| | const passport = require('passport'); |
| | const session = require('express-session'); |
| | const { isEnabled } = require('@librechat/api'); |
| | const { logger } = require('@librechat/data-schemas'); |
| | const { CacheKeys } = require('librechat-data-provider'); |
| | const { |
| | openIdJwtLogin, |
| | facebookLogin, |
| | discordLogin, |
| | setupOpenId, |
| | googleLogin, |
| | githubLogin, |
| | appleLogin, |
| | setupSaml, |
| | } = require('~/strategies'); |
| | const { getLogStores } = require('~/cache'); |
| |
|
| | |
| | |
| | |
| | |
| | |
| | async function configureOpenId(app) { |
| | logger.info('Configuring OpenID Connect...'); |
| | const sessionOptions = { |
| | secret: process.env.OPENID_SESSION_SECRET, |
| | resave: false, |
| | saveUninitialized: false, |
| | store: getLogStores(CacheKeys.OPENID_SESSION), |
| | }; |
| | app.use(session(sessionOptions)); |
| | app.use(passport.session()); |
| |
|
| | const config = await setupOpenId(); |
| | if (!config) { |
| | logger.error('OpenID Connect configuration failed - strategy not registered.'); |
| | return; |
| | } |
| |
|
| | if (isEnabled(process.env.OPENID_REUSE_TOKENS)) { |
| | logger.info('OpenID token reuse is enabled.'); |
| | passport.use('openidJwt', openIdJwtLogin(config)); |
| | } |
| | logger.info('OpenID Connect configured successfully.'); |
| | } |
| |
|
| | |
| | |
| | |
| | |
| | const configureSocialLogins = async (app) => { |
| | logger.info('Configuring social logins...'); |
| |
|
| | if (process.env.GOOGLE_CLIENT_ID && process.env.GOOGLE_CLIENT_SECRET) { |
| | passport.use(googleLogin()); |
| | } |
| | if (process.env.FACEBOOK_CLIENT_ID && process.env.FACEBOOK_CLIENT_SECRET) { |
| | passport.use(facebookLogin()); |
| | } |
| | if (process.env.GITHUB_CLIENT_ID && process.env.GITHUB_CLIENT_SECRET) { |
| | passport.use(githubLogin()); |
| | } |
| | if (process.env.DISCORD_CLIENT_ID && process.env.DISCORD_CLIENT_SECRET) { |
| | passport.use(discordLogin()); |
| | } |
| | if (process.env.APPLE_CLIENT_ID && process.env.APPLE_PRIVATE_KEY_PATH) { |
| | passport.use(appleLogin()); |
| | } |
| | if ( |
| | process.env.OPENID_CLIENT_ID && |
| | process.env.OPENID_CLIENT_SECRET && |
| | process.env.OPENID_ISSUER && |
| | process.env.OPENID_SCOPE && |
| | process.env.OPENID_SESSION_SECRET |
| | ) { |
| | await configureOpenId(app); |
| | } |
| | if ( |
| | process.env.SAML_ENTRY_POINT && |
| | process.env.SAML_ISSUER && |
| | process.env.SAML_CERT && |
| | process.env.SAML_SESSION_SECRET |
| | ) { |
| | logger.info('Configuring SAML Connect...'); |
| | const sessionOptions = { |
| | secret: process.env.SAML_SESSION_SECRET, |
| | resave: false, |
| | saveUninitialized: false, |
| | store: getLogStores(CacheKeys.SAML_SESSION), |
| | }; |
| | app.use(session(sessionOptions)); |
| | app.use(passport.session()); |
| | setupSaml(); |
| |
|
| | logger.info('SAML Connect configured.'); |
| | } |
| | }; |
| |
|
| | module.exports = configureSocialLogins; |
| |
|
