@tiledesk/tiledesk-server 2.3.125 → 2.3.127
Sign up to get free protection for your applications and to get access to all the features.
package/middleware/passport.js
CHANGED
@@ -4,6 +4,7 @@ var ExtractJwt = passportJWT.ExtractJwt;
|
|
4
4
|
|
5
5
|
var passportHttp = require("passport-http");
|
6
6
|
var BasicStrategy = passportHttp.BasicStrategy;
|
7
|
+
var GoogleStrategy = require('passport-google-oidc');
|
7
8
|
|
8
9
|
var winston = require('../config/winston');
|
9
10
|
// var AnonymousStrategy = require('passport-anonymous').Strategy;
|
@@ -14,12 +15,19 @@ var config = require('../config/database'); // get db config file
|
|
14
15
|
var Faq_kb = require("../models/faq_kb");
|
15
16
|
var Project = require('../models/project');
|
16
17
|
var Subscription = require('../models/subscription');
|
18
|
+
|
19
|
+
var Auth = require('../models/auth');
|
20
|
+
var userService = require('../services/userService');
|
21
|
+
|
17
22
|
var UserUtil = require('../utils/userUtil');
|
18
23
|
var jwt = require('jsonwebtoken');
|
19
24
|
const url = require('url');
|
20
25
|
var cacheUtil = require('../utils/cacheUtil');
|
21
26
|
var cacheEnabler = require("../services/cacheEnabler");
|
22
27
|
|
28
|
+
var uniqid = require('uniqid');
|
29
|
+
|
30
|
+
|
23
31
|
const MaskData = require("maskdata");
|
24
32
|
|
25
33
|
const maskOptions = {
|
@@ -57,7 +65,11 @@ if (pKey) {
|
|
57
65
|
var maskedconfigSecret = MaskData.maskPhone(configSecret, maskOptions);
|
58
66
|
winston.info('Authentication Global Secret : ' + maskedconfigSecret);
|
59
67
|
|
60
|
-
|
68
|
+
var enableGoogleSignin = false;
|
69
|
+
if (process.env.GOOGLE_SIGNIN_ENABLED=="true" || process.env.GOOGLE_SIGNIN_ENABLED == true) {
|
70
|
+
enableGoogleSignin = true;
|
71
|
+
}
|
72
|
+
winston.info('Authentication Google Signin enabled : ' + enableGoogleSignin);
|
61
73
|
|
62
74
|
|
63
75
|
var jwthistory = undefined;
|
@@ -431,11 +443,126 @@ module.exports = function(passport) {
|
|
431
443
|
// if (!user) { return done(null, false); }
|
432
444
|
// if (!user.verifyPassword(password)) { return done(null, false); }
|
433
445
|
});
|
434
|
-
}
|
435
|
-
|
436
|
-
|
437
|
-
|
438
|
-
|
446
|
+
}));
|
447
|
+
|
448
|
+
|
449
|
+
|
450
|
+
|
451
|
+
|
452
|
+
if (enableGoogleSignin==true) {
|
453
|
+
let googleClientId = process.env.GOOGLE_CLIENT_ID;
|
454
|
+
let googleClientSecret = process.env.GOOGLE_CLIENT_SECRET;
|
455
|
+
let googleCallbackURL = process.env.GOOGLE_CALLBACK_URL || "http://localhost:3000/auth/google/callback";
|
456
|
+
|
457
|
+
winston.info("Enabling Google Signin strategy with ClientId: " + googleClientId + " callbackURL: " + googleCallbackURL + " clientSecret: " + googleClientSecret );
|
458
|
+
|
459
|
+
passport.use(new GoogleStrategy({
|
460
|
+
clientID: googleClientId,
|
461
|
+
clientSecret: googleClientSecret,
|
462
|
+
callbackURL: googleCallbackURL // 'https://www.example.com/oauth2/redirect/google'
|
463
|
+
},
|
464
|
+
function(issuer, profile, cb) {
|
465
|
+
|
466
|
+
winston.info("issuer: "+issuer)
|
467
|
+
winston.info("profile", profile)
|
468
|
+
// winston.info("cb", cb)
|
469
|
+
|
470
|
+
var email = profile.emails[0].value;
|
471
|
+
winston.info("email: "+email)
|
472
|
+
|
473
|
+
var query = {providerId : issuer, subject: profile.id};
|
474
|
+
winston.debug("query", query)
|
475
|
+
|
476
|
+
Auth.findOne(query, function(err, cred){
|
477
|
+
winston.debug("cred", cred, err)
|
478
|
+
|
479
|
+
// db.get('SELECT * FROM federated_credentials WHERE provider = ? AND subject = ?', [
|
480
|
+
// issuer,
|
481
|
+
// profile.id
|
482
|
+
// ], function(err, cred) {
|
483
|
+
|
484
|
+
winston.debug("11")
|
485
|
+
|
486
|
+
|
487
|
+
if (err) { return cb(err); }
|
488
|
+
|
489
|
+
winston.debug("12")
|
490
|
+
|
491
|
+
if (!cred) {
|
492
|
+
winston.debug("13")
|
493
|
+
// The Google account has not logged in to this app before. Create a
|
494
|
+
// new user record and link it to the Google account.
|
495
|
+
|
496
|
+
// db.run('INSERT INTO users (name) VALUES (?)', [
|
497
|
+
// profile.displayName
|
498
|
+
// ], function(err) {
|
499
|
+
|
500
|
+
var password = uniqid()
|
501
|
+
|
502
|
+
|
503
|
+
|
504
|
+
userService.signup(email, password, undefined, profile.displayName, true)
|
505
|
+
.then(function (savedUser) {
|
506
|
+
|
507
|
+
|
508
|
+
// if (err) { return cb(err); }
|
509
|
+
|
510
|
+
winston.debug("savedUser", savedUser)
|
511
|
+
|
512
|
+
var auth = new Auth({
|
513
|
+
providerId: issuer,
|
514
|
+
subject: profile.id,
|
515
|
+
});
|
516
|
+
auth.save(function (err, authSaved) {
|
517
|
+
|
518
|
+
// db.run('INSERT INTO federated_credentials (user_id, provider, subject) VALUES (?, ?, ?)', [
|
519
|
+
// id,
|
520
|
+
// issuer,
|
521
|
+
// profile.id
|
522
|
+
// ], function(err) {
|
523
|
+
|
524
|
+
|
525
|
+
if (err) { return cb(err); }
|
526
|
+
|
527
|
+
winston.debug("authSaved", authSaved)
|
528
|
+
|
529
|
+
// var user = {
|
530
|
+
// id: id.toString(),
|
531
|
+
// name: profile.displayName
|
532
|
+
// };
|
533
|
+
// var user = {
|
534
|
+
// id: "1232321321321321",
|
535
|
+
// name: "Google andrea"
|
536
|
+
// };
|
537
|
+
return cb(null, savedUser);
|
538
|
+
});
|
539
|
+
}).catch(function(err) {
|
540
|
+
winston.error("Error signup google ", err);
|
541
|
+
return cb(err);
|
542
|
+
});
|
543
|
+
} else {
|
544
|
+
|
545
|
+
winston.debug("else")
|
546
|
+
// The Google account has previously logged in to the app. Get the
|
547
|
+
// user record linked to the Google account and log the user in.
|
548
|
+
|
549
|
+
User.findOne({
|
550
|
+
email: email, status: 100
|
551
|
+
}, 'email firstname lastname password emailverified id', function (err, user) {
|
552
|
+
|
553
|
+
winston.debug("user",user, err);
|
554
|
+
// db.get('SELECT * FROM users WHERE id = ?', [ cred.user_id ], function(err, user) {
|
555
|
+
if (err) { return cb(err); }
|
556
|
+
if (!user) { return cb(null, false); }
|
557
|
+
return cb(null, user);
|
558
|
+
});
|
559
|
+
}
|
560
|
+
});
|
561
|
+
}
|
562
|
+
));
|
563
|
+
|
564
|
+
}
|
565
|
+
|
439
566
|
|
440
567
|
|
441
568
|
// var OidcStrategy = require('passport-openidconnect').Strategy;
|
package/package.json
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
{
|
2
2
|
"name": "@tiledesk/tiledesk-server",
|
3
3
|
"description": "The Tiledesk server module",
|
4
|
-
"version": "2.3.
|
4
|
+
"version": "2.3.127",
|
5
5
|
"scripts": {
|
6
6
|
"start": "node ./bin/www",
|
7
7
|
"pretest": "mongodb-runner start",
|
@@ -44,7 +44,7 @@
|
|
44
44
|
"@tiledesk/tiledesk-kaleyra-proxy": "^0.1.7",
|
45
45
|
"@tiledesk/tiledesk-messenger-connector": "0.1.8",
|
46
46
|
"@tiledesk/tiledesk-rasa-connector": "^1.0.10",
|
47
|
-
"@tiledesk/tiledesk-tybot-connector": "^0.1.
|
47
|
+
"@tiledesk/tiledesk-tybot-connector": "^0.1.76",
|
48
48
|
"@tiledesk/tiledesk-whatsapp-connector": "^0.1.43",
|
49
49
|
"amqplib": "^0.5.5",
|
50
50
|
"app-root-path": "^3.0.0",
|
@@ -392,9 +392,12 @@
|
|
392
392
|
|
393
393
|
botEvent.on("faqbot.create", function(faq_kb) {
|
394
394
|
setImmediate(() => {
|
395
|
+
let clonedbot = Object.assign({}, faq_kb);
|
396
|
+
delete clonedbot.secret;
|
397
|
+
|
395
398
|
var key = faq_kb.id_project+":faq_kbs:id:"+faq_kb._id;
|
396
399
|
winston.verbose("Creating cache for faq_kb.create with key: " + key);
|
397
|
-
client.set(key,
|
400
|
+
client.set(key, clonedbot, cacheUtil.defaultTTL, (err, reply) => {
|
398
401
|
winston.debug("Created cache for faq_kb.create",reply);
|
399
402
|
winston.verbose("Created cache for faq_kb.create",{err:err});
|
400
403
|
});
|
@@ -639,6 +642,7 @@
|
|
639
642
|
subscriptionEvent.on('subscription.create', function(trigger) {
|
640
643
|
setImmediate(() => {
|
641
644
|
|
645
|
+
//TODO i think you must clone trigger and remove .secret before caching
|
642
646
|
var key =trigger.id_project+":subscriptions:*";
|
643
647
|
winston.verbose("Deleting cache for subscription.create with key: " + key);
|
644
648
|
client.del(key, function (err, reply) {
|
package/routes/auth.js
CHANGED
@@ -451,6 +451,56 @@ function (req, res) {
|
|
451
451
|
});
|
452
452
|
});
|
453
453
|
|
454
|
+
|
455
|
+
|
456
|
+
// Redirect the user to the Google signin page</em>
|
457
|
+
router.get("/google", passport.authenticate("google", { scope: ["email", "profile"] }));
|
458
|
+
|
459
|
+
// Retrieve user data using the access token received</em>
|
460
|
+
router.get("/google/callback", passport.authenticate("google", { session: false }), (req, res) => {
|
461
|
+
// res.redirect("/auth/profile/");
|
462
|
+
|
463
|
+
var user = req.user;
|
464
|
+
winston.debug("user", user);
|
465
|
+
|
466
|
+
var userJson = user.toObject();
|
467
|
+
|
468
|
+
var signOptions = {
|
469
|
+
issuer: 'https://tiledesk.com',
|
470
|
+
subject: 'user',
|
471
|
+
audience: 'https://tiledesk.com',
|
472
|
+
jwtid: uuidv4()
|
473
|
+
|
474
|
+
};
|
475
|
+
|
476
|
+
var alg = process.env.GLOBAL_SECRET_ALGORITHM;
|
477
|
+
if (alg) {
|
478
|
+
signOptions.algorithm = alg;
|
479
|
+
}
|
480
|
+
|
481
|
+
|
482
|
+
var token = jwt.sign(userJson, configSecret, signOptions); //priv_jwt pp_jwt
|
483
|
+
|
484
|
+
|
485
|
+
// return the information including token as JSON
|
486
|
+
// res.json(returnObject);
|
487
|
+
|
488
|
+
var url = process.env.EMAIL_BASEURL+"?token=JWT "+token;
|
489
|
+
winston.debug("url: "+ url);
|
490
|
+
|
491
|
+
res.redirect(url);
|
492
|
+
|
493
|
+
|
494
|
+
|
495
|
+
|
496
|
+
}
|
497
|
+
);
|
498
|
+
// profile route after successful sign in</em>
|
499
|
+
// router.get("/profile", (req, res) => {
|
500
|
+
// console.log(req);
|
501
|
+
// res.send("Welcome");
|
502
|
+
// });
|
503
|
+
|
454
504
|
// VERIFY EMAIL
|
455
505
|
router.put('/verifyemail/:userid', function (req, res) {
|
456
506
|
|
package/routes/faq_kb.js
CHANGED
@@ -826,7 +826,7 @@ router.post('/importjson/:id_faq_kb', upload.single('uploadFile'), async (req, r
|
|
826
826
|
|
827
827
|
router.get('/exportjson/:id_faq_kb', (req, res) => {
|
828
828
|
|
829
|
-
winston.
|
829
|
+
winston.debug("exporting bot...")
|
830
830
|
|
831
831
|
|
832
832
|
let id_faq_kb = req.params.id_faq_kb;
|
@@ -51,7 +51,14 @@ class BotSubscriptionNotifier {
|
|
51
51
|
};
|
52
52
|
|
53
53
|
// TODO metti bot_? a user._id
|
54
|
-
|
54
|
+
|
55
|
+
// tolgo description, attributes
|
56
|
+
let botPayload = bot.toObject();
|
57
|
+
delete botPayload.secret;
|
58
|
+
delete botPayload.description;
|
59
|
+
delete botPayload.attributes;
|
60
|
+
|
61
|
+
var token = jwt.sign(botPayload, botWithSecret.secret, signOptions);
|
55
62
|
json["token"] = token;
|
56
63
|
|
57
64
|
|