Fix jwt-token

server/config/auth-providers.js

@@ -0,0 +1,113 @@
+/**
+ * Authentication Providers Configuration
+ * Supports multiple auth strategies for SaaS and on-premise deployments
+ */
+
+const AuthProviders = {
+  // Local JWT authentication (default)
+  LOCAL: 'local',
+  
+  // SAML 2.0 for Active Directory/ADFS
+  SAML: 'saml',
+  
+  // OAuth 2.0/OpenID Connect
+  OAUTH: 'oauth',
+  
+  // LDAP for on-premise AD
+  LDAP: 'ldap',
+  
+  // Custom SSO
+  CUSTOM_SSO: 'custom_sso'
+};
+
+/**
+ * Tenant-specific authentication configuration
+ * Each tenant can have different auth providers
+ */
+class AuthConfig {
+  constructor() {
+    this.providers = new Map();
+    this.defaultProvider = AuthProviders.LOCAL;
+  }
+
+  /**
+   * Register authentication provider for a tenant
+   * @param {string} tenantId - Tenant identifier
+   * @param {object} config - Provider configuration
+   */
+  registerProvider(tenantId, config) {
+    this.providers.set(tenantId, {
+      type: config.type,
+      enabled: config.enabled || true,
+      config: config.settings,
+      userMapping: config.userMapping || this.getDefaultUserMapping(),
+      roleMapping: config.roleMapping || this.getDefaultRoleMapping(),
+      createdAt: new Date()
+    });
+  }
+
+  /**
+   * Get authentication provider for tenant
+   * @param {string} tenantId - Tenant identifier
+   * @returns {object} Provider configuration
+   */
+  getProvider(tenantId) {
+    return this.providers.get(tenantId) || {
+      type: this.defaultProvider,
+      enabled: true,
+      config: {},
+      userMapping: this.getDefaultUserMapping(),
+      roleMapping: this.getDefaultRoleMapping()
+    };
+  }
+
+  /**
+   * Default user attribute mapping from external providers
+   */
+  getDefaultUserMapping() {
+    return {
+      username: ['preferred_username', 'samAccountName', 'username', 'sub'],
+      email: ['email', 'mail', 'emailAddress'],
+      firstName: ['given_name', 'givenName', 'firstName'],
+      lastName: ['family_name', 'surname', 'lastName'],
+      displayName: ['name', 'displayName', 'cn'],
+      phoneNumber: ['phone_number', 'telephoneNumber', 'mobile']
+    };
+  }
+
+  /**
+   * Default role mapping from external providers to internal roles
+   */
+  getDefaultRoleMapping() {
+    return {
+      // Active Directory groups to internal roles
+      'Domain Admins': 'admin',
+      'UAV-Admins': 'admin',
+      'UAV-Operators': 'operator',
+      'UAV-Viewers': 'viewer',
+      
+      // OAuth/SAML role claims
+      'admin': 'admin',
+      'operator': 'operator',
+      'viewer': 'viewer',
+      
+      // Default fallback
+      'default': 'viewer'
+    };
+  }
+
+  /**
+   * Get all configured providers
+   */
+  getAllProviders() {
+    return Array.from(this.providers.entries()).map(([tenantId, config]) => ({
+      tenantId,
+      ...config
+    }));
+  }
+}
+
+module.exports = {
+  AuthProviders,
+  AuthConfig
+};