@tiledesk/tiledesk-server 2.10.103 → 2.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +5 -1
- package/app.js +6 -1
- package/deploy.sh +1 -1
- package/middleware/passport.js +4 -3
- package/package.json +2 -2
- package/routes/auth.js +7 -7
package/CHANGELOG.md
CHANGED
|
@@ -5,8 +5,12 @@
|
|
|
5
5
|
🚀 IN PRODUCTION 🚀
|
|
6
6
|
(https://www.npmjs.com/package/@tiledesk/tiledesk-server/v/2.3.77)
|
|
7
7
|
|
|
8
|
-
# 2.
|
|
8
|
+
# 2.11.0
|
|
9
|
+
- Added: authentication via Keycloak
|
|
10
|
+
|
|
11
|
+
# 2.10.104
|
|
9
12
|
- Update: standard/hybrid namespace management
|
|
13
|
+
- Update: tybot-connector to 2.0.21
|
|
10
14
|
|
|
11
15
|
# 2.10.102
|
|
12
16
|
- Update: substituted encode with DOMPurify.sanitize for direct email
|
package/app.js
CHANGED
|
@@ -344,7 +344,12 @@ if (process.env.DISABLE_SESSION_STRATEGY==true || process.env.DISABLE_SESSION_S
|
|
|
344
344
|
store: redisStore,
|
|
345
345
|
resave: false, // required: force lightweight session keep alive (touch)
|
|
346
346
|
saveUninitialized: false, // recommended: only save session when data exists
|
|
347
|
-
secret: sessionSecret
|
|
347
|
+
secret: sessionSecret,
|
|
348
|
+
cookie: {
|
|
349
|
+
secure: true, // ✅ Use HTTPS
|
|
350
|
+
httpOnly: true, // ✅ Only accessible by the server (not client-side JS)
|
|
351
|
+
sameSite: 'None' // ✅ Allows cross-origin (e.g., Keycloak on a different domain)
|
|
352
|
+
}
|
|
348
353
|
})
|
|
349
354
|
)
|
|
350
355
|
winston.info("Express Session with Redis enabled with Secret: " + sessionSecret);
|
package/deploy.sh
CHANGED
package/middleware/passport.js
CHANGED
|
@@ -641,7 +641,8 @@ if (enableOauth2Signin==true) {
|
|
|
641
641
|
tokenURL: process.env.OAUTH2_TOKEN_URL,
|
|
642
642
|
clientID: process.env.OAUTH2_CLIENT_ID,
|
|
643
643
|
clientSecret: process.env.OAUTH2_CLIENT_SECRET,
|
|
644
|
-
callbackURL: process.env.OAUTH2_CALLBACK_URL || "http://localhost:3000/auth/oauth2/callback"
|
|
644
|
+
callbackURL: process.env.OAUTH2_CALLBACK_URL || "http://localhost:3000/auth/oauth2/callback",
|
|
645
|
+
scope: ['openid'],
|
|
645
646
|
},
|
|
646
647
|
function(accessToken, refreshToken, params, profile, cb) {
|
|
647
648
|
winston.debug("params", params);
|
|
@@ -650,7 +651,7 @@ if (enableOauth2Signin==true) {
|
|
|
650
651
|
const token = jwt.decode(accessToken); // user id lives in here
|
|
651
652
|
winston.debug("token", token);
|
|
652
653
|
|
|
653
|
-
const profileInfo = jwt.decode(params.
|
|
654
|
+
const profileInfo = jwt.decode(params.access_token); // user email lives in here
|
|
654
655
|
winston.debug("profileInfo", profileInfo);
|
|
655
656
|
|
|
656
657
|
winston.debug("profile", profile);
|
|
@@ -673,7 +674,7 @@ if (enableOauth2Signin==true) {
|
|
|
673
674
|
// new user record and link it to the oauth account.
|
|
674
675
|
var password = uniqid()
|
|
675
676
|
// signup ( email, password, firstname, lastname, emailverified) {
|
|
676
|
-
userService.signup(email, password,
|
|
677
|
+
userService.signup(email, password, profileInfo.name || profileInfo.preferred_username, "", true)
|
|
677
678
|
.then(function (savedUser) {
|
|
678
679
|
|
|
679
680
|
winston.debug("savedUser", savedUser)
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@tiledesk/tiledesk-server",
|
|
3
3
|
"description": "The Tiledesk server module",
|
|
4
|
-
"version": "2.
|
|
4
|
+
"version": "2.11.0",
|
|
5
5
|
"scripts": {
|
|
6
6
|
"start": "node ./bin/www",
|
|
7
7
|
"pretest": "mongodb-runner start",
|
|
@@ -49,7 +49,7 @@
|
|
|
49
49
|
"@tiledesk/tiledesk-rasa-connector": "^1.0.10",
|
|
50
50
|
"@tiledesk/tiledesk-sms-connector": "^0.1.11",
|
|
51
51
|
"@tiledesk/tiledesk-telegram-connector": "^0.1.14",
|
|
52
|
-
"@tiledesk/tiledesk-tybot-connector": "^2.0.
|
|
52
|
+
"@tiledesk/tiledesk-tybot-connector": "^2.0.21",
|
|
53
53
|
"@tiledesk/tiledesk-voice-twilio-connector": "^0.1.22",
|
|
54
54
|
"@tiledesk/tiledesk-vxml-connector": "^0.1.76",
|
|
55
55
|
"@tiledesk/tiledesk-whatsapp-connector": "^0.1.84",
|
package/routes/auth.js
CHANGED
|
@@ -781,23 +781,23 @@ router.get("/oauth2", function(req,res,next){
|
|
|
781
781
|
req.session.forced_redirect_url = req.query.forced_redirect_url;
|
|
782
782
|
|
|
783
783
|
passport.authenticate(
|
|
784
|
-
|
|
784
|
+
'oauth2'
|
|
785
785
|
)(req,res,next);
|
|
786
786
|
});
|
|
787
787
|
|
|
788
788
|
// router.get('/oauth2',
|
|
789
789
|
// passport.authenticate('oauth2'));
|
|
790
790
|
|
|
791
|
-
|
|
791
|
+
router.get('/oauth2/callback',
|
|
792
792
|
passport.authenticate('oauth2', { session: false}),
|
|
793
793
|
function(req, res) {
|
|
794
|
-
winston.debug("'/oauth2/callback: ");
|
|
795
|
-
|
|
794
|
+
winston.debug("'/oauth2/callback: ", req.query);
|
|
795
|
+
winston.debug("/oauth2/callback --> req.session.redirect_url", req.session.redirect_url);
|
|
796
|
+
winston.debug("/oauth2/callback --> req.session.forced_redirect_url", req.session.forced_redirect_url);
|
|
797
|
+
|
|
796
798
|
var user = req.user;
|
|
797
799
|
winston.debug("user", user);
|
|
798
|
-
winston.debug("req.session.redirect_url: "+ req.session.redirect_url);
|
|
799
|
-
|
|
800
|
-
|
|
800
|
+
winston.debug("req.session.redirect_url: "+ req.session.redirect_url);
|
|
801
801
|
var userJson = user.toObject();
|
|
802
802
|
|
|
803
803
|
delete userJson.password;
|