Fix OIDC auto register user #4485

Translations update from Hosted Weblate

client/package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "audiobookshelf-client",
-  "version": "2.25.1",
+  "version": "2.26.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "audiobookshelf-client",
-      "version": "2.25.1",
+      "version": "2.26.0",
       "license": "ISC",
       "dependencies": {
         "@nuxtjs/axios": "^5.13.6",

client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "audiobookshelf-client",
-  "version": "2.25.1",
+  "version": "2.26.0",
   "buildNumber": 1,
   "description": "Self-hosted audiobook and podcast client",
   "main": "index.js",

client/strings/hu.json

@@ -278,7 +278,7 @@
   "LabelCollapseSeries": "Sorozat összecsukása",
   "LabelCollapseSubSeries": "Alszéria összecsukása",
   "LabelCollection": "Gyűjtemény",
-  "LabelCollections": "Gyűjtemény",
+  "LabelCollections": "Gyűjtemények",
   "LabelComplete": "Kész",
   "LabelConfirmPassword": "Jelszó megerősítése",
   "LabelContinueListening": "Hallgatás folytatása",
@@ -757,6 +757,7 @@
   "MessageConfirmRemoveAuthor": "Biztosan eltávolítja a(z) \"{0}\" szerzőt?",
   "MessageConfirmRemoveCollection": "Biztosan eltávolítja a(z) \"{0}\" gyűjteményt?",
   "MessageConfirmRemoveEpisode": "Biztosan eltávolítja a(z) \"{0}\" epizódot?",
+  "MessageConfirmRemoveEpisodeNote": "Megjegyzés: Ez nem törli a hangfájlt, kivéve, ha a \"Hangfájl végleges törlése\" be van kapcsolva",
   "MessageConfirmRemoveEpisodes": "Biztosan eltávolítja a(z) {0} epizódot?",
   "MessageConfirmRemoveListeningSessions": "Biztosan eltávolítja a(z) {0} hallgatási munkamenetet?",
   "MessageConfirmRemoveMetadataFiles": "Biztos, hogy az összes metaadatot el akarja távolítani {0} fájl van könyvtár mappáiban?",

client/strings/zh-cn.json

@@ -11,7 +11,7 @@
   "ButtonAuthors": "作者",
   "ButtonBack": "返回",
   "ButtonBatchEditPopulateFromExisting": "用现有内容填充",
-  "ButtonBatchEditPopulateMapDetails": "填充地图详细信息",
+  "ButtonBatchEditPopulateMapDetails": "填入此项详情",
   "ButtonBrowseForFolder": "浏览文件夹",
   "ButtonCancel": "取消",
   "ButtonCancelEncode": "取消编码",
@@ -73,7 +73,7 @@
   "ButtonQuickMatch": "快速匹配",
   "ButtonReScan": "重新扫描",
   "ButtonRead": "读取",
-  "ButtonReadLess": "阅读较少",
+  "ButtonReadLess": "收起",
   "ButtonReadMore": "阅读更多",
   "ButtonRefresh": "刷新",
   "ButtonRemove": "移除",
@@ -714,7 +714,7 @@
   "MessageBackupsLocationNoEditNote": "注意: 备份位置是通过环境变量设置的, 不能在此处更改.",
   "MessageBackupsLocationPathEmpty": "备份位置路径不能为空",
   "MessageBatchEditPopulateMapDetailsAllHelp": "使用所有项目的数据填充已启用的字段. 具有多个值的字段将被合并",
-  "MessageBatchEditPopulateMapDetailsItemHelp": "使用此项目的数据填充已启用的地图详细信息字段",
+  "MessageBatchEditPopulateMapDetailsItemHelp": "提取此项目的信息，填入上方所有勾选的编辑框中",
   "MessageBatchQuickMatchDescription": "快速匹配将尝试为所选项目添加缺少的封面和元数据. 启用以下选项以允许快速匹配覆盖现有封面和或元数据.",
   "MessageBookshelfNoCollections": "你尚未进行任何收藏",
   "MessageBookshelfNoCollectionsHelp": "收藏是公开的. 所有有权访问图书馆的用户都可以看到它们.",
@@ -757,7 +757,7 @@
   "MessageConfirmRemoveAuthor": "你确定要删除作者 \"{0}\"?",
   "MessageConfirmRemoveCollection": "你确定要移除收藏 \"{0}\"?",
   "MessageConfirmRemoveEpisode": "你确定要移除剧集 \"{0}\"?",
-  "MessageConfirmRemoveEpisodeNote": "注意: 除非切换 \"硬删除文件\", 否则不会删除音频文件",
+  "MessageConfirmRemoveEpisodeNote": "注意：此操作不会删除音频文件，除非勾选“完全删除文件”选项",
   "MessageConfirmRemoveEpisodes": "你确定要移除 {0} 剧集?",
   "MessageConfirmRemoveListeningSessions": "你确定要移除 {0} 收听会话吗?",
   "MessageConfirmRemoveMetadataFiles": "你确实要删除库项目文件夹中的所有 metadata.{0} 文件吗?",
@@ -918,9 +918,9 @@
   "NoteUploaderUnsupportedFiles": "不支持的文件将被忽略. 选择或删除文件夹时, 将忽略不在项目文件夹中的其他文件.",
   "NotificationOnBackupCompletedDescription": "备份完成时触发",
   "NotificationOnBackupFailedDescription": "备份失败时触发",
-  "NotificationOnEpisodeDownloadedDescription": "当播客节目自动下载时触发",
+  "NotificationOnEpisodeDownloadedDescription": "当播客节目自动下载完成时触发",
   "NotificationOnRSSFeedDisabledDescription": "由于尝试失败次数过多而导致剧集自动下载被禁用时触发",
-  "NotificationOnRSSFeedFailedDescription": "当 RSS 源请求自动下载剧集失败时触发",
+  "NotificationOnRSSFeedFailedDescription": "当用于自动下载剧集的 RSS 源请求失败时触发",
   "NotificationOnTestDescription": "测试通知系统的事件",
   "PlaceholderNewCollection": "输入收藏夹名称",
   "PlaceholderNewFolderPath": "输入文件夹路径",

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "audiobookshelf",
-  "version": "2.25.1",
+  "version": "2.26.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "audiobookshelf",
-      "version": "2.25.1",
+      "version": "2.26.0",
       "license": "GPL-3.0",
       "dependencies": {
         "axios": "^0.27.2",

package.json

@@ -1,6 +1,6 @@
 {
   "name": "audiobookshelf",
-  "version": "2.25.1",
+  "version": "2.26.0",
   "buildNumber": 1,
   "description": "Self-hosted audiobook and podcast server",
   "main": "index.js",

server/auth/OidcAuthStrategy.js

@@ -121,7 +121,7 @@ class OidcAuthStrategy {
         throw new Error(`Group claim ${Database.serverSettings.authOpenIDGroupClaim} not found or empty in userinfo`)
       }
 
-      let user = await Database.userModel.findOrCreateUserFromOpenIdUserInfo(userinfo, this)
+      let user = await Database.userModel.findOrCreateUserFromOpenIdUserInfo(userinfo)
 
       if (!user?.isActive) {
         throw new Error('User not active or not found')

server/auth/TokenManager.js

@@ -81,6 +81,18 @@ class TokenManager {
     }
   }
 
+  /**
+   * Generate a JWT token for a given user
+   * TODO: Old method with no expiration
+   * @deprecated
+   *
+   * @param {{ id:string, username:string }} user
+   * @returns {string}
+   */
+  static generateAccessToken(user) {
+    return jwt.sign({ userId: user.id, username: user.username }, TokenManager.TokenSecret)
+  }
+
   /**
    * Function to generate a jwt token for a given user
    * TODO: Old method with no expiration
@@ -90,7 +102,7 @@ class TokenManager {
    * @returns {string}
    */
   generateAccessToken(user) {
-    return jwt.sign({ userId: user.id, username: user.username }, TokenManager.TokenSecret)
+    return TokenManager.generateAccessToken(user)
   }
 
   /**

server/models/User.js

@@ -1,9 +1,11 @@
 const uuidv4 = require('uuid').v4
 const sequelize = require('sequelize')
+const { LRUCache } = require('lru-cache')
+
 const Logger = require('../Logger')
 const SocketAuthority = require('../SocketAuthority')
 const { isNullOrNaN } = require('../utils')
-const { LRUCache } = require('lru-cache')
+const TokenManager = require('../auth/TokenManager')
 
 class UserCache {
   constructor() {
@@ -213,10 +215,9 @@ class User extends Model {
    * or creates a new user if configured to do so.
    *
    * @param {Object} userinfo
-   * @param {import('../Auth')} auth
    * @returns {Promise<User>}
    */
-  static async findOrCreateUserFromOpenIdUserInfo(userinfo, auth) {
+  static async findOrCreateUserFromOpenIdUserInfo(userinfo) {
     let user = await this.getUserByOpenIDSub(userinfo.sub)
 
     // Matched by sub
@@ -290,7 +291,7 @@ class User extends Model {
     // If no existing user was matched, auto-register if configured
     if (global.ServerSettings.authOpenIDAutoRegister) {
       Logger.info(`[User] openid: Auto-registering user with sub "${userinfo.sub}"`, userinfo)
-      user = await this.createUserFromOpenIdUserInfo(userinfo, auth)
+      user = await this.createUserFromOpenIdUserInfo(userinfo)
       return user
     }
 
@@ -301,16 +302,15 @@ class User extends Model {
   /**
    * Create user from openid userinfo
    * @param {Object} userinfo
-   * @param {import('../Auth')} auth
    * @returns {Promise<User>}
    */
-  static async createUserFromOpenIdUserInfo(userinfo, auth) {
+  static async createUserFromOpenIdUserInfo(userinfo) {
     const userId = uuidv4()
     // TODO: Ensure username is unique?
     const username = userinfo.preferred_username || userinfo.name || userinfo.sub
     const email = userinfo.email && userinfo.email_verified ? userinfo.email : null
 
-    const token = auth.generateAccessToken({ id: userId, username })
+    const token = TokenManager.generateAccessToken({ id: userId, username })
 
     const newUser = {
       id: userId,