New OpenID and OAuth2 drivers (#8660)

* Moved over oauth impl to new interface

* Fixed most build issues and started addind schema to auth drivers

* Finished up OAuth2 and OpenID drivers

* Removed unused migration and utils

* Fixed minor todos

* Removed old oauth flow

* Changed oauth flow to re-use refresh token

* Added new oauth frontend

* Added font awesome social icons

* Updated authentication documentation

* Update api/src/auth/drivers/oauth2.ts

* Tested implementation and fixed incorrect validation

* Updated docs

* Improved OAuth error handling and re-enabled creating users with provider/identifier

* Removed Session config from docs

* Update app/src/components/v-icon/v-icon.vue

* Removed oauth need to define default roleID

* Added FormatTitle to SSO links

* Prevent local auth without password

* Store OAuth access token in session data

* Update docs/guides/api-config.md

* Fixed copy and removed fontawesome-vue dependency

* More docs fixes

* Crucialy importend type fiks

* Update package-lock

* Remove is-email-allowed check

In favor of more advanced version based on filtering coming later

* Fix JSON type casting

* Delete unused util

* Update type signature to include name

* Add warning when code isn't found in oauth url

and remove obsolete imports

* Auto-continue on successful SSO login

* Tweak type signature

* More type casting shenanigans

* Please the TS gods

* Check for missing token before crashing

Co-authored-by: rijkvanzanten <rijkvanzanten@me.com>

api/src/utils/get-auth-providers.ts

@@ -4,6 +4,7 @@ import env from '../env';
 interface AuthProvider {
 	name: string;
 	driver: string;
+	icon?: string;
 }
 
 export function getAuthProviders(): AuthProvider[] {
@@ -12,5 +13,6 @@ export function getAuthProviders(): AuthProvider[] {
 		.map((provider) => ({
 			name: provider,
 			driver: env[`AUTH_${provider.toUpperCase()}_DRIVER`],
+			icon: env[`AUTH_${provider.toUpperCase()}_ICON`],
 		}));
 }

api/src/utils/get-email-from-profile.ts

@@ -1,36 +0,0 @@
-import { get } from 'lodash';
-import env from '../env';
-import { ServiceUnavailableException } from '../exceptions';
-
-// The path in JSON to fetch the email address from the profile.
-// Note: a lot of services use `email` as the path. We fall back to that as default, so no need to
-// map it here
-const profileMap: Record<string, string> = {};
-
-/**
- * Extract the email address from a given user profile coming from a providers API
- *
- * Falls back to OAUTH_<PROVIDER>_PROFILE_EMAIL if we don't have it preconfigured yet, and defaults
- * to `email` if nothing is set
- *
- * This is used in the SSO flow to extract the users
- */
-export default function getEmailFromProfile(provider: string, profile: Record<string, any>): string {
-	const path = profileMap[provider] || env[`OAUTH_${provider.toUpperCase()}_PROFILE_EMAIL`] || 'email';
-
-	const email = get(profile, path);
-
-	if (!email) {
-		throw new ServiceUnavailableException(
-			`Email address not found. Profile "${JSON.stringify(profile)}", path: "${path}"`,
-			{
-				service: 'oauth',
-				provider,
-				profile,
-				path,
-			}
-		);
-	}
-
-	return email;
-}

api/src/utils/track.ts

@@ -54,8 +54,8 @@ async function getEnvInfo(event: string) {
 		email: {
 			transport: env.EMAIL_TRANSPORT,
 		},
-		oauth: {
-			providers: env.OAUTH_PROVIDERS.split(',')
+		auth: {
+			providers: env.AUTH_PROVIDERS.split(',')
 				.map((v: string) => v.trim())
 				.filter((v: string) => v),
 		},