_Bastler/partey_workadventure
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

oidc improvments

Browse Source
This commit is contained in:
_Bastler 2022-02-16 09:16:40 +01:00
parent f2c90c5adc
commit c878dab09b
3 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pusher/src/Controller/AuthenticateController.ts
View File

@ -115,7 +115,7 @@ export class AuthenticateController extends BaseController {
if (!sub) {
throw new Error("No sub in the response");
}
const authToken = jwtTokenManager.createAuthToken(sub, userInfo?.access_token, userInfo?.username, userInfo.locale);
const authToken = jwtTokenManager.createAuthToken(sub, userInfo?.access_token, userInfo?.username, userInfo?.locale);
//Get user data from Admin Back Office
//This is very important to create User Local in LocalStorage in WorkAdventure

3
pusher/src/Enum/EnvironmentVariable.ts
View File

@ -19,6 +19,9 @@ export const OPID_CLIENT_SECRET = process.env.OPID_CLIENT_SECRET || "";
export const OPID_CLIENT_ISSUER = process.env.OPID_CLIENT_ISSUER || "";
export const OPID_CLIENT_REDIRECT_URL = process.env.OPID_CLIENT_REDIRECT_URL || FRONT_URL + "/jwt";
export const OPID_PROFILE_SCREEN_PROVIDER = process.env.OPID_PROFILE_SCREEN_PROVIDER || ADMIN_URL + "/profile";
export const OPID_ADDITIONAL_SCOPES = process.env.OPID_ADDITIONAL_SCOPES || "";
export const OPID_USERNAME_CLAIM = process.env.OPID_USERNAME_CLAIM || "username";
export const OPID_LOCALE_CLAIM = process.env.OPID_LOCALE_CLAIM || "locale";
export const DISABLE_ANONYMOUS: boolean = process.env.DISABLE_ANONYMOUS === "true";
export {

11
pusher/src/Services/OpenIDClient.ts
View File

@ -4,6 +4,9 @@ import {
OPID_CLIENT_SECRET,
OPID_CLIENT_ISSUER,
OPID_CLIENT_REDIRECT_URL,
OPID_ADDITIONAL_SCOPES,
OPID_USERNAME_CLAIM,
OPID_LOCALE_CLAIM,
} from "../Enum/EnvironmentVariable";
class OpenIDClient {
@ -26,7 +29,7 @@ class OpenIDClient {
public authorizationUrl(state: string, nonce: string, playUri?: string, redirect?: string) {
return this.initClient().then((client) => {
return client.authorizationUrl({
scope: "openid profile email",
scope: "openid email " + OPID_ADDITIONAL_SCOPES,
prompt: "login",
state: state,
nonce: nonce,
@ -36,7 +39,7 @@ class OpenIDClient {
});
}
public getUserInfo(code: string, nonce: string): Promise<{ email: string; sub: string; access_token: string; username: string, locale: string }> {
public getUserInfo(code: string, nonce: string): Promise<{ email: string; sub: string; access_token: string; username: string; locale: string }> {
return this.initClient().then((client) => {
return client.callback(OPID_CLIENT_REDIRECT_URL, { code }, { nonce }).then((tokenSet) => {
return client.userinfo(tokenSet).then((res) => {
@ -45,8 +48,8 @@ class OpenIDClient {
email: res.email as string,
sub: res.sub,
access_token: tokenSet.access_token as string,
username: (res.preferred_username || res.username || res.nickname || res.name || res.email) as string,
locale: res.locale as string,
username: (res[OPID_USERNAME_CLAIM]) as string,
locale: (res[OPID_LOCALE_CLAIM]) as string,
};
});
});