Skip to content
This repository has been archived by the owner on Sep 11, 2024. It is now read-only.

Commit

Permalink
use more future proof config for static clients (#11175)
Browse files Browse the repository at this point in the history
  • Loading branch information
Kerry authored Jul 4, 2023
1 parent ce332d0 commit 90e65e8
Show file tree
Hide file tree
Showing 5 changed files with 24 additions and 13 deletions.
7 changes: 6 additions & 1 deletion src/IConfigOptions.ts
Original file line number Diff line number Diff line change
Expand Up @@ -201,7 +201,12 @@ export interface IConfigOptions {
* The issuer URL must have a trailing `/`.
* OPTIONAL
*/
oidc_static_client_ids?: Record<string, string>;
oidc_static_clients?: Record<
string,
{
client_id: string;
}
>;
}

export interface ISsoRedirectOptions {
Expand Down
6 changes: 3 additions & 3 deletions src/Login.ts
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,7 @@ export default class Login {
const oidcFlow = await tryInitOidcNativeFlow(
this.delegatedAuthentication,
SdkConfig.get().brand,
SdkConfig.get().oidc_static_client_ids,
SdkConfig.get().oidc_static_clients,
);
return [oidcFlow];
} catch (error) {
Expand Down Expand Up @@ -211,9 +211,9 @@ export interface OidcNativeFlow extends ILoginFlow {
const tryInitOidcNativeFlow = async (
delegatedAuthConfig: ValidatedDelegatedAuthConfig,
brand: string,
oidcStaticClientIds?: IConfigOptions["oidc_static_client_ids"],
oidcStaticClients?: IConfigOptions["oidc_static_clients"],
): Promise<OidcNativeFlow> => {
const clientId = await getOidcClientId(delegatedAuthConfig, brand, window.location.origin, oidcStaticClientIds);
const clientId = await getOidcClientId(delegatedAuthConfig, brand, window.location.origin, oidcStaticClients);

const flow = {
type: "oidcNativeFlow",
Expand Down
10 changes: 7 additions & 3 deletions src/utils/oidc/registerClient.ts
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ limitations under the License.
import { logger } from "matrix-js-sdk/src/logger";
import { registerOidcClient } from "matrix-js-sdk/src/oidc/register";

import { IConfigOptions } from "../../IConfigOptions";
import { ValidatedDelegatedAuthConfig } from "../ValidatedServerConfig";

/**
Expand All @@ -25,10 +26,13 @@ import { ValidatedDelegatedAuthConfig } from "../ValidatedServerConfig";
* @param staticOidcClients static client config from config.json
* @returns clientId if found, otherwise undefined
*/
const getStaticOidcClientId = (issuer: string, staticOidcClients?: Record<string, string>): string | undefined => {
const getStaticOidcClientId = (
issuer: string,
staticOidcClients?: IConfigOptions["oidc_static_clients"],
): string | undefined => {
// static_oidc_clients are configured with a trailing slash
const issuerWithTrailingSlash = issuer.endsWith("/") ? issuer : issuer + "/";
return staticOidcClients?.[issuerWithTrailingSlash];
return staticOidcClients?.[issuerWithTrailingSlash]?.client_id;
};

/**
Expand All @@ -46,7 +50,7 @@ export const getOidcClientId = async (
delegatedAuthConfig: ValidatedDelegatedAuthConfig,
clientName: string,
baseUrl: string,
staticOidcClients?: Record<string, string>,
staticOidcClients?: IConfigOptions["oidc_static_clients"],
): Promise<string> => {
const staticClientId = getStaticOidcClientId(delegatedAuthConfig.issuer, staticOidcClients);
if (staticClientId) {
Expand Down
6 changes: 4 additions & 2 deletions test/components/structures/auth/Login-test.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,9 @@ jest.mock("matrix-js-sdk/src/matrix");
jest.useRealTimers();

const oidcStaticClientsConfig = {
"https://staticallyregisteredissuer.org/": "static-clientId-123",
"https://staticallyregisteredissuer.org/": {
client_id: "static-clientId-123",
},
};

describe("Login", function () {
Expand All @@ -52,7 +54,7 @@ describe("Login", function () {
SdkConfig.put({
brand: "test-brand",
disable_custom_urls: true,
oidc_static_client_ids: oidcStaticClientsConfig,
oidc_static_clients: oidcStaticClientsConfig,
});
mockClient.login.mockClear().mockResolvedValue({
access_token: "TOKEN",
Expand Down
8 changes: 4 additions & 4 deletions test/utils/oidc/registerClient-test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,9 @@ describe("getOidcClientId()", () => {
const baseUrl = "https://just.testing";
const dynamicClientId = "xyz789";
const staticOidcClients = {
[issuer]: "abc123",
[issuer]: {
client_id: "abc123",
},
};
const delegatedAuthConfig = {
issuer,
Expand All @@ -42,9 +44,7 @@ describe("getOidcClientId()", () => {
});

it("should return static clientId when configured", async () => {
expect(await getOidcClientId(delegatedAuthConfig, clientName, baseUrl, staticOidcClients)).toEqual(
staticOidcClients[issuer],
);
expect(await getOidcClientId(delegatedAuthConfig, clientName, baseUrl, staticOidcClients)).toEqual("abc123");
// didn't try to register
expect(fetchMockJest).toHaveFetchedTimes(0);
});
Expand Down

0 comments on commit 90e65e8

Please sign in to comment.