Skip to content
This repository has been archived by the owner on Feb 25, 2019. It is now read-only.

fix(oidc): set amr values consistently #195

Merged
merged 1 commit into from
Aug 23, 2015
Merged

fix(oidc): set amr values consistently #195

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions oidc/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ var oidc = {
session: require('./session'),
sessionEvents: require('./sessionEvents'),
sessionState: require('./sessionState'),
setSessionAmr: require('./setSessionAmr'),
signout: require('./signout'),
stashParams: require('./stashParams'),
token: require('./token'),
Expand Down
24 changes: 24 additions & 0 deletions oidc/setSessionAmr.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
/**
* Set Session `amr` claim
*
* The `amr` claim is an OIDC ID Token property
* used to indicate the type(s) of authentication
* for the current session. This value is set when
* users authenticate.
*/

function setSessionAmr (session, amr) {
if (amr) {
if (!Array.isArray(amr)) {
session.amr = [amr]
} else if (session.amr.indexOf(amr) === -1) {
session.amr.push(amr)
}
}
}

/**
* Export
*/

module.exports = setSessionAmr
4 changes: 3 additions & 1 deletion routes/connect.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,8 +68,10 @@ module.exports = function (server) {
// login the user
} else {
req.login(user, function (err) {
if (err) { return next(err) }
oidc.setSessionAmr(req.session, req.provider.amr)
req.session.opbs = crypto.randomBytes(256).toString('hex')
next(err)
next()
})
}
})(req, res, next)
Expand Down
12 changes: 3 additions & 9 deletions routes/signin.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,16 +75,10 @@ module.exports = function (server) {
})
} else {
req.login(user, function (err) {
req.session.amr = req.session.amr || []
var samr = req.session.amr
var pamr = req.provider.amr

if (pamr && samr.indexOf(pamr) === -1) {
req.session.amr.push(pamr)
}

if (err) { return next(err) }
oidc.setSessionAmr(req.session, req.provider.amr)
req.session.opbs = crypto.randomBytes(256).toString('hex')
next(err)
next()
})
}
})(req, res, next)
Expand Down
12 changes: 3 additions & 9 deletions routes/signup.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
var oidc = require('../oidc')
var settings = require('../boot/settings')
var passwordProvider = require('../providers').password
var crypto = require('crypto')
var passport = require('passport')
var qs = require('qs')
var User = require('../models/User')
Expand Down Expand Up @@ -54,15 +55,8 @@ module.exports = function (server) {
} else {
req.login(user, function (err) {
if (err) { return next(err) }

req.session.amr = req.session.amr || []
var samr = req.session.amr
var pamr = req.provider.amr

if (pamr && samr.indexOf(pamr) === -1) {
req.session.amr.push(pamr)
}

oidc.setSessionAmr(req.session, req.provider.amr)
req.session.opbs = crypto.randomBytes(256).toString('hex')
req.sendVerificationEmail =
req.provider.emailVerification.enable
req.flash('isNewUser', true)
Expand Down