fix: global auth providers were added to all sites

data-fair · Jan 23, 2025 · ad0799b · ad0799b
1 parent 713c178
commit ad0799b
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 25 deletions.
diff --git a/api/src/auth/providers.ts b/api/src/auth/providers.ts
@@ -4,7 +4,7 @@ import _slug from 'slugify'
 
 const slug = _slug.default
 
-export const publicProviders = async (site?: Site) => {
+export const publicGlobalProviders = async () => {
   const providers: PublicAuthProvider[] = []
   for (const p of saml2GlobalProviders()) {
     providers.push({
@@ -28,29 +28,30 @@ export const publicProviders = async (site?: Site) => {
       redirectMode: p.redirectMode
     })
   }
+  return providers
+}
 
-  if (site) {
-    const siteProviders = await site.authProviders || []
-    for (const p of siteProviders) {
-      if (p.type === 'oidc') {
-        providers.push({
-          type: p.type,
-          id: getOidcProviderId(p.discovery),
-          title: p.title as string,
-          color: p.color,
-          img: p.img,
-          redirectMode: p.redirectMode
-        })
-      }
-      if (p.type === 'otherSite') {
-        const otherSiteUrl = (p.site.startsWith('http://') || p.site.startsWith('https://')) ? p.site : `https://${p.site}`
-        const otherSite = await getSiteByUrl(otherSiteUrl)
-        if (otherSite && otherSite.owner.type === site.owner.type && otherSite.owner.id === site.owner.id) {
-          providers.push({ type: 'otherSite', id: slug(otherSite.host + (otherSite.path ?? ''), { lower: true, strict: true }), title: p.title as string, color: site.theme.colors.primary, img: site.theme.logo, host: otherSite.host })
-        }
+export const publicSiteProviders = async (site: Site) => {
+  const providers: PublicAuthProvider[] = []
+  const siteProviders = await site.authProviders || []
+  for (const p of siteProviders) {
+    if (p.type === 'oidc') {
+      providers.push({
+        type: p.type,
+        id: getOidcProviderId(p.discovery),
+        title: p.title as string,
+        color: p.color,
+        img: p.img,
+        redirectMode: p.redirectMode
+      })
+    }
+    if (p.type === 'otherSite') {
+      const otherSiteUrl = (p.site.startsWith('http://') || p.site.startsWith('https://')) ? p.site : `https://${p.site}`
+      const otherSite = await getSiteByUrl(otherSiteUrl)
+      if (otherSite && otherSite.owner.type === site.owner.type && otherSite.owner.id === site.owner.id) {
+        providers.push({ type: 'otherSite', id: slug(otherSite.host + (otherSite.path ?? ''), { lower: true, strict: true }), title: p.title as string, color: site.theme.colors.primary, img: site.theme.logo, host: otherSite.host })
       }
     }
   }
-
   return providers
 }
diff --git a/api/src/auth/router.ts b/api/src/auth/router.ts
@@ -16,7 +16,7 @@ import limiter from '../utils/limiter.ts'
 import storages from '#storages'
 import { checkPassword, type Password } from '../utils/passwords.ts'
 import { type OpenIDConnect } from '#types/site/index.ts'
-import { publicProviders } from './providers.ts'
+import { publicGlobalProviders, publicSiteProviders } from './providers.ts'
 
 const debug = Debug('auth')
 
@@ -593,7 +593,8 @@ router.get('/me', (req, res) => {
 })
 
 router.get('/providers', async (req, res) => {
-  res.send(await publicProviders(await reqSite(req)))
+  const site = await reqSite(req)
+  res.send(site ? await publicSiteProviders(site) : await publicGlobalProviders())
 })
 
 // OAUTH

diff --git a/api/src/server.ts b/api/src/server.ts
@@ -16,7 +16,7 @@ import { createHttpTerminator } from 'http-terminator'
 import app from './app.ts'
 import config from '#config'
 import * as eventsQueue from '#events-queue'
-import { publicProviders } from './auth/providers.ts'
+import { publicGlobalProviders } from './auth/providers.ts'
 import { getSiteColorsWarnings } from './utils/color.ts'
 
 const server = createServer(app)
@@ -48,7 +48,7 @@ export const start = async () => {
   ])
   await upgradeScripts(mongo.db, locks, resolve(import.meta.dirname, '../..'))
 
-  const colorWarnings = getSiteColorsWarnings(config.i18n.defaultLocale, config.theme, await publicProviders())
+  const colorWarnings = getSiteColorsWarnings(config.i18n.defaultLocale, config.theme, await publicGlobalProviders())
   if (colorWarnings.length) {
     console.error('Configuration contains color warnings')
     for (const cw of colorWarnings) console.error('  - ' + cw)