strapi-plugin-oidc 1.0.17 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/admin/{index-Dc3dS0bs.js → index-BEJGt6t1.js} +1 -1
- package/dist/admin/{index-Uf8y9MCa.mjs → index-CILUKj10.mjs} +1 -1
- package/dist/admin/{index-CnfUHUlY.js → index-DjcgmYQl.js} +11 -6
- package/dist/admin/{index-CaPOaw8Q.mjs → index-QgIxjc0g.mjs} +11 -6
- package/dist/admin/index.js +1 -1
- package/dist/admin/index.mjs +1 -1
- package/dist/server/index.js +31 -12
- package/dist/server/index.mjs +31 -12
- package/package.json +11 -7
|
@@ -7,7 +7,7 @@ const react = require("react");
|
|
|
7
7
|
const designSystem = require("@strapi/design-system");
|
|
8
8
|
const icons = require("@strapi/icons");
|
|
9
9
|
const reactIntl = require("react-intl");
|
|
10
|
-
const index = require("./index-
|
|
10
|
+
const index = require("./index-DjcgmYQl.js");
|
|
11
11
|
const en = require("./en-8UlbiAHW.js");
|
|
12
12
|
const styled = require("styled-components");
|
|
13
13
|
const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
|
|
@@ -5,7 +5,7 @@ import { useState, useCallback, useEffect, memo } from "react";
|
|
|
5
5
|
import { Typography, Flex, Box, MultiSelect, MultiSelectOption, Field, Button, Divider, Thead, Tr, Th, Tbody, Td, Dialog, IconButton, Pagination, PreviousLink, PageLink, NextLink, Table, Alert } from "@strapi/design-system";
|
|
6
6
|
import { Plus, Trash, WarningCircle } from "@strapi/icons";
|
|
7
7
|
import { useIntl } from "react-intl";
|
|
8
|
-
import { p as pluginId } from "./index-
|
|
8
|
+
import { p as pluginId } from "./index-QgIxjc0g.mjs";
|
|
9
9
|
import en from "./en-DInn-mdh.mjs";
|
|
10
10
|
import styled from "styled-components";
|
|
11
11
|
function getTrad(id) {
|
|
@@ -55,7 +55,7 @@ const index = {
|
|
|
55
55
|
defaultMessage: "Configuration"
|
|
56
56
|
},
|
|
57
57
|
Component: async () => {
|
|
58
|
-
return await Promise.resolve().then(() => require("./index-
|
|
58
|
+
return await Promise.resolve().then(() => require("./index-BEJGt6t1.js"));
|
|
59
59
|
},
|
|
60
60
|
permissions: [{ action: "plugin::strapi-plugin-oidc.read", subject: null }]
|
|
61
61
|
}
|
|
@@ -67,22 +67,20 @@ const index = {
|
|
|
67
67
|
});
|
|
68
68
|
},
|
|
69
69
|
bootstrap() {
|
|
70
|
+
let isLogoutInProgress = false;
|
|
71
|
+
const isAuthRoute = (path) => /\/auth\/(login|register|forgot-password|reset-password)/.test(path);
|
|
70
72
|
const checkEnforceOIDC = async () => {
|
|
71
73
|
try {
|
|
72
74
|
const response = await window.fetch("/strapi-plugin-oidc/settings/public");
|
|
73
75
|
if (response.ok) {
|
|
74
76
|
const data = await response.json();
|
|
75
77
|
if (data.enforceOIDC) {
|
|
76
|
-
const currentPath = window.location.pathname;
|
|
77
|
-
if (currentPath.endsWith("/auth/login")) {
|
|
78
|
-
window.location.href = "/strapi-plugin-oidc/oidc";
|
|
79
|
-
}
|
|
80
78
|
const interceptHistory = (originalMethod) => {
|
|
81
79
|
return function(...args) {
|
|
82
80
|
const url = args[2];
|
|
83
81
|
if (url && typeof url === "string") {
|
|
84
82
|
const urlWithoutQuery = url.split("?")[0].split("#")[0];
|
|
85
|
-
if (urlWithoutQuery
|
|
83
|
+
if (isAuthRoute(urlWithoutQuery) && !isLogoutInProgress) {
|
|
86
84
|
window.location.href = "/strapi-plugin-oidc/oidc";
|
|
87
85
|
return;
|
|
88
86
|
}
|
|
@@ -103,9 +101,16 @@ const index = {
|
|
|
103
101
|
window.fetch = async (...args) => {
|
|
104
102
|
const url = typeof args[0] === "string" ? args[0] : args[0].url;
|
|
105
103
|
const isLogout = url && url.endsWith("/admin/logout") && args[1]?.method?.toUpperCase() === "POST";
|
|
104
|
+
if (isLogout) {
|
|
105
|
+
isLogoutInProgress = true;
|
|
106
|
+
}
|
|
106
107
|
const response = await originalFetch(...args);
|
|
107
108
|
if (isLogout && response.ok) {
|
|
108
109
|
window.location.href = "/strapi-plugin-oidc/logout";
|
|
110
|
+
return new Promise(() => {
|
|
111
|
+
});
|
|
112
|
+
} else if (isLogout) {
|
|
113
|
+
isLogoutInProgress = false;
|
|
109
114
|
}
|
|
110
115
|
return response;
|
|
111
116
|
};
|
|
@@ -54,7 +54,7 @@ const index = {
|
|
|
54
54
|
defaultMessage: "Configuration"
|
|
55
55
|
},
|
|
56
56
|
Component: async () => {
|
|
57
|
-
return await import("./index-
|
|
57
|
+
return await import("./index-CILUKj10.mjs");
|
|
58
58
|
},
|
|
59
59
|
permissions: [{ action: "plugin::strapi-plugin-oidc.read", subject: null }]
|
|
60
60
|
}
|
|
@@ -66,22 +66,20 @@ const index = {
|
|
|
66
66
|
});
|
|
67
67
|
},
|
|
68
68
|
bootstrap() {
|
|
69
|
+
let isLogoutInProgress = false;
|
|
70
|
+
const isAuthRoute = (path) => /\/auth\/(login|register|forgot-password|reset-password)/.test(path);
|
|
69
71
|
const checkEnforceOIDC = async () => {
|
|
70
72
|
try {
|
|
71
73
|
const response = await window.fetch("/strapi-plugin-oidc/settings/public");
|
|
72
74
|
if (response.ok) {
|
|
73
75
|
const data = await response.json();
|
|
74
76
|
if (data.enforceOIDC) {
|
|
75
|
-
const currentPath = window.location.pathname;
|
|
76
|
-
if (currentPath.endsWith("/auth/login")) {
|
|
77
|
-
window.location.href = "/strapi-plugin-oidc/oidc";
|
|
78
|
-
}
|
|
79
77
|
const interceptHistory = (originalMethod) => {
|
|
80
78
|
return function(...args) {
|
|
81
79
|
const url = args[2];
|
|
82
80
|
if (url && typeof url === "string") {
|
|
83
81
|
const urlWithoutQuery = url.split("?")[0].split("#")[0];
|
|
84
|
-
if (urlWithoutQuery
|
|
82
|
+
if (isAuthRoute(urlWithoutQuery) && !isLogoutInProgress) {
|
|
85
83
|
window.location.href = "/strapi-plugin-oidc/oidc";
|
|
86
84
|
return;
|
|
87
85
|
}
|
|
@@ -102,9 +100,16 @@ const index = {
|
|
|
102
100
|
window.fetch = async (...args) => {
|
|
103
101
|
const url = typeof args[0] === "string" ? args[0] : args[0].url;
|
|
104
102
|
const isLogout = url && url.endsWith("/admin/logout") && args[1]?.method?.toUpperCase() === "POST";
|
|
103
|
+
if (isLogout) {
|
|
104
|
+
isLogoutInProgress = true;
|
|
105
|
+
}
|
|
105
106
|
const response = await originalFetch(...args);
|
|
106
107
|
if (isLogout && response.ok) {
|
|
107
108
|
window.location.href = "/strapi-plugin-oidc/logout";
|
|
109
|
+
return new Promise(() => {
|
|
110
|
+
});
|
|
111
|
+
} else if (isLogout) {
|
|
112
|
+
isLogoutInProgress = false;
|
|
108
113
|
}
|
|
109
114
|
return response;
|
|
110
115
|
};
|
package/dist/admin/index.js
CHANGED
package/dist/admin/index.mjs
CHANGED
package/dist/server/index.js
CHANGED
|
@@ -12,22 +12,41 @@ function register$1() {
|
|
|
12
12
|
}
|
|
13
13
|
async function bootstrap({ strapi: strapi2 }) {
|
|
14
14
|
strapi2.server.use(async (ctx, next) => {
|
|
15
|
-
|
|
15
|
+
const adminUrl = strapi2.config.get("admin.url", "/admin");
|
|
16
|
+
const authRoutes = [
|
|
17
|
+
`${adminUrl}/login`,
|
|
18
|
+
`${adminUrl}/register`,
|
|
19
|
+
`${adminUrl}/forgot-password`,
|
|
20
|
+
`${adminUrl}/reset-password`
|
|
21
|
+
];
|
|
22
|
+
const isPostAuth = authRoutes.includes(ctx.request.path) && ctx.request.method === "POST";
|
|
23
|
+
const isHtmlRequest = ctx.request.accepts("html") && !ctx.request.path.match(/\.[a-zA-Z0-9]+$/);
|
|
24
|
+
const isGetAdminHtml = ctx.request.method === "GET" && ctx.request.path.startsWith(adminUrl) && isHtmlRequest;
|
|
25
|
+
if (isPostAuth || isGetAdminHtml) {
|
|
16
26
|
try {
|
|
17
27
|
const whitelistService2 = strapi2.plugin("strapi-plugin-oidc").service("whitelist");
|
|
18
28
|
const settings = await whitelistService2.getSettings();
|
|
19
|
-
if (settings
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
29
|
+
if (settings?.enforceOIDC) {
|
|
30
|
+
if (isPostAuth) {
|
|
31
|
+
ctx.status = 403;
|
|
32
|
+
ctx.body = {
|
|
33
|
+
data: null,
|
|
34
|
+
error: {
|
|
35
|
+
status: 403,
|
|
36
|
+
name: "ForbiddenError",
|
|
37
|
+
message: "Local login is disabled. Please use OIDC.",
|
|
38
|
+
details: {}
|
|
39
|
+
}
|
|
40
|
+
};
|
|
41
|
+
return;
|
|
42
|
+
}
|
|
43
|
+
if (isGetAdminHtml) {
|
|
44
|
+
const hasRefreshCookie = ctx.cookies.get("strapi_admin_refresh");
|
|
45
|
+
if (!hasRefreshCookie) {
|
|
46
|
+
ctx.redirect("/strapi-plugin-oidc/oidc");
|
|
47
|
+
return;
|
|
28
48
|
}
|
|
29
|
-
}
|
|
30
|
-
return;
|
|
49
|
+
}
|
|
31
50
|
}
|
|
32
51
|
} catch (err) {
|
|
33
52
|
strapi2.log.error("Error checking OIDC enforcement in middleware:", err);
|
package/dist/server/index.mjs
CHANGED
|
@@ -6,22 +6,41 @@ function register$1() {
|
|
|
6
6
|
}
|
|
7
7
|
async function bootstrap({ strapi: strapi2 }) {
|
|
8
8
|
strapi2.server.use(async (ctx, next) => {
|
|
9
|
-
|
|
9
|
+
const adminUrl = strapi2.config.get("admin.url", "/admin");
|
|
10
|
+
const authRoutes = [
|
|
11
|
+
`${adminUrl}/login`,
|
|
12
|
+
`${adminUrl}/register`,
|
|
13
|
+
`${adminUrl}/forgot-password`,
|
|
14
|
+
`${adminUrl}/reset-password`
|
|
15
|
+
];
|
|
16
|
+
const isPostAuth = authRoutes.includes(ctx.request.path) && ctx.request.method === "POST";
|
|
17
|
+
const isHtmlRequest = ctx.request.accepts("html") && !ctx.request.path.match(/\.[a-zA-Z0-9]+$/);
|
|
18
|
+
const isGetAdminHtml = ctx.request.method === "GET" && ctx.request.path.startsWith(adminUrl) && isHtmlRequest;
|
|
19
|
+
if (isPostAuth || isGetAdminHtml) {
|
|
10
20
|
try {
|
|
11
21
|
const whitelistService2 = strapi2.plugin("strapi-plugin-oidc").service("whitelist");
|
|
12
22
|
const settings = await whitelistService2.getSettings();
|
|
13
|
-
if (settings
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
23
|
+
if (settings?.enforceOIDC) {
|
|
24
|
+
if (isPostAuth) {
|
|
25
|
+
ctx.status = 403;
|
|
26
|
+
ctx.body = {
|
|
27
|
+
data: null,
|
|
28
|
+
error: {
|
|
29
|
+
status: 403,
|
|
30
|
+
name: "ForbiddenError",
|
|
31
|
+
message: "Local login is disabled. Please use OIDC.",
|
|
32
|
+
details: {}
|
|
33
|
+
}
|
|
34
|
+
};
|
|
35
|
+
return;
|
|
36
|
+
}
|
|
37
|
+
if (isGetAdminHtml) {
|
|
38
|
+
const hasRefreshCookie = ctx.cookies.get("strapi_admin_refresh");
|
|
39
|
+
if (!hasRefreshCookie) {
|
|
40
|
+
ctx.redirect("/strapi-plugin-oidc/oidc");
|
|
41
|
+
return;
|
|
22
42
|
}
|
|
23
|
-
}
|
|
24
|
-
return;
|
|
43
|
+
}
|
|
25
44
|
}
|
|
26
45
|
} catch (err) {
|
|
27
46
|
strapi2.log.error("Error checking OIDC enforcement in middleware:", err);
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "strapi-plugin-oidc",
|
|
3
|
-
"version": "1.0
|
|
3
|
+
"version": "1.1.0",
|
|
4
4
|
"description": "A Strapi plugin that provides OpenID Connect (OIDC) authentication functionality for the Strapi Admin Panel.",
|
|
5
5
|
"strapi": {
|
|
6
6
|
"displayName": "OIDC Plugin",
|
|
@@ -32,7 +32,11 @@
|
|
|
32
32
|
"Zitadel"
|
|
33
33
|
],
|
|
34
34
|
"peerDependencies": {
|
|
35
|
-
"@strapi/strapi": "^5.24.1"
|
|
35
|
+
"@strapi/strapi": "^5.24.1",
|
|
36
|
+
"react": "^17.0.0 || ^18.0.0",
|
|
37
|
+
"react-dom": "^17.0.0 || ^18.0.0",
|
|
38
|
+
"react-router-dom": "^6.30.3",
|
|
39
|
+
"styled-components": "^6.0.0"
|
|
36
40
|
},
|
|
37
41
|
"dependencies": {
|
|
38
42
|
"@strapi/design-system": "^2.2.0",
|
|
@@ -40,11 +44,7 @@
|
|
|
40
44
|
"@strapi/utils": "^5.41.1",
|
|
41
45
|
"generate-password": "^1.7.1",
|
|
42
46
|
"pkce-challenge": "^6.0.0",
|
|
43
|
-
"react": "^
|
|
44
|
-
"react-dom": "^18.3.1",
|
|
45
|
-
"react-intl": "^6.8.9",
|
|
46
|
-
"react-router-dom": "^6.30.3",
|
|
47
|
-
"styled-components": "^6.3.12"
|
|
47
|
+
"react-intl": "^6.8.9"
|
|
48
48
|
},
|
|
49
49
|
"author": {
|
|
50
50
|
"name": "edmogeor",
|
|
@@ -85,6 +85,10 @@
|
|
|
85
85
|
"lint-staged": "^16.4.0",
|
|
86
86
|
"msw": "^2.13.0",
|
|
87
87
|
"prettier": "^3.8.1",
|
|
88
|
+
"react": "^18.3.1",
|
|
89
|
+
"react-dom": "^18.3.1",
|
|
90
|
+
"react-router-dom": "^6.30.3",
|
|
91
|
+
"styled-components": "^6.3.12",
|
|
88
92
|
"supertest": "^7.2.2",
|
|
89
93
|
"typescript": "^5.9.3",
|
|
90
94
|
"vitest": "^4.1.2"
|