_Bastler/partey_workadventure
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

native OIDC support

Browse Source
This commit is contained in:
_Bastler
2021-09-17 09:46:04 +02:00
parent 3a9ffd7557
commit 0bf49fa26a
11 changed files with 81 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pusher/src/Controller/AuthenticateController.ts
+33 -27
View File
@@ -5,7 +5,7 @@ import { adminApi } from "../Services/AdminApi";
import { AuthTokenData, jwtTokenManager } from "../Services/JWTTokenManager";
import { parse } from "query-string";
import { openIDClient } from "../Services/OpenIDClient";
import { FRONT_URL, DEBUG_IGNORE_SSL } from "../Enum/EnvironmentVariable"
import { FRONT_URL, DEBUG_IGNORE_SSL, DISABLE_ANONYMOUS } from "../Enum/EnvironmentVariable"
import Axios from "axios";
import { AxiosRequestConfig } from "axios";
import https from "https";
@@ -69,7 +69,7 @@ export class AuthenticateController extends BaseController {
await openIDClient.checkTokenAuth(authTokenData.hydraAccessToken);
res.writeStatus("200");
this.addCorsHeaders(res);
return res.end(JSON.stringify({ authToken: token }));
return res.end(JSON.stringify({ authToken: token, username: authTokenData.username }));
} catch (err) {
console.info("User was not connected", err);
}
@@ -81,10 +81,10 @@ export class AuthenticateController extends BaseController {
if (!sub) {
throw new Error("No sub in the response");
}
const authToken = jwtTokenManager.createAuthToken(sub, userInfo.access_token);
const authToken = jwtTokenManager.createAuthToken(sub, userInfo.access_token, userInfo.username);
res.writeStatus("200");
this.addCorsHeaders(res);
return res.end(JSON.stringify({ authToken }));
return res.end(JSON.stringify({ authToken: authToken, username: userInfo.username }));
} catch (e) {
return this.errorToResponse(e, res);
}
@@ -173,32 +173,38 @@ export class AuthenticateController extends BaseController {
res.onAborted(() => {
console.warn("Login request was aborted");
});
let userUuid = v4();
const axiosConfig: AxiosRequestConfig = {};
if (DISABLE_ANONYMOUS) {
res.writeStatus("403 FORBIDDEN");
res.end();
} else {
let userUuid = v4();
if (DEBUG_IGNORE_SSL) {
const agent = new https.Agent({
rejectUnauthorized: false,
});
axiosConfig.httpsAgent = agent;
const axiosConfig: AxiosRequestConfig = {};
if (DEBUG_IGNORE_SSL) {
const agent = new https.Agent({
rejectUnauthorized: false,
});
axiosConfig.httpsAgent = agent;
}
const response = await Axios.get(FRONT_URL, axiosConfig);
if (response.headers[ 'bstlyuserid' ]) {
userUuid = response.headers[ 'bstlyuserid' ];
}
const authToken = jwtTokenManager.createAuthToken(userUuid);
res.writeStatus("200 OK");
this.addCorsHeaders(res);
res.end(
JSON.stringify({
authToken,
userUuid,
})
);
}
const response = await Axios.get(FRONT_URL, axiosConfig);
if (response.headers[ 'bstlyuserid' ]) {
userUuid = response.headers[ 'bstlyuserid' ];
}
const authToken = jwtTokenManager.createAuthToken(userUuid);
res.writeStatus("200 OK");
this.addCorsHeaders(res);
res.end(
JSON.stringify({
authToken,
userUuid,
})
);
});
}