => state.config.auth.enabled, + localAuthEnabled: state => state.config.auth.local.enabled, openidConnect: state => state.config.auth.openidConnect, }), methods: { diff --git a/src/views/user/OpenIdAuth.vue b/src/views/user/OpenIdAuth.vue index 4c359cd57..ebab542d4 100644 --- a/src/views/user/OpenIdAuth.vue +++ b/src/views/user/OpenIdAuth.vue @@ -38,6 +38,13 @@ export default { } localStorage.setItem('authenticating', true) + const state = localStorage.getItem('state') + if(typeof this.$route.query.state === 'undefined' || this.$route.query.state !== state) { + localStorage.removeItem('authenticating') + this.$store.commit(ERROR_MESSAGE, 'State does not match, refusing to continue!') + return + } + this.$store.commit(ERROR_MESSAGE, '') this.$store.dispatch('auth/openIdAuth', { -- 2.40.1 From 2429ba4e4ab077350c625056733fa5b69fd1af7f Mon Sep 17 00:00:00 2001 From: kolaente Date: Sat, 21 Nov 2020 15:41:12 +0100 Subject: [PATCH 6/8] Fix setting auth config from api in state --- src/store/modules/config.js | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/store/modules/config.js b/src/store/modules/config.js index aec9feb95..1c0b5b34e 100644 --- a/src/store/modules/config.js +++ b/src/store/modules/config.js @@ -1,3 +1,5 @@ +import Vue from 'vue' + import {CONFIG} from '../mutation-types' import {HTTPFactory} from '@/http-common' import {objectToCamelCase} from '@/helpers/case' @@ -23,7 +25,7 @@ export default { caldavEnabled: false, auth: { local: { - enabled: false, + enabled: true, }, openidConnect: { enabled: false, @@ -47,7 +49,11 @@ export default { state.legal.imprintUrl = config.legal.imprint_url state.legal.privacyPolicyUrl = config.legal.privacy_policy_url state.caldavEnabled = config.caldav_enabled - state.auth = objectToCamelCase(config.auth) + const auth = objectToCamelCase(config.auth) + state.auth.local.enabled = auth.local.enabled + state.auth.openidConnect.enabled = auth.openidConnect.enabled + state.auth.openidConnect.redirectUrl = auth.openidConnect.redirectUrl + Vue.set(state.auth.openidConnect, 'providers', auth.openidConnect.providers) }, }, actions: { -- 2.40.1 From 274a5dd75b250ea1d64ec3a50064da6e32b697b0 Mon Sep 17 00:00:00 2001 From: kolaente Date: Sat, 21 Nov 2020 22:06:13 +0100 Subject: [PATCH 7/8] Add showing and modifying user name --- src/components/home/topNavigation.vue | 2 +- src/models/user.js | 1 + src/models/userName.js | 10 ++++++ src/services/userName.js | 10 ++++++ src/store/modules/auth.js | 3 ++ src/views/Home.vue | 2 +- src/views/user/Settings.vue | 50 +++++++++++++++++++++++++++ 7 files changed, 76 insertions(+), 2 deletions(-) create mode 100644 src/models/userName.js create mode 100644 src/services/userName.js diff --git a/src/components/home/topNavigation.vue b/src/components/home/topNavigation.vue index 7660aca4d..bb8d54950 100644 --- a/src/components/home/topNavigation.vue +++ b/src/components/home/topNavigation.vue @@ -45,7 +45,7 @@