Move google, github, gitlab auth out of /ee

2026-01-07 22:53:55 -05:00 · 2023-10-04 21:31:50 +01:00
parent e21daf6771
commit 41af5cea93
4 changed files with 76 additions and 65 deletions
--- a/backend/src/ee/routes/v1/sso.ts
+++ b/backend/src/ee/routes/v1/sso.ts
@@ -6,71 +6,6 @@ import { ssoController } from "../../controllers/v1";
 import { authLimiter } from "../../../helpers/rateLimiter";
 import { AuthMode } from "../../../variables";

-router.get("/redirect/google", authLimiter, (req, res, next) => {
-  passport.authenticate("google", {
-    scope: ["profile", "email"],
-    session: false,
-    ...(req.query.callback_port
-      ? {
-          state: req.query.callback_port as string
-        }
-      : {})
-  })(req, res, next);
-});
-
-router.get(
-  "/google",
-  passport.authenticate("google", {
-    failureRedirect: "/login/provider/error",
-    session: false
-  }),
-  ssoController.redirectSSO
-);
-
-router.get("/redirect/github", authLimiter, (req, res, next) => {
-  passport.authenticate("github", {
-    session: false,
-    ...(req.query.callback_port
-      ? {
-          state: req.query.callback_port as string
-        }
-      : {})
-  })(req, res, next);
-});
-
-router.get(
-  "/github",
-  authLimiter,
-  passport.authenticate("github", {
-    failureRedirect: "/login/provider/error",
-    session: false
-  }),
-  ssoController.redirectSSO
-);
-
-router.get(
-  "/redirect/gitlab",
-  authLimiter,
-  (req, res, next) => {
-    passport.authenticate("gitlab", {
-      session: false,
-      ...(req.query.callback_port ? {
-        state: req.query.callback_port as string
-      } : {})
-    })(req, res, next);
-  }
-)
-
-router.get(
-  "/gitlab",
-  authLimiter,
-  passport.authenticate("gitlab", {
-    failureRedirect: "/login/provider/error",
-    session: false
-  }),
-  ssoController.redirectSSO
-)
-
 router.get(
  "/redirect/saml2/:ssoIdentifier",
  authLimiter,
--- a/backend/src/index.ts
+++ b/backend/src/index.ts
@@ -38,6 +38,7 @@ import {
  membership as v1MembershipRouter,
  organization as v1OrganizationRouter,
  password as v1PasswordRouter,
+  sso as v1SSORouter,
  secretApprovalPolicy as v1SecretApprovalPolicy,
  secretImps as v1SecretImpsRouter,
  secret as v1SecretRouter,
@@ -178,6 +179,7 @@ const main = async () => {
  app.use("/api/v1/secret-imports", v1SecretImpsRouter);
  app.use("/api/v1/roles", v1RoleRouter);
  app.use("/api/v1/secret-approvals", v1SecretApprovalPolicy);
+  app.use("/api/v1/sso", v1SSORouter);

  // v2 routes (improvements)
  app.use("/api/v2/signup", v2SignupRouter);
--- a/backend/src/routes/v1/index.ts
+++ b/backend/src/routes/v1/index.ts
@@ -11,6 +11,7 @@ import key from "./key";
 import inviteOrg from "./inviteOrg";
 import secret from "./secret";
 import serviceToken from "./serviceToken";
+import sso from "./sso";
 import password from "./password";
 import integration from "./integration";
 import integrationAuth from "./integrationAuth";
@@ -39,5 +40,6 @@ export {
  secretsFolder,
  webhooks,
  secretImps,
+  sso,
  secretApprovalPolicy
 };
--- a/backend/src/routes/v1/sso.ts
+++ b/backend/src/routes/v1/sso.ts
@@ -0,0 +1,72 @@
+import express from "express";
+const router = express.Router();
+import passport from "passport";
+import { authLimiter } from "../../helpers/rateLimiter";
+import { ssoController } from "../../ee/controllers/v1";
+
+router.get("/redirect/google", authLimiter, (req, res, next) => {
+    passport.authenticate("google", {
+      scope: ["profile", "email"],
+      session: false,
+      ...(req.query.callback_port
+        ? {
+            state: req.query.callback_port as string
+          }
+        : {})
+    })(req, res, next);
+});
+
+router.get(
+    "/google",
+    passport.authenticate("google", {
+      failureRedirect: "/login/provider/error",
+      session: false
+    }),
+    ssoController.redirectSSO
+);
+
+router.get("/redirect/github", authLimiter, (req, res, next) => {
+    passport.authenticate("github", {
+        session: false,
+        ...(req.query.callback_port
+        ? {
+            state: req.query.callback_port as string
+          }
+        : {})
+    })(req, res, next);
+});
+
+router.get(
+    "/github",
+    authLimiter,
+    passport.authenticate("github", {
+        failureRedirect: "/login/provider/error",
+        session: false
+    }),
+    ssoController.redirectSSO
+);
+
+router.get(
+    "/redirect/gitlab",
+    authLimiter,
+    (req, res, next) => {
+        passport.authenticate("gitlab", {
+        session: false,
+            ...(req.query.callback_port ? {
+            state: req.query.callback_port as string
+            } : {})
+        })(req, res, next);
+    }
+);
+  
+router.get(
+    "/gitlab",
+    authLimiter,
+    passport.authenticate("gitlab", {
+      failureRedirect: "/login/provider/error",
+      session: false
+    }),
+    ssoController.redirectSSO
+);
+
+export default router;