Support local development dashboard login

dashboard/src/js/client.js

@@ -2714,8 +2714,7 @@ angular.module('Application').service('Client', ['$http', '$interval', '$timeout
         this.setToken(null);
 
         // start oidc flow
-        window.location.href = '/openid/auth?client_id=dashboard&scope=openid email profile&response_type=code token&redirect_uri=' + window.location.origin + '/authcallback.html';
+        window.location.href = this.apiOrigin + '/openid/auth?client_id=' + (this.apiOrigin ? 'development' : 'dashboard') + '&scope=openid email profile&response_type=code token&redirect_uri=' + window.location.origin + '/authcallback.html';
-        // window.location.href = '/login.html?returnTo=/' + encodeURIComponent(window.location.hash);
     };
 
     Client.prototype.logout = function () {

src/oidc.js

@@ -42,6 +42,9 @@ const OIDC_CLIENTS_FIELDS = [ 'id', 'secret', 'name', 'appId', 'loginRedirectUri
 const ROUTE_PREFIX = '/openid';
 const DEFAULT_TOKEN_SIGNATURE_ALGORITHM='RS256';
 
+const DASHBOARD_CLIENT_ID = 'dashboard';
+const DEV_CLIENT_ID = 'development';
+
 let gHttpServer = null;
 
 // -----------------------------
@@ -75,15 +78,24 @@ async function clientsAdd(id, data) {
 async function clientsGet(id) {
     assert.strictEqual(typeof id, 'string');
 
-    if (id === 'dashboard') {
+    if (id === DASHBOARD_CLIENT_ID) {
         return {
-            id: 'dashboard',
+            id: DASHBOARD_CLIENT_ID,
             secret: 'notused',
             application_type: 'web',
             response_types: ['code', 'code token'],
             grant_types: ['authorization_code', 'implicit'],
             loginRedirectUri: settings.dashboardOrigin() + '/authcallback.html'
         };
+    } else if (id === DEV_CLIENT_ID) {
+        return {
+            id: DEV_CLIENT_ID,
+            secret: 'notused',
+            application_type: 'native', // have to use native here to support plaintext http, this however makes it impossible to skip consent screen
+            response_types: ['code', 'code token'],
+            grant_types: ['authorization_code', 'implicit'],
+            loginRedirectUri: 'http://localhost:4000/authcallback.html'
+        };
     }
 
     const result = await database.query(`SELECT ${OIDC_CLIENTS_FIELDS} FROM ${OIDC_CLIENTS_TABLE_NAME} WHERE id = ?`, [ id ]);
@@ -224,7 +236,7 @@ class CloudronAdapter {
     async upsert(id, payload, expiresIn) {
         if (this.name === 'Client') {
             debug('upsert: this should not happen as it is stored in our db');
-        } else if (this.name === 'AccessToken' && payload.clientId === 'dashboard') {
+        } else if (this.name === 'AccessToken' && (payload.clientId === DASHBOARD_CLIENT_ID || payload.clientId === DEV_CLIENT_ID)) {
             const clientId = payload.clientId;
             const identifier = payload.accountId;
             const expires = Date.now() + constants.DEFAULT_TOKEN_EXPIRATION_MSECS;
@@ -762,7 +774,7 @@ async function start() {
 
             if (grantId) {
               return await ctx.oidc.provider.Grant.find(grantId);
-            } else if (ctx.oidc.client.clientId === 'dashboard') {
+            } else if (ctx.oidc.client.clientId === DASHBOARD_CLIENT_ID || ctx.oidc.client.clientId === DEV_CLIENT_ID) {
                 const grant = new ctx.oidc.provider.Grant({
                     clientId: ctx.oidc.client.clientId,
                     accountId: ctx.oidc.session.accountId,