change to scope variable in enviroment

This commit is contained in:
Lurkars 2022-02-28 12:09:33 +01:00 committed by Gregoire Parant
parent 0a2bfc556f
commit c8047bf4fa
4 changed files with 8 additions and 5 deletions

View File

@ -76,7 +76,7 @@ services:
OPID_CLIENT_ISSUER: $OPID_CLIENT_ISSUER
OPID_CLIENT_REDIRECT_URL: $OPID_CLIENT_REDIRECT_URL
OPID_PROFILE_SCREEN_PROVIDER: $OPID_PROFILE_SCREEN_PROVIDER
OPID_ADDITIONAL_SCOPES: $OPID_ADDITIONAL_SCOPES
OPID_SCOPE: $OPID_SCOPE
OPID_USERNAME_CLAIM: $OPID_USERNAME_CLAIM
OPID_LOCALE_CLAIM: $OPID_LOCALE_CLAIM
DISABLE_ANONYMOUS: $DISABLE_ANONYMOUS

View File

@ -85,7 +85,7 @@ services:
OPID_CLIENT_ISSUER: $OPID_CLIENT_ISSUER
OPID_CLIENT_REDIRECT_URL: $OPID_CLIENT_REDIRECT_URL
OPID_PROFILE_SCREEN_PROVIDER: $OPID_PROFILE_SCREEN_PROVIDER
OPID_ADDITIONAL_SCOPES: $OPID_ADDITIONAL_SCOPES
OPID_SCOPE: $OPID_SCOPE
OPID_USERNAME_CLAIM: $OPID_USERNAME_CLAIM
OPID_LOCALE_CLAIM: $OPID_LOCALE_CLAIM
DISABLE_ANONYMOUS: $DISABLE_ANONYMOUS

View File

@ -18,7 +18,7 @@ export const OPID_CLIENT_SECRET = process.env.OPID_CLIENT_SECRET || "";
export const OPID_CLIENT_ISSUER = process.env.OPID_CLIENT_ISSUER || "";
export const OPID_CLIENT_REDIRECT_URL = process.env.OPID_CLIENT_REDIRECT_URL || FRONT_URL + "/jwt";
export const OPID_PROFILE_SCREEN_PROVIDER = process.env.OPID_PROFILE_SCREEN_PROVIDER || ADMIN_URL + "/profile";
export const OPID_ADDITIONAL_SCOPES = process.env.OPID_ADDITIONAL_SCOPES || "";
export const OPID_SCOPE = process.env.OPID_SCOPE || "openid email";
export const OPID_USERNAME_CLAIM = process.env.OPID_USERNAME_CLAIM || "username";
export const OPID_LOCALE_CLAIM = process.env.OPID_LOCALE_CLAIM || "locale";
export const DISABLE_ANONYMOUS: boolean = process.env.DISABLE_ANONYMOUS === "true";

View File

@ -6,7 +6,7 @@ import {
OPID_CLIENT_REDIRECT_URL,
OPID_USERNAME_CLAIM,
OPID_LOCALE_CLAIM,
OPID_ADDITIONAL_SCOPES,
OPID_SCOPE,
} from "../Enum/EnvironmentVariable";
class OpenIDClient {
@ -28,8 +28,11 @@ class OpenIDClient {
public authorizationUrl(state: string, nonce: string, playUri?: string, redirect?: string) {
return this.initClient().then((client) => {
if (!OPID_SCOPE.includes("email") || !OPID_SCOPE.includes("openid")) {
throw new Error("Invalid scope, 'email' and 'openid' are required in OPID_SCOPE.");
}
return client.authorizationUrl({
scope: "openid email " + OPID_ADDITIONAL_SCOPES,
scope: OPID_SCOPE,
prompt: "login",
state: state,
nonce: nonce,