From dd306d59c5caa45a743975b18e3fee0b57faf0d5 Mon Sep 17 00:00:00 2001
From: Rory Powell <rory.codes@gmail.com>
Date: Tue, 13 Jul 2021 17:07:48 +0100
Subject: [PATCH] Load oidc config by id

---
 packages/worker/src/api/controllers/admin/auth.js  |  8 ++++++--
 packages/worker/src/api/routes/admin/auth.js       |  4 ++--
 packages/worker/src/api/routes/tests/auth.spec.js  | 12 ++++++++----
 .../routes/tests/utilities/TestConfiguration.js    | 14 +++++++++++---
 4 files changed, 27 insertions(+), 11 deletions(-)

diff --git a/packages/worker/src/api/controllers/admin/auth.js b/packages/worker/src/api/controllers/admin/auth.js
index a341159a75..c6395e4737 100644
--- a/packages/worker/src/api/controllers/admin/auth.js
+++ b/packages/worker/src/api/controllers/admin/auth.js
@@ -134,6 +134,8 @@ exports.googleAuth = async (ctx, next) => {
 }
 
 async function oidcStrategyFactory(ctx) {
+  const { configId } = ctx.params
+
   const db = new CouchDB(GLOBAL_DB)
 
   const config = await authPkg.db.getScopedConfig(db, {
@@ -141,9 +143,11 @@ async function oidcStrategyFactory(ctx) {
     group: ctx.query.group,
   })
 
-  const callbackUrl = `${ctx.protocol}://${ctx.host}/api/admin/auth/oidc/callback`
+  const chosenConfig = config.configs.filter(c => c.uuid === configId)[0]
 
-  return oidc.strategyFactory(config, callbackUrl)
+  const callbackUrl = `${ctx.protocol}://${ctx.host}/api/admin/auth/oidc/callback/${configId}`
+
+  return oidc.strategyFactory(chosenConfig, callbackUrl)
 }
 
 /**
diff --git a/packages/worker/src/api/routes/admin/auth.js b/packages/worker/src/api/routes/admin/auth.js
index 27f09f74f9..81f94fbf02 100644
--- a/packages/worker/src/api/routes/admin/auth.js
+++ b/packages/worker/src/api/routes/admin/auth.js
@@ -39,7 +39,7 @@ router
   .post("/api/admin/auth/logout", authController.logout)
   .get("/api/admin/auth/google", authController.googlePreAuth)
   .get("/api/admin/auth/google/callback", authController.googleAuth)
-  .get("/api/admin/auth/oidc", authController.oidcPreAuth)
-  .get("/api/admin/auth/oidc/callback", authController.oidcAuth)
+  .get("/api/admin/auth/oidc/:configId", authController.oidcPreAuth)
+  .get("/api/admin/auth/oidc/callback/:configId", authController.oidcAuth)
 
 module.exports = router
diff --git a/packages/worker/src/api/routes/tests/auth.spec.js b/packages/worker/src/api/routes/tests/auth.spec.js
index c8a57d9aed..bb8e9d0918 100644
--- a/packages/worker/src/api/routes/tests/auth.spec.js
+++ b/packages/worker/src/api/routes/tests/auth.spec.js
@@ -62,21 +62,25 @@ describe("/api/admin/auth", () => {
 
     const passportSpy = jest.spyOn(auth.passport, "authenticate")
     let oidcConf
+    let chosenConfig
+    let configId
 
     beforeEach(async () => {
       oidcConf = await config.saveOIDCConfig()
+      chosenConfig = oidcConf.config.configs[0]
+      configId = chosenConfig.uuid
     })
 
     afterEach(() => {
       expect(strategyFactory).toBeCalledWith(
-        oidcConf.config, 
-        "http://127.0.0.1:4003/api/admin/auth/oidc/callback" // calculated url
+        chosenConfig, 
+        `http://127.0.0.1:4003/api/admin/auth/oidc/callback/${configId}` // calculated url
       )
     })
 
     describe("/api/admin/auth/oidc", () => {
       it("should load strategy and delegate to passport", async () => {
-        await request.get(`/api/admin/auth/oidc`)
+        await request.get(`/api/admin/auth/oidc/${configId}`)
 
         expect(passportSpy).toBeCalledWith(mockStrategyReturn, {
           scope: ["profile", "email"],
@@ -87,7 +91,7 @@ describe("/api/admin/auth", () => {
 
     describe("/api/admin/auth/oidc/callback", () => {
       it("should load strategy and delegate to passport", async () => {
-        await request.get(`/api/admin/auth/oidc/callback`)
+        await request.get(`/api/admin/auth/oidc/callback/${configId}`)
       
         expect(passportSpy).toBeCalledWith(mockStrategyReturn, {
           successRedirect: "/", failureRedirect: "/error" 
diff --git a/packages/worker/src/api/routes/tests/utilities/TestConfiguration.js b/packages/worker/src/api/routes/tests/utilities/TestConfiguration.js
index 863e9fd6bc..d8b4dab655 100644
--- a/packages/worker/src/api/routes/tests/utilities/TestConfiguration.js
+++ b/packages/worker/src/api/routes/tests/utilities/TestConfiguration.js
@@ -6,6 +6,7 @@ const { Cookies } = require("@budibase/auth").constants
 const { Configs, LOGO_URL } = require("../../../../constants")
 const { getGlobalUserByEmail } = require("@budibase/auth").utils
 const { createASession } = require("@budibase/auth/sessions")
+const { newid } = require("../../../../../../auth/src/hashing")
 
 class TestConfiguration {
   constructor(openServer = true) {
@@ -160,9 +161,16 @@ class TestConfiguration {
     const config = {
       type: Configs.OIDC,
       config: {
-        configUrl: "http://someconfigurl",
-        clientID: "clientId",
-        clientSecret: "clientSecret",
+        configs: [
+          {
+            configUrl: "http://someconfigurl",
+            clientID: "clientId",
+            clientSecret: "clientSecret",
+            logo: "Microsoft",
+            name: "Active Directory",
+            uuid: newid(),
+          },
+        ],
       },
     }