Feat: oidc-integration #385
Conversation
Tasks done --- - Implemented Oidc Client for oidc integration. - Added OIDC disable feature. - Added oidc session middleware.
|
@er-santosh is attempting to deploy a commit to the Bigcapital Team on Vercel. A member of the Team first needs to authorize it. |
packages/server/package.json
Outdated
| "socket.io": "^4.7.4", | ||
| "source-map-loader": "^4.0.1", |
There was a problem hiding this comment.
@er-santosh lets revert changes related to plaid and source-map-loader..as it has nothing to do with this pr
| "landed_cost.dialog.label_unallocated_cost_amount":"قيمة التكلفة غير المحملة:", | ||
| "landed_cost.error.the_total_located_cost_is_bigger_than_the_transaction_line":"إجمالي قيمة التكلفة المحملة أكبر من قيمة سطر المعاملة.", | ||
| "landed_cost.dialog.label_unallocated_cost_amount": "قيمة التكلفة غير المحملة:", | ||
| "landed_cost.error.the_total_located_cost_is_bigger_than_the_transaction_line": "إجمالي قيمة التكلفة المحملة أكبر من قيمة سطر المعاملة.", |
There was a problem hiding this comment.
lets revert unintended changes in this file
| // Set authentication cookies. | ||
| setAuthLoginCookies(data.data); | ||
|
|
||
| window.location.href = '/'; |
There was a problem hiding this comment.
@abouolia Previously while logging in, the login page was reloaded after the successful login. Here in oidc login we are supposed to get code as query param in login url so we are redirecting it to '/' which is a bit static for now as reloading the route will make api call for authorization callback. Do we have any standard path that needs to be added here after login or what will be the best use case here?
|
|
||
| // Handle logout link click. | ||
| const onClickLogout = () => { | ||
| setLogout(); |
There was a problem hiding this comment.
@abouolia I have created custom logout hook for oidc(useAuthOidcLogout) where setLogout will be called after the oidc logout api call in both condition (error or success). Is it ok to follow this?
| export const useAuthOidcLogout = (props) => { | ||
| const apiRequest = useApiRequest(); | ||
| const { setLogout } = useAuthActions(); | ||
|
|
||
| return useMutation((values) => apiRequest.post('oidc/logout', values), { | ||
| select: (res) => res.data, | ||
| onSuccess: (data) => { | ||
| const logoutUrl = data.data.logout_url; | ||
|
|
||
| setLogout(logoutUrl); | ||
| }, | ||
| onError: (err) => { | ||
| setLogout(); | ||
| }, |
There was a problem hiding this comment.
@abouolia Here I have implemented oidc logout such that after successful oidc login, the session end url will be passed to setLogout and redirected in same way else the normal logout will work accordingly. Is the best way to be followed?
| if (href) { | ||
| window.location.href = href; | ||
| } else { | ||
| window.location.reload(); | ||
| } |
There was a problem hiding this comment.
@abouolia Here the only change is, if the session_end url is passed, it will be redirected to that url and gets callback from OIDC provider to post logout uri else just reload the page.
| @@ -89,7 +89,7 @@ import { InvoiceChangeStatusOnMailSentSubscriber } from '@/services/Sales/Invoic | |||
| import { SaleReceiptMarkClosedOnMailSentSubcriber } from '@/services/Sales/Receipts/subscribers/SaleReceiptMarkClosedOnMailSentSubcriber'; | |||
| import { SaleEstimateMarkApprovedOnMailSent } from '@/services/Sales/Estimates/subscribers/SaleEstimateMarkApprovedOnMailSent'; | |||
| import { DeleteCashflowTransactionOnUncategorize } from '@/services/Cashflow/subscribers/DeleteCashflowTransactionOnUncategorize'; | |||
| import { PreventDeleteTransactionOnDelete } from '@/services/Cashflow/subscribers/PreventDeleteTransactionsOnDelete'; } | |||
| import { PreventDeleteTransactionOnDelete } from '@/services/Cashflow/subscribers/PreventDeleteTransactionsOnDelete'; | |||
There was a problem hiding this comment.
@abouolia I couldnot build server due to this syntax error here. So i removed it to get it working.
Tasks done --- - Created api endpoint to fetch authenticated user details and its tenant. - Added cors middleware to allow resources to whitelisted domains.
…d-user Feat/get tenant of authenticated user
Tasks done
Issue: [https://github.com//issues/237] (Support for OpenID Connect (OIDC) / OAuth2)