jfinn
/
jitsi_corner8
关注 1
点赞 0
派生 0
代码 工单 0 合并请求 0 版本发布 0 百科 动态
浏览代码

Add support for JWT login service

j8
paweldomas 8 年前
父节点
38fc1c01d4
当前提交
f977030bd6
共有 1 个文件被更改,包括 101 次插入5 次删除
合并视图 显示文件统计
  1. 101
    5
      modules/UI/authentication/AuthHandler.js

+ 101
- 5
modules/UI/authentication/AuthHandler.js 查看文件

10 
 let externalAuthWindow;
 10 
 let externalAuthWindow;
11 
 let authRequiredDialog;
 11 
 let authRequiredDialog;
12
12
13 
+let isTokenAuthEnabled
14 
+    = typeof config.tokenAuthUrl === "string" && config.tokenAuthUrl.length;
15 
+let getTokenAuthUrl
16 
+    = JitsiMeetJS.util.AuthUtil.getTokenAuthUrl.bind(null, config.tokenAuthUrl);
17 
+
13 
 /**
 18 
 /**
14 
  * Authenticate using external service or just focus
 19 
  * Authenticate using external service or just focus
15 
  * external auth window if there is one already.
 20 
  * external auth window if there is one already.
23 
         return;
 28 
         return;
24 
     }
 29 
     }
25 
     if (room.isJoined()) {
 30 
     if (room.isJoined()) {
26 
-        room.getExternalAuthUrl(true).then(function (url) {
31 
+        let getUrl;
32 
+        if (isTokenAuthEnabled) {
33 
+            getUrl = Promise.resolve(getTokenAuthUrl(room.getName(), true));
34 
+            initJWTTokenListener(room);
35 
+        } else {
36 
+            getUrl = room.getExternalAuthUrl(true);
37 
+        }
38 
+        getUrl.then(function (url) {
27 
             externalAuthWindow = LoginDialog.showExternalAuthDialog(
 39 
             externalAuthWindow = LoginDialog.showExternalAuthDialog(
28 
                 url,
 40 
                 url,
29 
                 function () {
 41 
                 function () {
30 
                     externalAuthWindow = null;
 42 
                     externalAuthWindow = null;
31 
-                    room.join(lockPassword);
43 
+                    if (!isTokenAuthEnabled) {
44 
+                        room.join(lockPassword);
45 
+                    }
32 
                 }
 46 
                 }
33 
             );
 47 
             );
34 
         });
 48 
         });
35 
     } else {
 49 
     } else {
36 
         // If conference has not been started yet
 50 
         // If conference has not been started yet
37 
         // then  redirect to login page
 51 
         // then  redirect to login page
38 
-        room.getExternalAuthUrl().then(UIUtil.redirect);
52 
+        if (isTokenAuthEnabled) {
53 
+            redirectToTokenAuthService(room.getName());
54 
+        } else {
55 
+            room.getExternalAuthUrl().then(UIUtil.redirect);
56 
+        }
57 
+    }
58 
+}
59 
+
60 
+/**
61 
+ * Redirect the user to the token authentication service for the login to be
62 
+ * performed. Once complete it is expected that the service wil bring the user
63 
+ * back with "?jwt={the JWT token}" query parameter added.
64 
+ * @param {string} [roomName] the name of the conference room.
65 
+ */
66 
+function redirectToTokenAuthService(roomName) {
67 
+    UIUtil.redirect(getTokenAuthUrl(roomName, false));
68 
+}
69 
+
70 
+/**
71 
+ * Initializes 'message' listener that will wait for a JWT token to be received
72 
+ * from the token authentication service opened in a popup window.
73 
+ * @param room the name fo the conference room.
74 
+ */
75 
+function initJWTTokenListener(room) {
76 
+    var self = this;
77 
+    var listener = function (event) {
78 
+        if (externalAuthWindow !== event.source) {
79 
+            console.warn("Ignored message not coming " +
80 
+                "from external authnetication window");
81 
+            return;
82 
+        }
83 
+        if (event.data && event.data.jwtToken) {
84 
+            config.token = event.data.jwtToken;
85 
+            console.info("Received JWT token:", config.token);
86 
+            var roomName = room.getName();
87 
+            openConnection({retry: false, roomName: roomName })
88 
+                .then(function (connection) {
89 
+                    // Start new connection
90 
+                    let newRoom = connection.initJitsiConference(
91 
+                        roomName, APP.conference._getConferenceOptions());
92 
+                    // Authenticate from the new connection to get
93 
+                    // the session-ID from the focus, which wil then be used
94 
+                    // to upgrade current connection's user role
95 
+                    newRoom.room.moderator.authenticate().then(function () {
96 
+                        connection.disconnect();
97 
+                        // At this point we'll have session-ID stored in
98 
+                        // the settings. It wil be used in the call below
99 
+                        // to upgrade user's role
100 
+                        room.room.moderator.authenticate()
101 
+                            .then(function () {
102 
+                                console.info("User role upgrade done !");
103 
+                                unregister();
104 
+                            }).catch(function (err, errCode) {
105 
+                                console.error(
106 
+                                    "Authentication failed: ", err, errCode);
107 
+                                unregister();
108 
+                            }
109 
+                        );
110 
+                    }).catch(function (error, code) {
111 
+                        unregister();
112 
+                        connection.disconnect();
113 
+                        console.error(
114 
+                            'Authentication failed on the new connection',
115 
+                            error, code);
116 
+                    });
117 
+                }, function (err) {
118 
+                    unregister();
119 
+                    console.error("Failed to open new connection", err);
120 
+                });
121 
+        }
122 
+    };
123 
+    var unregister = function () {
124 
+        window.removeEventListener("message", listener);
125 
+    };
126 
+    if (window.addEventListener) {
127 
+        window.addEventListener("message", listener, false);
39 
     }
 128 
     }
40 
 }
 129 
 }
41
130
100 
  * @param {string} [lockPassword] password to use if the conference is locked
 189 
  * @param {string} [lockPassword] password to use if the conference is locked
101 
  */
 190 
  */
102 
 function authenticate (room, lockPassword) {
 191 
 function authenticate (room, lockPassword) {
103 
-    if (room.isExternalAuthEnabled()) {
192 
+    if (isTokenAuthEnabled || room.isExternalAuthEnabled()) {
104 
         doExternalAuth(room, lockPassword);
 193 
         doExternalAuth(room, lockPassword);
105 
     } else {
 194 
     } else {
106 
         doXmppAuth(room, lockPassword);
 195 
         doXmppAuth(room, lockPassword);
188 
  * @returns {Promise<JitsiConnection>}
 277 
  * @returns {Promise<JitsiConnection>}
189 
  */
 278 
  */
190 
 function requestAuth(roomName, connect) {
 279 
 function requestAuth(roomName, connect) {
191 
-    return showXmppPasswordPrompt(roomName, connect);
280 
+    if (isTokenAuthEnabled) {
281 
+        // This Promise never resolves as user gets redirected to another URL
282 
+        return new Promse(function (resolve, reject) {
283 
+            redirectToTokenAuthService(roomName);
284 
+        });
285 
+    } else {
286 
+        return showXmppPasswordPrompt(roomName, connect);
287 
+    }
192 
 }
 288 
 }
193
289
194
290

撰写 预览
正在加载...
取消
保存