Added Auth Services
This commit is contained in:
parent
860a29f626
commit
3569e689a9
|
@ -1,7 +1,7 @@
|
||||||
import { authClient } from '../helpers/auth_client'
|
import { authClient } from '../helpers/auth_client'
|
||||||
import { code_verifier } from './check'
|
import { code_verifier } from './signin'
|
||||||
|
|
||||||
export default async (session_state: string, code: string) => {
|
export const callback = async (session_state: string, code: string) => {
|
||||||
return authClient.callback(
|
return authClient.callback(
|
||||||
'http://localhost:4038/auth/signin/callback',
|
'http://localhost:4038/auth/signin/callback',
|
||||||
{ code_verifier, code, session_state, expires_in: '1d' },
|
{ code_verifier, code, session_state, expires_in: '1d' },
|
|
@ -0,0 +1,6 @@
|
||||||
|
export * from './callback'
|
||||||
|
export * from './refresh'
|
||||||
|
export * from './revoke'
|
||||||
|
export * from './signin'
|
||||||
|
export * from './introspect'
|
||||||
|
export * from './middleware'
|
|
@ -0,0 +1,32 @@
|
||||||
|
import { NextFunction, Response } from 'express'
|
||||||
|
import { authClient } from '../helpers/auth_client'
|
||||||
|
import { ModRequest } from '../types'
|
||||||
|
import { CustomError } from '../libs/error'
|
||||||
|
|
||||||
|
export const introspect = async (
|
||||||
|
req: ModRequest | any,
|
||||||
|
res: Response,
|
||||||
|
next: NextFunction
|
||||||
|
) => {
|
||||||
|
try {
|
||||||
|
const authHeader = req.headers?.authorization?.split(' ')
|
||||||
|
if (!authHeader) {
|
||||||
|
throw new Error('No authorization header')
|
||||||
|
}
|
||||||
|
const token: string = authHeader[1]
|
||||||
|
const decoded = await authClient.introspect(token)
|
||||||
|
|
||||||
|
if (!decoded) {
|
||||||
|
throw new Error('No user')
|
||||||
|
}
|
||||||
|
|
||||||
|
return decoded
|
||||||
|
} catch (err) {
|
||||||
|
next(
|
||||||
|
new CustomError({
|
||||||
|
message: 'Invalid token',
|
||||||
|
statusCode: 401,
|
||||||
|
})
|
||||||
|
)
|
||||||
|
}
|
||||||
|
}
|
|
@ -3,7 +3,7 @@ import { authClient } from '../helpers/auth_client'
|
||||||
import { ModRequest } from '../types'
|
import { ModRequest } from '../types'
|
||||||
import { CustomError } from '../libs/error'
|
import { CustomError } from '../libs/error'
|
||||||
|
|
||||||
const middleware = async (
|
export const middleware = async (
|
||||||
req: ModRequest | any,
|
req: ModRequest | any,
|
||||||
res: Response,
|
res: Response,
|
||||||
next: NextFunction
|
next: NextFunction
|
||||||
|
@ -14,6 +14,7 @@ const middleware = async (
|
||||||
throw new Error('No authorization header')
|
throw new Error('No authorization header')
|
||||||
}
|
}
|
||||||
const token: string = authHeader[1]
|
const token: string = authHeader[1]
|
||||||
|
const decoded = await authClient.introspect(token)
|
||||||
const user = await authClient.userinfo(token, {
|
const user = await authClient.userinfo(token, {
|
||||||
method: 'GET',
|
method: 'GET',
|
||||||
tokenType: 'Bearer',
|
tokenType: 'Bearer',
|
||||||
|
@ -22,7 +23,15 @@ const middleware = async (
|
||||||
},
|
},
|
||||||
via: 'header',
|
via: 'header',
|
||||||
})
|
})
|
||||||
req.user = user
|
|
||||||
|
if (!user) {
|
||||||
|
throw new Error('No user')
|
||||||
|
}
|
||||||
|
|
||||||
|
req.user = {
|
||||||
|
userData: user,
|
||||||
|
tokenData: decoded,
|
||||||
|
}
|
||||||
next()
|
next()
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
next(
|
next(
|
||||||
|
@ -33,5 +42,3 @@ const middleware = async (
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
export default middleware
|
|
||||||
|
|
|
@ -0,0 +1,31 @@
|
||||||
|
import { NextFunction, Response } from 'express'
|
||||||
|
import { authClient } from '../helpers/auth_client'
|
||||||
|
import { ModRequest } from '../types'
|
||||||
|
import { CustomError } from '../libs/error'
|
||||||
|
|
||||||
|
export const refresh = async (
|
||||||
|
req: ModRequest | any,
|
||||||
|
res: Response,
|
||||||
|
next: NextFunction
|
||||||
|
) => {
|
||||||
|
try {
|
||||||
|
const refreshToken: string = req.body?.refresh_token
|
||||||
|
if (!refreshToken) {
|
||||||
|
throw new Error('No refresh token provided !!')
|
||||||
|
}
|
||||||
|
const tokenData = await authClient.refresh(refreshToken)
|
||||||
|
|
||||||
|
if (!tokenData) {
|
||||||
|
throw new Error('No user')
|
||||||
|
}
|
||||||
|
|
||||||
|
return tokenData
|
||||||
|
} catch (err) {
|
||||||
|
next(
|
||||||
|
new CustomError({
|
||||||
|
message: 'Invalid refresh token',
|
||||||
|
statusCode: 401,
|
||||||
|
})
|
||||||
|
)
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,27 @@
|
||||||
|
import { NextFunction, Response } from 'express'
|
||||||
|
import { authClient } from '../helpers/auth_client'
|
||||||
|
import { ModRequest } from '../types'
|
||||||
|
import { CustomError } from '../libs/error'
|
||||||
|
|
||||||
|
export const revoke = async (
|
||||||
|
req: ModRequest | any,
|
||||||
|
res: Response,
|
||||||
|
next: NextFunction
|
||||||
|
) => {
|
||||||
|
try {
|
||||||
|
const authHeader = req.headers?.authorization?.split(' ')
|
||||||
|
if (!authHeader) {
|
||||||
|
throw new Error('No authorization header')
|
||||||
|
}
|
||||||
|
const token: string = authHeader[1]
|
||||||
|
await authClient.revoke(token)
|
||||||
|
return 'Token revoked! Logged out!'
|
||||||
|
} catch (err) {
|
||||||
|
next(
|
||||||
|
new CustomError({
|
||||||
|
message: 'Invalid token',
|
||||||
|
statusCode: 401,
|
||||||
|
})
|
||||||
|
)
|
||||||
|
}
|
||||||
|
}
|
|
@ -5,9 +5,9 @@ import { configKeys } from '..'
|
||||||
const code_verifier = generators.codeVerifier()
|
const code_verifier = generators.codeVerifier()
|
||||||
const code_challenge = generators.codeChallenge(code_verifier)
|
const code_challenge = generators.codeChallenge(code_verifier)
|
||||||
|
|
||||||
export default () => {
|
export const signon = () => {
|
||||||
const authurl = authClient.authorizationUrl({
|
const authurl = authClient.authorizationUrl({
|
||||||
scope: 'email profile openid',
|
scope: 'email profile openid roles',
|
||||||
code_challenge,
|
code_challenge,
|
||||||
code_challenge_method: 'S256',
|
code_challenge_method: 'S256',
|
||||||
client_id: configKeys.KEYCLOAK_CLIENT_ID,
|
client_id: configKeys.KEYCLOAK_CLIENT_ID,
|
|
@ -1,12 +1,11 @@
|
||||||
import { Request, Response } from 'express'
|
import { NextFunction, Request, Response } from 'express'
|
||||||
import { makeResponse } from '../libs'
|
import { makeResponse } from '../libs'
|
||||||
import check from '../auth/check'
|
|
||||||
import verify from '../auth/verify'
|
|
||||||
import { ModRequest } from '../types'
|
import { ModRequest } from '../types'
|
||||||
|
import { callback, introspect, refresh, signon, revoke } from '../auth/index'
|
||||||
|
|
||||||
export default class AuthController {
|
export default class AuthController {
|
||||||
public signin = (req: Request, res: Response) => {
|
public signin = (req: Request, res: Response) => {
|
||||||
const { authurl } = check()
|
const { authurl } = signon()
|
||||||
res.redirect(authurl)
|
res.redirect(authurl)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -15,10 +14,30 @@ export default class AuthController {
|
||||||
session_state: string
|
session_state: string
|
||||||
code: string
|
code: string
|
||||||
}
|
}
|
||||||
res.send(makeResponse(await verify(session_state, code)))
|
res.send(makeResponse(await callback(session_state, code)))
|
||||||
}
|
}
|
||||||
|
|
||||||
public me = (req: ModRequest, res: Response) => {
|
public me = (req: ModRequest, res: Response) => {
|
||||||
res.send(makeResponse(req.user))
|
res.send(makeResponse(req.user.userData))
|
||||||
|
}
|
||||||
|
|
||||||
|
public logout = async (req: Request, res: Response, next: NextFunction) => {
|
||||||
|
res.send(makeResponse(await revoke(req, res, next)))
|
||||||
|
}
|
||||||
|
|
||||||
|
public refresh = async (
|
||||||
|
req: Request,
|
||||||
|
res: Response,
|
||||||
|
next: NextFunction
|
||||||
|
) => {
|
||||||
|
res.send(makeResponse(await refresh(req, res, next)))
|
||||||
|
}
|
||||||
|
|
||||||
|
public introspect = async (
|
||||||
|
req: Request,
|
||||||
|
res: Response,
|
||||||
|
next: NextFunction
|
||||||
|
) => {
|
||||||
|
res.send(makeResponse(await introspect(req, res, next)))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
import { Router } from 'express'
|
import { Router } from 'express'
|
||||||
import AuthController from '../controllers/auth.controller'
|
import AuthController from '../controllers/auth.controller'
|
||||||
import middleware from '../auth/middleware'
|
import { middleware } from '../auth'
|
||||||
|
|
||||||
const router = Router()
|
const router = Router()
|
||||||
const authController = new AuthController()
|
const authController = new AuthController()
|
||||||
|
@ -11,6 +11,12 @@ router.get('/signin/callback', authController.callback)
|
||||||
|
|
||||||
router.get('/me', middleware, authController.me as any)
|
router.get('/me', middleware, authController.me as any)
|
||||||
|
|
||||||
|
router.get('/logout', middleware, authController.logout as any)
|
||||||
|
|
||||||
|
router.get('/refresh', middleware, authController.refresh as any)
|
||||||
|
|
||||||
|
router.get('/introspect', middleware, authController.introspect as any)
|
||||||
|
|
||||||
router.get('/', function (req, res) {
|
router.get('/', function (req, res) {
|
||||||
res.render('pages/auth')
|
res.render('pages/auth')
|
||||||
})
|
})
|
||||||
|
|
Loading…
Reference in New Issue