Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

allow custom auth endpoint #1294

Merged
merged 1 commit into from
Apr 25, 2018
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@
Changes that have landed in master but are not yet released.
Click to see more.
</summary>

* allow custom auth endpoint ([@erquhart](https://github.com/erquhart) in [#1294](https://github.com/netlify/netlify-cms/pull/1294))
</details>

## 1.6.0 (April 19, 2018) ([demo](https://5ad8e1ebb31274466632d026--cms-demo.netlify.com/#/))
Expand Down
6 changes: 5 additions & 1 deletion src/backends/github/AuthenticationPage.js
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@ export default class AuthenticationPage extends React.Component {
static propTypes = {
onLogin: PropTypes.func.isRequired,
inProgress: PropTypes.bool,
base_url: PropTypes.string,
siteId: PropTypes.string,
authEndpoint: PropTypes.string,
};

state = {};
Expand All @@ -15,7 +18,8 @@ export default class AuthenticationPage extends React.Component {
e.preventDefault();
const cfg = {
base_url: this.props.base_url,
site_id: (document.location.host.split(':')[0] === 'localhost') ? 'cms.netlify.com' : this.props.siteId
site_id: (document.location.host.split(':')[0] === 'localhost') ? 'cms.netlify.com' : this.props.siteId,
auth_endpoint: this.props.authEndpoint,
};
const auth = new Authenticator(cfg);

Expand Down
1 change: 1 addition & 0 deletions src/components/App/App.js
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,7 @@ class App extends React.Component {
isFetching: auth && auth.get('isFetching'),
siteId: this.props.config.getIn(["backend", "site_domain"]),
base_url: this.props.config.getIn(["backend", "base_url"], null),
authEndpoint: this.props.config.getIn(["backend", "auth_endpoint"]),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if we should make backends get the value themselves, instead of passing them all in here. Maybe a 2.0 thing?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

2.0, but yeah that definitely makes sense. @Benaiah what do you think?

config: this.props.config,
})
}
Expand Down
8 changes: 6 additions & 2 deletions src/lib/netlify-auth.js
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
import { trim, trimEnd } from 'lodash';

const NETLIFY_API = 'https://api.netlify.com';
const AUTH_ENDPOINT = 'auth';

class NetlifyError {
constructor(err) {
Expand Down Expand Up @@ -31,7 +34,8 @@ const PROVIDERS = {
class Authenticator {
constructor(config = {}) {
this.site_id = config.site_id || null;
this.base_url = config.base_url || NETLIFY_API;
this.base_url = trimEnd(config.base_url, '/') || NETLIFY_API;
this.auth_endpoint = trim(config.auth_endpoint, '/') || AUTH_ENDPOINT;
}

handshakeCallback(options, cb) {
Expand Down Expand Up @@ -93,7 +97,7 @@ class Authenticator {
left = (screen.width / 2) - (conf.width / 2);
top = (screen.height / 2) - (conf.height / 2);
window.addEventListener('message', this.handshakeCallback(options, cb), false);
url = this.base_url + '/auth?provider=' + options.provider + '&site_id=' + siteID;
url = `${this.base_url}/${this.auth_endpoint}?provider=${options.provider}&site_id=${siteID}`;
if (options.scope) {
url += '&scope=' + options.scope;
}
Expand Down
17 changes: 9 additions & 8 deletions website/site/content/docs/authentication-backends.md
Original file line number Diff line number Diff line change
Expand Up @@ -86,11 +86,12 @@ Both `git-gateway` and `github` backends allow some additional optional fields f
cases. A full reference is below. Note that these are properties of the `backend` field, and should
be nested under that field.

| Field | Default | Description |
| -------------- | -------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- |
| `repo` | none | **Required** for `github` backend; ignored by `git-gateway`. Follows the pattern `[org-or-username]/[repo-name]`. |
| `accept_roles` | none | `git-gateway` only. Limits CMS access to your defined array of user roles. Omitting this field gives access to all registered users. |
| `branch` | `master` | The branch where published content is stored. All CMS commits and PRs are made to this branch. |
| `api_root` | `https://api.github.com` (ignored for `git-gateway` backend) | The API endpoint. Only necessary in certain cases, like with GitHub Enterprise. |
| `site_domain` | `location.hostname` (or `cms.netlify.com` when on `localhost`) | Sets the `site_id` query param sent to the API endpoint. Non-Netlify auth setups will often need to set this for local development to work properly. |
| `base_url` | `https://api.netlify.com` | OAuth client URL for the `github` backend. **Required** when using an external OAuth server with the `github` backend. |
| Field | Default | Description |
| --------------- | -------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- |
| `repo` | none | **Required** for `github` backend; ignored by `git-gateway`. Follows the pattern `[org-or-username]/[repo-name]`. |
| `accept_roles` | none | `git-gateway` only. Limits CMS access to your defined array of user roles. Omitting this field gives access to all registered users. |
| `branch` | `master` | The branch where published content is stored. All CMS commits and PRs are made to this branch. |
| `api_root` | `https://api.github.com` (ignored for `git-gateway` backend) | The API endpoint. Only necessary in certain cases, like with GitHub Enterprise. |
| `site_domain` | `location.hostname` (or `cms.netlify.com` when on `localhost`) | Sets the `site_id` query param sent to the API endpoint. Non-Netlify auth setups will often need to set this for local development to work properly. |
| `base_url` | `https://api.netlify.com` | OAuth client URL for the `github` backend. **Required** when using an external OAuth server with the `github` backend. |
| `auth_endpoint` | `auth` | Path to append to `base_url` for authentication requests. Optional. |