@hed-hog/core 0.0.153 → 0.0.154
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/oauth/oauth.controller.js +3 -3
- package/dist/oauth/oauth.controller.js.map +1 -1
- package/dist/oauth/providers/microsoft-entra-id.provider.d.ts.map +1 -1
- package/dist/oauth/providers/microsoft-entra-id.provider.js +26 -14
- package/dist/oauth/providers/microsoft-entra-id.provider.js.map +1 -1
- package/hedhog/data/setting_group.yaml +3 -3
- package/package.json +4 -4
- package/src/oauth/oauth.controller.ts +5 -5
- package/src/oauth/providers/microsoft-entra-id.provider.ts +32 -15
|
@@ -30,15 +30,15 @@ let OAuthController = class OAuthController {
|
|
|
30
30
|
return res.redirect(redirectURL);
|
|
31
31
|
}
|
|
32
32
|
async login(provider, res) {
|
|
33
|
-
const url = this.service.getAuthUrl(provider, `/
|
|
33
|
+
const url = await this.service.getAuthUrl(provider, `/oauth/${provider}/callback/login`);
|
|
34
34
|
return res.redirect(url);
|
|
35
35
|
}
|
|
36
36
|
async register(provider, res) {
|
|
37
|
-
const url = this.service.getAuthUrl(provider, `/
|
|
37
|
+
const url = await this.service.getAuthUrl(provider, `/oauth/${provider}/callback/register`);
|
|
38
38
|
return res.redirect(url);
|
|
39
39
|
}
|
|
40
40
|
async connect(provider, res) {
|
|
41
|
-
const url = this.service.getAuthUrl(provider, `/
|
|
41
|
+
const url = this.service.getAuthUrl(provider, `/oauth/${provider}/callback/connect`);
|
|
42
42
|
return res.redirect(url);
|
|
43
43
|
}
|
|
44
44
|
async callbackLogin(locale, ipAddress, userAgent, provider, code, res) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth.controller.js","sourceRoot":"","sources":["../../src/oauth/oauth.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AACA,sCAA4C;AAC5C,oDAA6C;AAE7C,2CAUwB;AACxB,gEAA4D;AAC5D,mDAA+C;AAGxC,IAAM,eAAe,GAArB,MAAM,eAAe;IAC1B,YAA6B,OAAqB,EAAmB,cAA8B;QAAtE,YAAO,GAAP,OAAO,CAAc;QAAmB,mBAAc,GAAd,cAAc,CAAgB;IAAG,CAAC;IAIjG,AAAN,KAAK,CAAC,cAAc,CACH,IAAY,EACX,KAAa,EACtB,GAAG;QAEV,MAAM,IAAI,GAAG,KAAK,IAAI,OAAO,CAAC;QAC9B,MAAM,EAAE,GAAG,EAAE,WAAW,GAAG,EAAE,EAAE,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,gBAAgB,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;QACtF,MAAM,WAAW,GAAG,GAAG,WAAW,oBAAoB,IAAI,SAAS,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9F,OAAO,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IACnC,CAAC;IAIK,AAAN,KAAK,CAAC,KAAK,CAAoB,QAAgB,EAAS,GAAG;QACzD,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,
|
|
1
|
+
{"version":3,"file":"oauth.controller.js","sourceRoot":"","sources":["../../src/oauth/oauth.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AACA,sCAA4C;AAC5C,oDAA6C;AAE7C,2CAUwB;AACxB,gEAA4D;AAC5D,mDAA+C;AAGxC,IAAM,eAAe,GAArB,MAAM,eAAe;IAC1B,YAA6B,OAAqB,EAAmB,cAA8B;QAAtE,YAAO,GAAP,OAAO,CAAc;QAAmB,mBAAc,GAAd,cAAc,CAAgB;IAAG,CAAC;IAIjG,AAAN,KAAK,CAAC,cAAc,CACH,IAAY,EACX,KAAa,EACtB,GAAG;QAEV,MAAM,IAAI,GAAG,KAAK,IAAI,OAAO,CAAC;QAC9B,MAAM,EAAE,GAAG,EAAE,WAAW,GAAG,EAAE,EAAE,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,gBAAgB,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;QACtF,MAAM,WAAW,GAAG,GAAG,WAAW,oBAAoB,IAAI,SAAS,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9F,OAAO,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IACnC,CAAC;IAIK,AAAN,KAAK,CAAC,KAAK,CAAoB,QAAgB,EAAS,GAAG;QACzD,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,UAAU,CACvC,QAAsC,EACtC,UAAU,QAAQ,iBAAiB,CACpC,CAAC;QACF,OAAO,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;IAKK,AAAN,KAAK,CAAC,QAAQ,CAAoB,QAAgB,EAAS,GAAG;QAC5D,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,UAAU,CACvC,QAAsC,EACtC,UAAU,QAAQ,oBAAoB,CACvC,CAAC;QACF,OAAO,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;IAKK,AAAN,KAAK,CAAC,OAAO,CAAoB,QAAgB,EAAS,GAAG;QAC3D,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CACjC,QAAsC,EACtC,UAAU,QAAQ,mBAAmB,CACtC,CAAC;QACF,OAAO,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;IAKK,AAAN,KAAK,CAAC,aAAa,CACP,MAAc,EAClB,SAAiB,EACA,SAAiB,EACrB,QAAgB,EACpB,IAAY,EACC,GAAG;QAE/B,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAsC,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;IACnJ,CAAC;IAKK,AAAN,KAAK,CAAC,gBAAgB,CACV,MAAc,EAClB,SAAiB,EACA,SAAiB,EACrB,QAAgB,EACpB,IAAY,EACC,GAAG;QAE/B,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAsC,EAAE,IAAI,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC;IACtJ,CAAC;IAIK,AAAN,KAAK,CAAC,eAAe,CACT,MAAc,EAClB,SAAiB,EACA,SAAiB,EAChC,EAAE,EAAE,EAAE,EACK,QAAgB,EACpB,IAAY,EACC,GAAG;QAE/B,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAsC,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IACjK,CAAC;IAIK,AAAN,KAAK,CAAC,UAAU,CACJ,MAAc,EAClB,SAAiB,EACA,SAAiB,EACrB,QAAgB,EACpB,KAAa,EACA,GAAG;QAE/B,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAsC,EAAE,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC;IACzJ,CAAC;CACF,CAAA;AAtGY,0CAAe;AAKpB;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,YAAG,EAAC,iBAAiB,CAAC;IAEpB,WAAA,IAAA,cAAK,EAAC,MAAM,CAAC,CAAA;IACb,WAAA,IAAA,cAAK,EAAC,OAAO,CAAC,CAAA;IACd,WAAA,IAAA,YAAG,GAAE,CAAA;;;;qDAMP;AAIK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,YAAG,EAAC,iBAAiB,CAAC;IACV,WAAA,IAAA,cAAK,EAAC,UAAU,CAAC,CAAA;IAAoB,WAAA,IAAA,YAAG,GAAE,CAAA;;;;4CAMtD;AAKK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,YAAG,EAAC,oBAAoB,CAAC;IACV,WAAA,IAAA,cAAK,EAAC,UAAU,CAAC,CAAA;IAAoB,WAAA,IAAA,YAAG,GAAE,CAAA;;;;+CAMzD;AAKK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,YAAG,EAAC,mBAAmB,CAAC;IACV,WAAA,IAAA,cAAK,EAAC,UAAU,CAAC,CAAA;IAAoB,WAAA,IAAA,YAAG,GAAE,CAAA;;;;8CAMxD;AAKK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,YAAG,EAAC,0BAA0B,CAAC;IAE7B,WAAA,IAAA,mBAAM,GAAE,CAAA;IACR,WAAA,IAAA,WAAE,GAAE,CAAA;IACJ,WAAA,IAAA,gBAAO,EAAC,YAAY,CAAC,CAAA;IACrB,WAAA,IAAA,cAAK,EAAC,UAAU,CAAC,CAAA;IACjB,WAAA,IAAA,cAAK,EAAC,MAAM,CAAC,CAAA;IACb,WAAA,IAAA,YAAG,EAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;;;;oDAG5B;AAKK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,YAAG,EAAC,6BAA6B,CAAC;IAEhC,WAAA,IAAA,mBAAM,GAAE,CAAA;IACR,WAAA,IAAA,WAAE,GAAE,CAAA;IACJ,WAAA,IAAA,gBAAO,EAAC,YAAY,CAAC,CAAA;IACrB,WAAA,IAAA,cAAK,EAAC,UAAU,CAAC,CAAA;IACjB,WAAA,IAAA,cAAK,EAAC,MAAM,CAAC,CAAA;IACb,WAAA,IAAA,YAAG,EAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;;;;uDAG5B;AAIK;IADL,IAAA,YAAG,EAAC,4BAA4B,CAAC;IAE/B,WAAA,IAAA,mBAAM,GAAE,CAAA;IACR,WAAA,IAAA,WAAE,GAAE,CAAA;IACJ,WAAA,IAAA,gBAAO,EAAC,YAAY,CAAC,CAAA;IACrB,WAAA,IAAA,UAAI,GAAE,CAAA;IACN,WAAA,IAAA,cAAK,EAAC,UAAU,CAAC,CAAA;IACjB,WAAA,IAAA,cAAK,EAAC,MAAM,CAAC,CAAA;IACb,WAAA,IAAA,YAAG,EAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;;;;sDAG5B;AAIK;IADL,IAAA,eAAM,EAAC,WAAW,CAAC;IAEjB,WAAA,IAAA,mBAAM,GAAE,CAAA;IACR,WAAA,IAAA,WAAE,GAAE,CAAA;IACJ,WAAA,IAAA,gBAAO,EAAC,YAAY,CAAC,CAAA;IACrB,WAAA,IAAA,cAAK,EAAC,UAAU,CAAC,CAAA;IACjB,WAAA,IAAA,aAAI,EAAC,OAAO,CAAC,CAAA;IACb,WAAA,IAAA,YAAG,EAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;;;;iDAG5B;0BArGU,eAAe;IAD3B,IAAA,mBAAU,EAAC,OAAO,CAAC;qCAEoB,4BAAY,EAAmC,gCAAc;GADxF,eAAe,CAsG3B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"microsoft-entra-id.provider.d.ts","sourceRoot":"","sources":["../../../src/oauth/providers/microsoft-entra-id.provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAE5C,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAExD,qBACa,wBAAyB,SAAQ,iBAAiB;IAI3D,OAAO,CAAC,QAAQ,CAAC,OAAO;gBAFxB,IAAI,EAAE,WAAW,EAEA,OAAO,EAAE,cAAc;IAK1C,eAAe;IAIT,UAAU,CAAC,YAAY,EAAE,MAAM;
|
|
1
|
+
{"version":3,"file":"microsoft-entra-id.provider.d.ts","sourceRoot":"","sources":["../../../src/oauth/providers/microsoft-entra-id.provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAE5C,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAExD,qBACa,wBAAyB,SAAQ,iBAAiB;IAI3D,OAAO,CAAC,QAAQ,CAAC,OAAO;gBAFxB,IAAI,EAAE,WAAW,EAEA,OAAO,EAAE,cAAc;IAK1C,eAAe;IAIT,UAAU,CAAC,YAAY,EAAE,MAAM;IA4C/B,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;CAkC3D"}
|
|
@@ -33,37 +33,49 @@ let MicrosoftEntraIdProvider = class MicrosoftEntraIdProvider extends abstract_p
|
|
|
33
33
|
'microsoft_entra_id_tenant_id',
|
|
34
34
|
'url',
|
|
35
35
|
]);
|
|
36
|
-
console.log({
|
|
37
|
-
settings
|
|
36
|
+
console.log('[MicrosoftEntraIdProvider] Settings loaded:', {
|
|
37
|
+
client_id: settings['microsoft_entra_id_client_id'] ? `${settings['microsoft_entra_id_client_id'].substring(0, 8)}...` : 'NOT SET',
|
|
38
|
+
tenant_id: settings['microsoft_entra_id_tenant_id'] ? `${settings['microsoft_entra_id_tenant_id'].substring(0, 8)}...` : 'NOT SET',
|
|
39
|
+
scopes: settings['microsoft_entra_id_scopes'],
|
|
40
|
+
url: settings['url'],
|
|
38
41
|
});
|
|
39
|
-
|
|
42
|
+
if (!settings['microsoft_entra_id_client_id'] ||
|
|
43
|
+
!settings['microsoft_entra_id_client_secret'] ||
|
|
44
|
+
!settings['microsoft_entra_id_scopes'] ||
|
|
45
|
+
!settings['microsoft_entra_id_tenant_id'] ||
|
|
46
|
+
!settings['url']) {
|
|
47
|
+
throw new Error('Microsoft Entra ID OAuth is not configured properly. Please configure microsoft_entra_id_client_id, microsoft_entra_id_client_secret, microsoft_entra_id_scopes, microsoft_entra_id_tenant_id, and url settings.');
|
|
48
|
+
}
|
|
49
|
+
const tenantId = settings['microsoft_entra_id_tenant_id'];
|
|
40
50
|
const redirectURI = new URL(callbackPath, settings['url']).toString();
|
|
41
|
-
const scopes = settings['
|
|
51
|
+
const scopes = settings['microsoft_entra_id_scopes'];
|
|
42
52
|
const params = new URLSearchParams({
|
|
43
|
-
client_id: settings['
|
|
53
|
+
client_id: settings['microsoft_entra_id_client_id'],
|
|
44
54
|
redirect_uri: redirectURI,
|
|
45
55
|
response_type: 'code',
|
|
46
56
|
scope: scopes.join(' '),
|
|
47
57
|
response_mode: 'query',
|
|
48
58
|
prompt: 'consent',
|
|
49
59
|
});
|
|
50
|
-
|
|
60
|
+
const authUrl = `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/authorize?${params.toString()}`;
|
|
61
|
+
console.log('[MicrosoftEntraIdProvider] Generated auth URL:', authUrl);
|
|
62
|
+
return authUrl;
|
|
51
63
|
}
|
|
52
64
|
async getProfile(code, type) {
|
|
53
65
|
const settings = await this.setting.getSettingValues([
|
|
54
|
-
'
|
|
55
|
-
'
|
|
56
|
-
'
|
|
57
|
-
'
|
|
66
|
+
'microsoft_entra_id_client_id',
|
|
67
|
+
'microsoft_entra_id_client_secret',
|
|
68
|
+
'microsoft_entra_id_scopes',
|
|
69
|
+
'microsoft_entra_id_tenant_id',
|
|
58
70
|
'url',
|
|
59
71
|
]);
|
|
60
|
-
const tenantId = settings['
|
|
72
|
+
const tenantId = settings['microsoft_entra_id_tenant_id'];
|
|
61
73
|
const token = await this.fetchToken({
|
|
62
74
|
code,
|
|
63
75
|
url: `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/token`,
|
|
64
|
-
clientId: settings['
|
|
65
|
-
clientSecret: settings['
|
|
66
|
-
redirectUri: `${settings['url']}/callback
|
|
76
|
+
clientId: settings['microsoft_entra_id_client_id'],
|
|
77
|
+
clientSecret: settings['microsoft_entra_id_client_secret'],
|
|
78
|
+
redirectUri: `${settings['url']}/oauth/microsoft_entra_id/callback/${type}`,
|
|
67
79
|
});
|
|
68
80
|
const profile = await this.fetchProfile(token.access_token, 'https://graph.microsoft.com/v1.0/me');
|
|
69
81
|
const pictureUrl = 'https://graph.microsoft.com/v1.0/me/photo/$value';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"microsoft-entra-id.provider.js","sourceRoot":"","sources":["../../../src/oauth/providers/microsoft-entra-id.provider.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,yCAA4C;AAC5C,2CAAgE;AAChE,mEAA+D;AAC/D,2DAAwD;AAGjD,IAAM,wBAAwB,GAA9B,MAAM,wBAAyB,SAAQ,qCAAiB;IAC7D,YACE,IAAiB,EAEA,OAAuB;QAExC,KAAK,CAAC,IAAI,CAAC,CAAC;QAFK,YAAO,GAAP,OAAO,CAAgB;IAG1C,CAAC;IAED,eAAe;QACb,OAAO,oBAAoB,CAAC;IAC9B,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,YAAoB;QACnC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC;YACnD,8BAA8B;YAC9B,kCAAkC;YAClC,2BAA2B;YAC3B,8BAA8B;YAC9B,KAAK;SACN,CAAC,CAAC;QAEH,OAAO,CAAC,GAAG,CAAC;
|
|
1
|
+
{"version":3,"file":"microsoft-entra-id.provider.js","sourceRoot":"","sources":["../../../src/oauth/providers/microsoft-entra-id.provider.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,yCAA4C;AAC5C,2CAAgE;AAChE,mEAA+D;AAC/D,2DAAwD;AAGjD,IAAM,wBAAwB,GAA9B,MAAM,wBAAyB,SAAQ,qCAAiB;IAC7D,YACE,IAAiB,EAEA,OAAuB;QAExC,KAAK,CAAC,IAAI,CAAC,CAAC;QAFK,YAAO,GAAP,OAAO,CAAgB;IAG1C,CAAC;IAED,eAAe;QACb,OAAO,oBAAoB,CAAC;IAC9B,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,YAAoB;QACnC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC;YACnD,8BAA8B;YAC9B,kCAAkC;YAClC,2BAA2B;YAC3B,8BAA8B;YAC9B,KAAK;SACN,CAAC,CAAC;QAEH,OAAO,CAAC,GAAG,CAAC,6CAA6C,EAAE;YACzD,SAAS,EAAE,QAAQ,CAAC,8BAA8B,CAAC,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,8BAA8B,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;YAClI,SAAS,EAAE,QAAQ,CAAC,8BAA8B,CAAC,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,8BAA8B,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;YAClI,MAAM,EAAE,QAAQ,CAAC,2BAA2B,CAAC;YAC7C,GAAG,EAAE,QAAQ,CAAC,KAAK,CAAC;SACrB,CAAC,CAAC;QAEH,IACE,CAAC,QAAQ,CAAC,8BAA8B,CAAC;YACzC,CAAC,QAAQ,CAAC,kCAAkC,CAAC;YAC7C,CAAC,QAAQ,CAAC,2BAA2B,CAAC;YACtC,CAAC,QAAQ,CAAC,8BAA8B,CAAC;YACzC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAChB,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,kNAAkN,CAAC,CAAC;QACtO,CAAC;QAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,8BAA8B,CAAC,CAAC;QAC1D,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,YAAY,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;QACtE,MAAM,MAAM,GAAG,QAAQ,CAAC,2BAA2B,CAAC,CAAC;QACrD,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,SAAS,EAAE,QAAQ,CAAC,8BAA8B,CAAC;YACnD,YAAY,EAAE,WAAW;YACzB,aAAa,EAAE,MAAM;YACrB,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;YACvB,aAAa,EAAE,OAAO;YACtB,MAAM,EAAE,SAAS;SAClB,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,qCAAqC,QAAQ,0BAA0B,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;QAC3G,OAAO,CAAC,GAAG,CAAC,gDAAgD,EAAE,OAAO,CAAC,CAAC;QAEvE,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,IAAY,EAAE,IAAY;QACzC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC;YACnD,8BAA8B;YAC9B,kCAAkC;YAClC,2BAA2B;YAC3B,8BAA8B;YAC9B,KAAK;SACN,CAAC,CAAC;QACH,MAAM,QAAQ,GAAG,QAAQ,CAAC,8BAA8B,CAAC,CAAC;QAC1D,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC;YAClC,IAAI;YACJ,GAAG,EAAE,qCAAqC,QAAQ,oBAAoB;YACtE,QAAQ,EAAE,QAAQ,CAAC,8BAA8B,CAAC;YAClD,YAAY,EAAE,QAAQ,CAAC,kCAAkC,CAAC;YAC1D,WAAW,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,sCAAsC,IAAI,EAAE;SAC5E,CAAC,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,YAAY,CACrC,KAAK,CAAC,YAAY,EAClB,qCAAqC,CACtC,CAAC;QACF,MAAM,UAAU,GAAG,kDAAkD,CAAC;QACtE,OAAO;YACL,EAAE,EAAE,OAAO,CAAC,EAAE;YACd,KAAK,EAAE,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,iBAAiB;YAChD,IAAI,EAAE,OAAO,CAAC,WAAW;YACzB,OAAO,EAAE,UAAU;YACnB,YAAY,EAAE;gBACZ,YAAY,EAAE,KAAK,CAAC,YAAY;gBAChC,aAAa,EAAE,KAAK,CAAC,aAAa;gBAClC,UAAU,EAAE,KAAK,CAAC,UAAU;gBAC5B,UAAU,EAAE,KAAK,CAAC,UAAU;aAC7B;SACF,CAAC;IACJ,CAAC;CACF,CAAA;AA3FY,4DAAwB;mCAAxB,wBAAwB;IADpC,IAAA,mBAAU,GAAE;IAIR,WAAA,IAAA,eAAM,EAAC,IAAA,mBAAU,EAAC,GAAG,EAAE,CAAC,gCAAc,CAAC,CAAC,CAAA;qCADnC,mBAAW;QAES,gCAAc;GAJ/B,wBAAwB,CA2FpC"}
|
|
@@ -366,7 +366,7 @@
|
|
|
366
366
|
description:
|
|
367
367
|
en: The OAuth providers accepted
|
|
368
368
|
pt: Os provedores de OAuth aceitos
|
|
369
|
-
value: '[
|
|
369
|
+
value: '[]'
|
|
370
370
|
component: checkbox
|
|
371
371
|
relations:
|
|
372
372
|
setting_list:
|
|
@@ -378,7 +378,7 @@
|
|
|
378
378
|
order: 2
|
|
379
379
|
- value: microsoft
|
|
380
380
|
order: 3
|
|
381
|
-
- value:
|
|
381
|
+
- value: microsoft-entra-id
|
|
382
382
|
order: 4
|
|
383
383
|
- slug: microsoft_entra_id_client_id
|
|
384
384
|
type: string
|
|
@@ -409,7 +409,7 @@
|
|
|
409
409
|
description:
|
|
410
410
|
en: The scopes for Microsoft Entra ID OAuth
|
|
411
411
|
pt: Os escopos para o OAuth do Microsoft Entra ID
|
|
412
|
-
value: '["openid","profile","email"]'
|
|
412
|
+
value: '["openid","profile","email","User.Read"]'
|
|
413
413
|
component: checkbox
|
|
414
414
|
relations:
|
|
415
415
|
setting_list:
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@hed-hog/core",
|
|
3
|
-
"version": "0.0.
|
|
3
|
+
"version": "0.0.154",
|
|
4
4
|
"main": "dist/index.js",
|
|
5
5
|
"types": "dist/index.d.ts",
|
|
6
6
|
"dependencies": {
|
|
@@ -30,11 +30,11 @@
|
|
|
30
30
|
"speakeasy": "^2.0.0",
|
|
31
31
|
"uuid": "^11.1.0",
|
|
32
32
|
"@hed-hog/api-locale": "0.0.11",
|
|
33
|
-
"@hed-hog/api-prisma": "0.0.4",
|
|
34
33
|
"@hed-hog/api-mail": "0.0.7",
|
|
35
|
-
"@hed-hog/api-
|
|
34
|
+
"@hed-hog/api-prisma": "0.0.4",
|
|
36
35
|
"@hed-hog/types": "0.0.1",
|
|
37
|
-
"@hed-hog/api": "0.0.3"
|
|
36
|
+
"@hed-hog/api": "0.0.3",
|
|
37
|
+
"@hed-hog/api-pagination": "0.0.5"
|
|
38
38
|
},
|
|
39
39
|
"exports": {
|
|
40
40
|
".": {
|
|
@@ -36,9 +36,9 @@ export class OAuthController {
|
|
|
36
36
|
@Public()
|
|
37
37
|
@Get(':provider/login')
|
|
38
38
|
async login(@Param('provider') provider: string, @Res() res) {
|
|
39
|
-
const url = this.service.getAuthUrl(
|
|
39
|
+
const url = await this.service.getAuthUrl(
|
|
40
40
|
provider as user_account_provider_enum,
|
|
41
|
-
`/
|
|
41
|
+
`/oauth/${provider}/callback/login`,
|
|
42
42
|
);
|
|
43
43
|
return res.redirect(url);
|
|
44
44
|
}
|
|
@@ -47,9 +47,9 @@ export class OAuthController {
|
|
|
47
47
|
@Public()
|
|
48
48
|
@Get(':provider/register')
|
|
49
49
|
async register(@Param('provider') provider: string, @Res() res) {
|
|
50
|
-
const url = this.service.getAuthUrl(
|
|
50
|
+
const url = await this.service.getAuthUrl(
|
|
51
51
|
provider as user_account_provider_enum,
|
|
52
|
-
`/
|
|
52
|
+
`/oauth/${provider}/callback/register`,
|
|
53
53
|
);
|
|
54
54
|
return res.redirect(url);
|
|
55
55
|
}
|
|
@@ -60,7 +60,7 @@ export class OAuthController {
|
|
|
60
60
|
async connect(@Param('provider') provider: string, @Res() res) {
|
|
61
61
|
const url = this.service.getAuthUrl(
|
|
62
62
|
provider as user_account_provider_enum,
|
|
63
|
-
`/
|
|
63
|
+
`/oauth/${provider}/callback/connect`,
|
|
64
64
|
);
|
|
65
65
|
return res.redirect(url);
|
|
66
66
|
}
|
|
@@ -26,39 +26,56 @@ export class MicrosoftEntraIdProvider extends BaseOAuthProvider {
|
|
|
26
26
|
'url',
|
|
27
27
|
]);
|
|
28
28
|
|
|
29
|
-
console.log({
|
|
30
|
-
settings
|
|
31
|
-
|
|
29
|
+
console.log('[MicrosoftEntraIdProvider] Settings loaded:', {
|
|
30
|
+
client_id: settings['microsoft_entra_id_client_id'] ? `${settings['microsoft_entra_id_client_id'].substring(0, 8)}...` : 'NOT SET',
|
|
31
|
+
tenant_id: settings['microsoft_entra_id_tenant_id'] ? `${settings['microsoft_entra_id_tenant_id'].substring(0, 8)}...` : 'NOT SET',
|
|
32
|
+
scopes: settings['microsoft_entra_id_scopes'],
|
|
33
|
+
url: settings['url'],
|
|
34
|
+
});
|
|
35
|
+
|
|
36
|
+
if (
|
|
37
|
+
!settings['microsoft_entra_id_client_id'] ||
|
|
38
|
+
!settings['microsoft_entra_id_client_secret'] ||
|
|
39
|
+
!settings['microsoft_entra_id_scopes'] ||
|
|
40
|
+
!settings['microsoft_entra_id_tenant_id'] ||
|
|
41
|
+
!settings['url']
|
|
42
|
+
) {
|
|
43
|
+
throw new Error('Microsoft Entra ID OAuth is not configured properly. Please configure microsoft_entra_id_client_id, microsoft_entra_id_client_secret, microsoft_entra_id_scopes, microsoft_entra_id_tenant_id, and url settings.');
|
|
44
|
+
}
|
|
32
45
|
|
|
33
|
-
const tenantId = settings['
|
|
46
|
+
const tenantId = settings['microsoft_entra_id_tenant_id'];
|
|
34
47
|
const redirectURI = new URL(callbackPath, settings['url']).toString();
|
|
35
|
-
const scopes = settings['
|
|
48
|
+
const scopes = settings['microsoft_entra_id_scopes'];
|
|
36
49
|
const params = new URLSearchParams({
|
|
37
|
-
client_id: settings['
|
|
50
|
+
client_id: settings['microsoft_entra_id_client_id'],
|
|
38
51
|
redirect_uri: redirectURI,
|
|
39
52
|
response_type: 'code',
|
|
40
53
|
scope: scopes.join(' '),
|
|
41
54
|
response_mode: 'query',
|
|
42
55
|
prompt: 'consent',
|
|
43
56
|
});
|
|
44
|
-
|
|
57
|
+
|
|
58
|
+
const authUrl = `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/authorize?${params.toString()}`;
|
|
59
|
+
console.log('[MicrosoftEntraIdProvider] Generated auth URL:', authUrl);
|
|
60
|
+
|
|
61
|
+
return authUrl;
|
|
45
62
|
}
|
|
46
63
|
|
|
47
64
|
async getProfile(code: string, type: string): Promise<any> {
|
|
48
65
|
const settings = await this.setting.getSettingValues([
|
|
49
|
-
'
|
|
50
|
-
'
|
|
51
|
-
'
|
|
52
|
-
'
|
|
66
|
+
'microsoft_entra_id_client_id',
|
|
67
|
+
'microsoft_entra_id_client_secret',
|
|
68
|
+
'microsoft_entra_id_scopes',
|
|
69
|
+
'microsoft_entra_id_tenant_id',
|
|
53
70
|
'url',
|
|
54
71
|
]);
|
|
55
|
-
const tenantId = settings['
|
|
72
|
+
const tenantId = settings['microsoft_entra_id_tenant_id'];
|
|
56
73
|
const token = await this.fetchToken({
|
|
57
74
|
code,
|
|
58
75
|
url: `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/token`,
|
|
59
|
-
clientId: settings['
|
|
60
|
-
clientSecret: settings['
|
|
61
|
-
redirectUri: `${settings['url']}/callback
|
|
76
|
+
clientId: settings['microsoft_entra_id_client_id'],
|
|
77
|
+
clientSecret: settings['microsoft_entra_id_client_secret'],
|
|
78
|
+
redirectUri: `${settings['url']}/oauth/microsoft_entra_id/callback/${type}`,
|
|
62
79
|
});
|
|
63
80
|
const profile = await this.fetchProfile(
|
|
64
81
|
token.access_token,
|