dice/impress
1
0
Fork 0
forked from OpenNeo/impress
Code Pull requests Activity

Read and customize the username reported by neopass-server

Browse source 
Okay, `sub` seems to be a pretty standard place for user identifiers.
Let's start with that assumption! I override the `oauth2-mock-server`'s
default of `johndoe` with `theneopetsteam`, just to be cute :3
This commit is contained in:
Emi Matchu 2024-03-14 18:19:45 -07:00
parent 9cbeee0acd
commit 31a11a04fa
2 changed files with 15 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/devise/omniauth_callbacks_controller.rb
View file

@ -1,6 +1,6 @@
class Devise::OmniauthCallbacksController < ApplicationController class Devise::OmniauthCallbacksController < ApplicationController
def neopass def neopass
render plain: "Success!" render plain: request.env["omniauth.auth"].uid
end end
def failure def failure

25
bin/neopass-server
View file

@ -21,6 +21,10 @@ const urlLib = require("node:url");
const { OAuth2Server } = require("oauth2-mock-server"); const { OAuth2Server } = require("oauth2-mock-server");
const express = require("express"); const express = require("express");
// This is the Neopets username we'll report back to DTI when you authenticate
// through here.
const USERNAME = "theneopetsteam";
const certPath = pathLib.join(__dirname, "..", "tmp", "localhost.pem"); const certPath = pathLib.join(__dirname, "..", "tmp", "localhost.pem");
const keyPath = pathLib.join(__dirname, "..", "tmp", "localhost-key.pem"); const keyPath = pathLib.join(__dirname, "..", "tmp", "localhost-key.pem");
@ -43,13 +47,11 @@ async function ensureCertsExist() {
"the Rails tmp dir, to serve over HTTPS.", "the Rails tmp dir, to serve over HTTPS.",
); );
const mkcertProc = spawn("mkcert", [ const mkcertProc = spawn(
"-cert-file", "mkcert",
certPath, ["-cert-file", certPath, "-key-file", keyPath, "localhost"],
"-key-file", { stdio: ["ignore", process.stdout, process.stderr] },
keyPath, );
"localhost",
], {stdio: ["ignore", process.stdout, process.stderr]});
// Wait for the process to finish, raising an error if it fails. // Wait for the process to finish, raising an error if it fails.
await new Promise((resolve, reject) => { await new Promise((resolve, reject) => {
@ -68,10 +70,7 @@ async function ensureCertsExist() {
} }
async function startServer(port) { async function startServer(port) {
const server = new OAuth2Server( const server = new OAuth2Server(keyPath, certPath);
keyPath,
certPath,
);
await server.issuer.keys.add({ await server.issuer.keys.add({
// A key we generated for the NeoPass test server. It's okay for its // A key we generated for the NeoPass test server. It's okay for its
// "secret" info to be here, because it's for development only! // "secret" info to be here, because it's for development only!
@ -89,6 +88,10 @@ async function startServer(port) {
n: "svVfGU4NGcfBCmQiIOW5uzg5SAN2CWSIQSstnhqZoCdjy5OoKpKVR8O9TbDvxixrvkFyAav90Q0Xse8iFTcjfCKuqINYiuYMXhCvfBlc_DVVOQca9pMpN03LaDofd5Ll4_BFTtt1nSPahwWU7xDM-Bkkh_TcS2qS4N2xbpEGi0q0ZkrJN4WyiDBC2k9WbK-YHr4Rj4JKypFVSeBIrjxVPmlPzgfqlLGGIB0l92SnJDXDMlkWcCCTyLgqSBM04nkxGDSykq_ei76qCdRd7b10wMBaoS9DeBThAyHpur2LoPdH3gxbcwoWExi-jPlNP1LdKVZD8b95OY3CRyMAAMGdKQ", n: "svVfGU4NGcfBCmQiIOW5uzg5SAN2CWSIQSstnhqZoCdjy5OoKpKVR8O9TbDvxixrvkFyAav90Q0Xse8iFTcjfCKuqINYiuYMXhCvfBlc_DVVOQca9pMpN03LaDofd5Ll4_BFTtt1nSPahwWU7xDM-Bkkh_TcS2qS4N2xbpEGi0q0ZkrJN4WyiDBC2k9WbK-YHr4Rj4JKypFVSeBIrjxVPmlPzgfqlLGGIB0l92SnJDXDMlkWcCCTyLgqSBM04nkxGDSykq_ei76qCdRd7b10wMBaoS9DeBThAyHpur2LoPdH3gxbcwoWExi-jPlNP1LdKVZD8b95OY3CRyMAAMGdKQ",
}); });
server.service.on("beforeTokenSigning", (token, req) => {
token.payload.sub = USERNAME;
});
await server.start(port, "localhost"); await server.start(port, "localhost");
console.log(`Started NeoPass development server at: ${server.issuer.url}`); console.log(`Started NeoPass development server at: ${server.issuer.url}`);
} }