|
|
|
@ -153,6 +153,12 @@ class OpenIDController extends Controller {
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// If the user has already authorized this app, just redirect
|
|
|
|
|
if ( req.user.has_authorized({ id: params.client_id }) ) {
|
|
|
|
|
return res.redirect(`/openid/interaction/${uid.toLowerCase()}/grant`)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Otherwise, prompt them for authorization
|
|
|
|
|
return res.page('public:message', {
|
|
|
|
|
...this.Vue.data({
|
|
|
|
|
message: `<h3 class="font-weight-light">Authorize ${application.name}?</h3>
|
|
|
|
@ -170,6 +176,11 @@ class OpenIDController extends Controller {
|
|
|
|
|
{
|
|
|
|
|
text: req.T('common.grant'),
|
|
|
|
|
action: 'redirect',
|
|
|
|
|
next: `/openid/grant-and-save/${params.client_id}/${uid.toLowerCase()}`,
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
text: req.T('common.grant_once'),
|
|
|
|
|
action: 'redirect',
|
|
|
|
|
next: `/openid/interaction/${uid.toLowerCase()}/grant`,
|
|
|
|
|
},
|
|
|
|
|
],
|
|
|
|
@ -177,6 +188,19 @@ class OpenIDController extends Controller {
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async grant_and_save(req, res, next) {
|
|
|
|
|
if ( !req.user.has_authorized({ client_id: req.params.client_id }) ) {
|
|
|
|
|
req.user.authorize({
|
|
|
|
|
client_id: req.params.client_id,
|
|
|
|
|
api_scopes: ['openid-connect'],
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
await req.user.save()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return res.redirect(`/openid/interaction/${req.params.uid.toLowerCase()}/grant`)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async login(req, res, { uid, prompt, params, session }) {
|
|
|
|
|
return res.redirect(`/openid/interaction/${uid.toLowerCase()}/start-session`)
|
|
|
|
|
}
|
|
|
|
|