From a375acf875aded9d6f03c56abaaa8cce21d3e404 Mon Sep 17 00:00:00 2001 From: Ajay Bura <32841439+ajbura@users.noreply.github.com> Date: Thu, 18 Aug 2022 17:03:42 +0530 Subject: [PATCH 1/4] Pass oidc account management url to session --- src/matrix/Client.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/matrix/Client.js b/src/matrix/Client.js index ef897e25..dd2d5f64 100644 --- a/src/matrix/Client.js +++ b/src/matrix/Client.js @@ -306,6 +306,9 @@ export class Client { userId: sessionInfo.userId, homeserver: sessionInfo.homeServer, }; + if (sessionInfo.accountManagementUrl) { + filteredSessionInfo.accountManagementUrl = sessionInfo.accountManagementUrl; + } const olm = await this._olmPromise; let olmWorker = null; if (this._workerPromise) { From c23039894fbc5fe79ae40acdf9e561bf61b392a5 Mon Sep 17 00:00:00 2001 From: Ajay Bura <32841439+ajbura@users.noreply.github.com> Date: Thu, 18 Aug 2022 17:05:04 +0530 Subject: [PATCH 2/4] Fix bug & move oidc clientConfigs to app configs --- src/domain/login/CompleteOIDCLoginViewModel.js | 1 + src/matrix/Client.js | 3 +++ src/matrix/net/OidcApi.ts | 16 ++++++---------- src/platform/web/assets/config.json | 10 +++++++++- 4 files changed, 19 insertions(+), 11 deletions(-) diff --git a/src/domain/login/CompleteOIDCLoginViewModel.js b/src/domain/login/CompleteOIDCLoginViewModel.js index a544939a..a42fafce 100644 --- a/src/domain/login/CompleteOIDCLoginViewModel.js +++ b/src/domain/login/CompleteOIDCLoginViewModel.js @@ -63,6 +63,7 @@ export class CompleteOIDCLoginViewModel extends ViewModel { const oidcApi = new OidcApi({ issuer, + clientConfigs: this.platform.config.oidc.clientConfigs, clientId, request: this._request, encoding: this._encoding, diff --git a/src/matrix/Client.js b/src/matrix/Client.js index dd2d5f64..8c1503e0 100644 --- a/src/matrix/Client.js +++ b/src/matrix/Client.js @@ -135,6 +135,7 @@ export class Client { try { const oidcApi = new OidcApi({ issuer, + clientConfigs: this._platform.config.oidc.clientConfigs, request: this._platform.request, encoding: this._platform.encoding, crypto: this._platform.crypto, @@ -265,6 +266,7 @@ export class Client { if (sessionInfo.oidcIssuer) { const oidcApi = new OidcApi({ issuer: sessionInfo.oidcIssuer, + clientConfigs: this._platform.config.oidc.clientConfigs, clientId: sessionInfo.oidcClientId, request: this._platform.request, encoding: this._platform.encoding, @@ -487,6 +489,7 @@ export class Client { await hsApi.logout({log}).response(); const oidcApi = new OidcApi({ issuer: sessionInfo.oidcIssuer, + clientConfigs: this._platform.config.oidc.clientConfigs, clientId: sessionInfo.oidcClientId, request: this._platform.request, encoding: this._platform.encoding, diff --git a/src/matrix/net/OidcApi.ts b/src/matrix/net/OidcApi.ts index d18014ca..b1e196b0 100644 --- a/src/matrix/net/OidcApi.ts +++ b/src/matrix/net/OidcApi.ts @@ -58,17 +58,12 @@ type IssuerUri = string; interface ClientConfig { client_id: string; client_secret?: string; + uris: string[], } -// These are statically configured OIDC client IDs for particular issuers: -const clientIds: Record = { - "https://id.thirdroom.io/realms/thirdroom/": { - client_id: "thirdroom" - }, -}; - export class OidcApi { _issuer: string; + _clientConfigs: Record; _requestFn: RequestFunction; _encoding: any; _crypto: any; @@ -76,8 +71,9 @@ export class OidcApi { _metadataPromise: Promise; _registrationPromise: Promise; - constructor({ issuer, request, encoding, crypto, urlCreator, clientId }) { + constructor({ issuer, request, encoding, crypto, urlCreator, clientId, clientConfigs }) { this._issuer = issuer; + this._clientConfigs = clientConfigs; this._requestFn = request; this._encoding = encoding; this._crypto = crypto; @@ -121,8 +117,8 @@ export class OidcApi { // use static client if available const authority = `${this.issuer}${this.issuer.endsWith('/') ? '' : '/'}`; - if (clientIds[authority]) { - return clientIds[authority]; + if (this._clientConfigs[authority] && this._clientConfigs[authority].uris.includes(this._urlCreator.absoluteAppUrl())) { + return this._clientConfigs[authority]; } const headers = new Map(); diff --git a/src/platform/web/assets/config.json b/src/platform/web/assets/config.json index fd46fcbc..5d6da7fb 100644 --- a/src/platform/web/assets/config.json +++ b/src/platform/web/assets/config.json @@ -5,5 +5,13 @@ "applicationServerKey": "BC-gpSdVHEXhvHSHS0AzzWrQoukv2BE7KzpoPO_FfPacqOo3l1pdqz7rSgmB04pZCWaHPz7XRe6fjLaC-WPDopM" }, "defaultHomeServer": "matrix.org", - "bugReportEndpointUrl": "https://element.io/bugreports/submit" + "bugReportEndpointUrl": "https://element.io/bugreports/submit", + "oidc": { + "clientConfigs": { + "https://id.thirdroom.io/realms/thirdroom/": { + "client_id": "thirdroom", + "uris": ["http:localhost:3000", "https://thirdroom.io"] + } + } + } } From d34a6cdf0e821510a87dc970548e59bf56e4b510 Mon Sep 17 00:00:00 2001 From: Ajay Bura <32841439+ajbura@users.noreply.github.com> Date: Thu, 18 Aug 2022 17:07:00 +0530 Subject: [PATCH 3/4] Pass missing oidc api client configs --- src/domain/login/StartOIDCLoginViewModel.js | 1 + 1 file changed, 1 insertion(+) diff --git a/src/domain/login/StartOIDCLoginViewModel.js b/src/domain/login/StartOIDCLoginViewModel.js index b6a171fa..243319e7 100644 --- a/src/domain/login/StartOIDCLoginViewModel.js +++ b/src/domain/login/StartOIDCLoginViewModel.js @@ -26,6 +26,7 @@ export class StartOIDCLoginViewModel extends ViewModel { this._homeserver = options.loginOptions.homeserver; this._api = new OidcApi({ issuer: this._issuer, + clientConfigs: this._platform.config.oidc.clientConfigs, request: this.platform.request, encoding: this.platform.encoding, crypto: this.platform.crypto, From e09d66a57e6dca27ea2c66c188ace776a3b341b3 Mon Sep 17 00:00:00 2001 From: Ajay Bura <32841439+ajbura@users.noreply.github.com> Date: Thu, 18 Aug 2022 17:34:09 +0530 Subject: [PATCH 4/4] fix client uri in config --- src/platform/web/assets/config.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/platform/web/assets/config.json b/src/platform/web/assets/config.json index 5d6da7fb..ea87ba25 100644 --- a/src/platform/web/assets/config.json +++ b/src/platform/web/assets/config.json @@ -10,7 +10,7 @@ "clientConfigs": { "https://id.thirdroom.io/realms/thirdroom/": { "client_id": "thirdroom", - "uris": ["http:localhost:3000", "https://thirdroom.io"] + "uris": ["http://localhost:3000", "https://thirdroom.io"] } } }