Fix initialize openid auth strategy

advplyr · Nov 19, 2023 · 89eb857 · 89eb857
1 parent e07d17c
commit 89eb857
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 14 deletions.
diff --git a/server/Auth.js b/server/Auth.js
@@ -69,6 +69,11 @@ class Auth {
    * Passport use OpenIDClient.Strategy
    */
   initAuthStrategyOpenID() {
+    if (!Database.serverSettings.isOpenIDAuthSettingsValid) {
+      Logger.error(`[Auth] Cannot init openid auth strategy - invalid settings`)
+      return
+    }
+
     const openIdIssuerClient = new OpenIDClient.Issuer({
       issuer: global.ServerSettings.authOpenIDIssuerURL,
       authorization_endpoint: global.ServerSettings.authOpenIDAuthorizationURL,

diff --git a/server/controllers/MiscController.js b/server/controllers/MiscController.js
@@ -556,18 +556,18 @@ class MiscController {
     switch (type) {
       case 'add':
         this.watcher.onFileAdded(libraryId, path)
-        break;
+        break
       case 'unlink':
         this.watcher.onFileRemoved(libraryId, path)
-        break;
+        break
       case 'rename':
         const oldPath = req.body.oldPath
         if (!oldPath) {
           Logger.error(`[MiscController] Invalid request body for updateWatchedPath. oldPath is required for rename.`)
           return res.sendStatus(400)
         }
         this.watcher.onFileRename(libraryId, oldPath, path)
-        break;
+        break
       default:
         Logger.error(`[MiscController] Invalid type for updateWatchedPath. type: "${type}"`)
         return res.sendStatus(400)
@@ -670,6 +670,8 @@ class MiscController {
     }
 
     if (hasUpdates) {
+      await Database.updateServerSettings()
+
       // Use/unuse auth methods
       Database.serverSettings.supportedAuthMethods.forEach((authMethod) => {
         if (originalAuthMethods.includes(authMethod) && !Database.serverSettings.authActiveAuthMethods.includes(authMethod)) {
@@ -682,8 +684,6 @@ class MiscController {
           this.auth.useAuthStrategy(authMethod)
         }
       })
-
-      await Database.updateServerSettings()
     }
 
     res.json({

diff --git a/server/objects/settings/ServerSettings.js b/server/objects/settings/ServerSettings.js
@@ -133,15 +133,7 @@ class ServerSettings {
 
     // remove uninitialized methods
     // OpenID
-    if (this.authActiveAuthMethods.includes('openid') && (
-      !this.authOpenIDIssuerURL ||
-      !this.authOpenIDAuthorizationURL ||
-      !this.authOpenIDTokenURL ||
-      !this.authOpenIDUserInfoURL ||
-      !this.authOpenIDJwksURL ||
-      !this.authOpenIDClientID ||
-      !this.authOpenIDClientSecret
-    )) {
+    if (this.authActiveAuthMethods.includes('openid') && !this.isOpenIDAuthSettingsValid) {
       this.authActiveAuthMethods.splice(this.authActiveAuthMethods.indexOf('openid', 0), 1)
     }
 
@@ -235,6 +227,19 @@ class ServerSettings {
     return ['local', 'openid']
   }
 
+  /**
+   * Auth settings required for openid to be valid
+   */
+  get isOpenIDAuthSettingsValid() {
+    return this.authOpenIDIssuerURL &&
+      this.authOpenIDAuthorizationURL &&
+      this.authOpenIDTokenURL &&
+      this.authOpenIDUserInfoURL &&
+      this.authOpenIDJwksURL &&
+      this.authOpenIDClientID &&
+      this.authOpenIDClientSecret
+  }
+
   get authenticationSettings() {
     return {
       authActiveAuthMethods: this.authActiveAuthMethods,