jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Only store dashboard accessTokens in tokensdb

Browse Source
This commit is contained in:
Johannes Zellner
2023-06-04 16:03:45 +02:00
parent 1f134ff070
commit 874064de67
1 changed files with 18 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/oidc.js
View File

@@ -136,7 +136,8 @@ function load(modelName) {
try {
data = JSON.parse(fs.readFileSync(filePath), 'utf8');
} catch (e) {
debug(`load: failed to read ${filePath}, start with new one. %o`, e);
if (e.code === 'ENOENT') debug(`load: failed to read ${filePath}, start with new one.`);
else debug(`load: failed to read ${filePath}, use in-memory. %o`, e);
}
DATA_STORE[modelName] = data;
@@ -177,6 +178,7 @@ async function revokeByUserId(userId) {
revokeObjects('Session');
revokeObjects('Grant');
revokeObjects('AuthorizationCode');
revokeObjects('AccessToken');
}
// -----------------------------
@@ -199,7 +201,7 @@ class CloudronAdapter {
debug(`Creating OpenID storage adapter for ${name}`);
if (this.name === 'Client' || this.name === 'AccessToken') {
if (this.name === 'Client') {
return;
} else {
load(name);
@@ -221,7 +223,7 @@ class CloudronAdapter {
async upsert(id, payload, expiresIn) {
if (this.name === 'Client') {
debug('upsert: this should not happen as it is stored in our db');
} else if (this.name === 'AccessToken') {
} else if (this.name === 'AccessToken' && payload.clientId === 'dashboard') {
const clientId = payload.clientId;
const identifier = payload.accountId;
const expires = Date.now() + constants.DEFAULT_TOKEN_EXPIRATION_MSECS;
@@ -289,8 +291,10 @@ class CloudronAdapter {
debug('find: we dont support finding AccessTokens', id);
const [error, result] = await safe(tokens.getByAccessToken(id));
if (error || !result) {
debug(`find: Unknown accessToken for id ${id}`);
return null;
debug(`find: Unknown accessToken for id ${id} maybe oidc internal?`);
if (!DATA_STORE[this.name][id]) return null;
return DATA_STORE[this.name][id].payload;
}
const tmp = {
@@ -355,7 +359,9 @@ class CloudronAdapter {
*
*/
async consume(id) {
if (this.name === 'Client' || this.name === 'AccessToken') {
debug(`[${this.name}] consume: ${id}`);
if (this.name === 'Client') {
debug('consume: this should not happen as it is stored in our db');
} else {
if (DATA_STORE[this.name][id]) DATA_STORE[this.name][id].consumed = true;
@@ -374,7 +380,9 @@ class CloudronAdapter {
*
*/
async destroy(id) {
if (this.name === 'Client' || this.name === 'AccessToken') {
debug(`[${this.name}] destroy: ${id}`);
if (this.name === 'Client') {
debug('destroy: this should not happen as it is stored in our db');
} else {
delete DATA_STORE[this.name][id];
@@ -393,7 +401,9 @@ class CloudronAdapter {
*
*/
async revokeByGrantId(grantId) {
if (this.name === 'Client' || this.name === 'AccessToken') {
debug(`[${this.name}] revokeByGrantId: ${grantId}`);
if (this.name === 'Client') {
debug('revokeByGrantId: this should not happen as it is stored in our db');
} else {
for (let d in DATA_STORE[this.name]) {