@restorecommerce/facade 1.2.0 → 1.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.eslintignore +3 -0
- package/.eslintrc.cjs +13 -0
- package/CHANGELOG.md +11 -0
- package/codegen/index.d.ts +1 -1
- package/codegen/index.js +18 -44
- package/debug-run.ts +7 -6
- package/dist/gql/index.d.ts +1 -1
- package/dist/gql/index.js +1 -17
- package/dist/gql/protos/federation.d.ts +3 -3
- package/dist/gql/protos/federation.js +16 -24
- package/dist/gql/protos/graphql.d.ts +4 -4
- package/dist/gql/protos/graphql.js +64 -42
- package/dist/gql/protos/index.d.ts +6 -6
- package/dist/gql/protos/index.js +6 -22
- package/dist/gql/protos/registry.d.ts +6 -6
- package/dist/gql/protos/registry.js +157 -176
- package/dist/gql/protos/resolvers.d.ts +3 -3
- package/dist/gql/protos/resolvers.js +78 -104
- package/dist/gql/protos/schema.d.ts +4 -4
- package/dist/gql/protos/schema.js +40 -53
- package/dist/gql/protos/types.d.ts +3 -3
- package/dist/gql/protos/types.js +1 -4
- package/dist/gql/protos/utils.d.ts +3 -3
- package/dist/gql/protos/utils.js +23 -62
- package/dist/gql/types/AccessControlTypes.js +13 -16
- package/dist/gql/types/DateType.js +4 -7
- package/dist/gql/types/FilterType.js +7 -10
- package/dist/gql/types/MetaType.js +8 -11
- package/dist/gql/types/ScopeType.js +4 -7
- package/dist/gql/types/SortType.js +5 -8
- package/dist/gql/types/StatusType.js +4 -7
- package/dist/gql/types/index.d.ts +7 -7
- package/dist/gql/types/index.js +7 -23
- package/dist/index.d.ts +14 -14
- package/dist/index.js +195 -207
- package/dist/interfaces.d.ts +8 -8
- package/dist/interfaces.js +1 -2
- package/dist/middlewares/index.d.ts +1 -1
- package/dist/middlewares/index.js +1 -17
- package/dist/middlewares/req-res-logger/index.d.ts +2 -2
- package/dist/middlewares/req-res-logger/index.js +33 -31
- package/dist/modules/access-control/gql/federation.d.ts +1 -1
- package/dist/modules/access-control/gql/federation.js +10 -17
- package/dist/modules/access-control/gql/schema.d.ts +1 -1
- package/dist/modules/access-control/gql/schema.generated.d.ts +136 -110
- package/dist/modules/access-control/gql/schema.generated.js +22 -25
- package/dist/modules/access-control/gql/schema.js +5 -9
- package/dist/modules/access-control/gql/types.d.ts +2 -2
- package/dist/modules/access-control/gql/types.js +13 -17
- package/dist/modules/access-control/grpc/index.d.ts +5 -5
- package/dist/modules/access-control/grpc/index.js +10 -14
- package/dist/modules/access-control/index.d.ts +2 -2
- package/dist/modules/access-control/index.js +20 -17
- package/dist/modules/access-control/interfaces.d.ts +3 -3
- package/dist/modules/access-control/interfaces.js +1 -4
- package/dist/modules/catalog/gql/federation.d.ts +1 -1
- package/dist/modules/catalog/gql/federation.js +10 -17
- package/dist/modules/catalog/gql/schema.d.ts +1 -1
- package/dist/modules/catalog/gql/schema.generated.d.ts +252 -226
- package/dist/modules/catalog/gql/schema.generated.js +20 -23
- package/dist/modules/catalog/gql/schema.js +5 -9
- package/dist/modules/catalog/gql/types.d.ts +2 -2
- package/dist/modules/catalog/gql/types.js +15 -19
- package/dist/modules/catalog/grpc/index.d.ts +6 -6
- package/dist/modules/catalog/grpc/index.js +12 -16
- package/dist/modules/catalog/index.d.ts +2 -2
- package/dist/modules/catalog/index.js +20 -17
- package/dist/modules/catalog/interfaces.d.ts +3 -3
- package/dist/modules/catalog/interfaces.js +1 -4
- package/dist/modules/facade-status/gql/index.js +8 -14
- package/dist/modules/facade-status/gql/resolvers.d.ts +1 -1
- package/dist/modules/facade-status/gql/resolvers.js +14 -8
- package/dist/modules/facade-status/gql/schema.d.ts +1 -1
- package/dist/modules/facade-status/gql/schema.generated.d.ts +34 -11
- package/dist/modules/facade-status/gql/schema.generated.js +1 -2
- package/dist/modules/facade-status/gql/schema.js +6 -9
- package/dist/modules/facade-status/gql/types.js +3 -6
- package/dist/modules/facade-status/index.d.ts +1 -1
- package/dist/modules/facade-status/index.js +4 -7
- package/dist/modules/facade-status/interfaces.d.ts +1 -1
- package/dist/modules/facade-status/interfaces.js +1 -2
- package/dist/modules/fulfillment/gql/federation.d.ts +1 -1
- package/dist/modules/fulfillment/gql/federation.js +10 -17
- package/dist/modules/fulfillment/gql/schema.d.ts +1 -1
- package/dist/modules/fulfillment/gql/schema.generated.d.ts +249 -223
- package/dist/modules/fulfillment/gql/schema.generated.js +20 -23
- package/dist/modules/fulfillment/gql/schema.js +5 -9
- package/dist/modules/fulfillment/gql/types.d.ts +2 -2
- package/dist/modules/fulfillment/gql/types.js +11 -15
- package/dist/modules/fulfillment/grpc/index.d.ts +3 -3
- package/dist/modules/fulfillment/grpc/index.js +6 -10
- package/dist/modules/fulfillment/index.d.ts +2 -2
- package/dist/modules/fulfillment/index.js +20 -17
- package/dist/modules/fulfillment/interfaces.d.ts +3 -3
- package/dist/modules/fulfillment/interfaces.js +1 -4
- package/dist/modules/identity/api-key/api-key.d.ts +2 -2
- package/dist/modules/identity/api-key/api-key.js +45 -65
- package/dist/modules/identity/gql/federation.d.ts +2 -2
- package/dist/modules/identity/gql/federation.js +5 -9
- package/dist/modules/identity/gql/schema.d.ts +1 -1
- package/dist/modules/identity/gql/schema.generated.d.ts +284 -255
- package/dist/modules/identity/gql/schema.generated.js +20 -23
- package/dist/modules/identity/gql/schema.js +5 -9
- package/dist/modules/identity/gql/types.d.ts +2 -2
- package/dist/modules/identity/gql/types.js +17 -21
- package/dist/modules/identity/grpc/index.d.ts +6 -6
- package/dist/modules/identity/grpc/index.js +12 -16
- package/dist/modules/identity/index.d.ts +4 -4
- package/dist/modules/identity/index.js +24 -21
- package/dist/modules/identity/interfaces.d.ts +5 -5
- package/dist/modules/identity/interfaces.js +1 -4
- package/dist/modules/identity/oauth/oauth.d.ts +4 -4
- package/dist/modules/identity/oauth/oauth.js +109 -135
- package/dist/modules/identity/oidc/adapter.d.ts +3 -3
- package/dist/modules/identity/oidc/adapter.js +111 -92
- package/dist/modules/identity/oidc/in-memory-adapter.d.ts +1 -1
- package/dist/modules/identity/oidc/in-memory-adapter.js +64 -50
- package/dist/modules/identity/oidc/index.d.ts +6 -6
- package/dist/modules/identity/oidc/index.js +29 -30
- package/dist/modules/identity/oidc/interfaces.d.ts +6 -6
- package/dist/modules/identity/oidc/interfaces.js +2 -6
- package/dist/modules/identity/oidc/password-grant.d.ts +1 -1
- package/dist/modules/identity/oidc/password-grant.js +43 -66
- package/dist/modules/identity/oidc/router.d.ts +6 -6
- package/dist/modules/identity/oidc/router.js +31 -26
- package/dist/modules/identity/oidc/templates.d.ts +1 -1
- package/dist/modules/identity/oidc/templates.js +45 -41
- package/dist/modules/identity/oidc/user.d.ts +4 -4
- package/dist/modules/identity/oidc/user.js +31 -29
- package/dist/modules/identity/oidc/utils.d.ts +2 -2
- package/dist/modules/identity/oidc/utils.js +6 -13
- package/dist/modules/index.d.ts +13 -13
- package/dist/modules/index.js +13 -29
- package/dist/modules/indexing/gql/federation.d.ts +1 -1
- package/dist/modules/indexing/gql/federation.js +10 -17
- package/dist/modules/indexing/gql/schema.d.ts +1 -1
- package/dist/modules/indexing/gql/schema.generated.d.ts +45 -19
- package/dist/modules/indexing/gql/schema.generated.js +2 -5
- package/dist/modules/indexing/gql/schema.js +5 -9
- package/dist/modules/indexing/gql/types.d.ts +2 -2
- package/dist/modules/indexing/gql/types.js +7 -11
- package/dist/modules/indexing/grpc/index.d.ts +2 -2
- package/dist/modules/indexing/grpc/index.js +4 -8
- package/dist/modules/indexing/index.d.ts +2 -2
- package/dist/modules/indexing/index.js +20 -17
- package/dist/modules/indexing/interfaces.d.ts +3 -3
- package/dist/modules/indexing/interfaces.js +1 -4
- package/dist/modules/invoicing/gql/federation.d.ts +1 -1
- package/dist/modules/invoicing/gql/federation.js +10 -17
- package/dist/modules/invoicing/gql/schema.d.ts +1 -1
- package/dist/modules/invoicing/gql/schema.generated.d.ts +209 -183
- package/dist/modules/invoicing/gql/schema.generated.js +20 -23
- package/dist/modules/invoicing/gql/schema.js +5 -9
- package/dist/modules/invoicing/gql/types.d.ts +2 -2
- package/dist/modules/invoicing/gql/types.js +7 -11
- package/dist/modules/invoicing/grpc/index.d.ts +2 -2
- package/dist/modules/invoicing/grpc/index.js +4 -8
- package/dist/modules/invoicing/index.d.ts +2 -2
- package/dist/modules/invoicing/index.js +20 -17
- package/dist/modules/invoicing/interfaces.d.ts +3 -3
- package/dist/modules/invoicing/interfaces.js +1 -4
- package/dist/modules/notification/gql/federation.d.ts +1 -1
- package/dist/modules/notification/gql/federation.js +10 -17
- package/dist/modules/notification/gql/schema.d.ts +1 -1
- package/dist/modules/notification/gql/schema.generated.d.ts +100 -74
- package/dist/modules/notification/gql/schema.generated.js +18 -21
- package/dist/modules/notification/gql/schema.js +5 -9
- package/dist/modules/notification/gql/types.d.ts +2 -2
- package/dist/modules/notification/gql/types.js +7 -11
- package/dist/modules/notification/grpc/index.d.ts +2 -2
- package/dist/modules/notification/grpc/index.js +4 -8
- package/dist/modules/notification/index.d.ts +2 -2
- package/dist/modules/notification/index.js +20 -17
- package/dist/modules/notification/interfaces.d.ts +3 -3
- package/dist/modules/notification/interfaces.js +1 -4
- package/dist/modules/ordering/gql/federation.d.ts +1 -1
- package/dist/modules/ordering/gql/federation.js +10 -17
- package/dist/modules/ordering/gql/schema.d.ts +1 -1
- package/dist/modules/ordering/gql/schema.generated.d.ts +221 -195
- package/dist/modules/ordering/gql/schema.generated.js +22 -25
- package/dist/modules/ordering/gql/schema.js +5 -9
- package/dist/modules/ordering/gql/types.d.ts +2 -2
- package/dist/modules/ordering/gql/types.js +7 -11
- package/dist/modules/ordering/grpc/index.d.ts +2 -2
- package/dist/modules/ordering/grpc/index.js +4 -8
- package/dist/modules/ordering/index.d.ts +2 -2
- package/dist/modules/ordering/index.js +20 -17
- package/dist/modules/ordering/interfaces.d.ts +3 -3
- package/dist/modules/ordering/interfaces.js +1 -4
- package/dist/modules/ostorage/gql/federation.d.ts +1 -1
- package/dist/modules/ostorage/gql/federation.js +10 -17
- package/dist/modules/ostorage/gql/schema.d.ts +1 -1
- package/dist/modules/ostorage/gql/schema.generated.d.ts +126 -94
- package/dist/modules/ostorage/gql/schema.generated.js +8 -11
- package/dist/modules/ostorage/gql/schema.js +5 -9
- package/dist/modules/ostorage/gql/types.d.ts +2 -2
- package/dist/modules/ostorage/gql/types.js +7 -11
- package/dist/modules/ostorage/grpc/index.d.ts +2 -2
- package/dist/modules/ostorage/grpc/index.js +4 -8
- package/dist/modules/ostorage/index.d.ts +2 -2
- package/dist/modules/ostorage/index.js +20 -17
- package/dist/modules/ostorage/interfaces.d.ts +3 -3
- package/dist/modules/ostorage/interfaces.js +1 -4
- package/dist/modules/payment/gql/federation.d.ts +1 -1
- package/dist/modules/payment/gql/federation.js +10 -17
- package/dist/modules/payment/gql/schema.d.ts +1 -1
- package/dist/modules/payment/gql/schema.generated.d.ts +67 -44
- package/dist/modules/payment/gql/schema.generated.js +4 -7
- package/dist/modules/payment/gql/schema.js +5 -9
- package/dist/modules/payment/gql/types.d.ts +2 -2
- package/dist/modules/payment/gql/types.js +7 -11
- package/dist/modules/payment/grpc/index.d.ts +2 -2
- package/dist/modules/payment/grpc/index.js +4 -8
- package/dist/modules/payment/index.d.ts +2 -2
- package/dist/modules/payment/index.js +20 -17
- package/dist/modules/payment/interfaces.d.ts +3 -3
- package/dist/modules/payment/interfaces.js +1 -4
- package/dist/modules/resource/gql/federation.d.ts +1 -1
- package/dist/modules/resource/gql/federation.js +10 -17
- package/dist/modules/resource/gql/schema.d.ts +1 -1
- package/dist/modules/resource/gql/schema.generated.d.ts +348 -322
- package/dist/modules/resource/gql/schema.generated.js +28 -31
- package/dist/modules/resource/gql/schema.js +5 -9
- package/dist/modules/resource/gql/types.d.ts +2 -2
- package/dist/modules/resource/gql/types.js +31 -35
- package/dist/modules/resource/grpc/index.d.ts +13 -13
- package/dist/modules/resource/grpc/index.js +28 -32
- package/dist/modules/resource/index.d.ts +2 -2
- package/dist/modules/resource/index.js +20 -17
- package/dist/modules/resource/interfaces.d.ts +3 -3
- package/dist/modules/resource/interfaces.js +1 -4
- package/dist/modules/scheduling/gql/federation.d.ts +1 -1
- package/dist/modules/scheduling/gql/federation.js +10 -17
- package/dist/modules/scheduling/gql/schema.d.ts +1 -1
- package/dist/modules/scheduling/gql/schema.generated.d.ts +109 -83
- package/dist/modules/scheduling/gql/schema.generated.js +10 -13
- package/dist/modules/scheduling/gql/schema.js +5 -9
- package/dist/modules/scheduling/gql/types.d.ts +2 -2
- package/dist/modules/scheduling/gql/types.js +7 -11
- package/dist/modules/scheduling/grpc/index.d.ts +2 -2
- package/dist/modules/scheduling/grpc/index.js +4 -8
- package/dist/modules/scheduling/index.d.ts +2 -2
- package/dist/modules/scheduling/index.js +20 -17
- package/dist/modules/scheduling/interfaces.d.ts +3 -3
- package/dist/modules/scheduling/interfaces.js +1 -4
- package/dist/utils.d.ts +3 -3
- package/dist/utils.js +4 -9
- package/generate.ts +42 -42
- package/jest.config.cjs +23 -0
- package/package.json +17 -12
- package/tsconfig-base.json +8 -0
- package/tsconfig.debug.json +5 -1
- package/tsconfig.test.json +17 -2
- package/jest.config.js +0 -14
|
@@ -1,71 +1,85 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
return (
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
4
9
|
};
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
const utils_1 = require("./utils");
|
|
9
|
-
class InMemoryAdapter {
|
|
10
|
+
import LRU from 'lru-cache';
|
|
11
|
+
import { epochTime } from './utils.js';
|
|
12
|
+
export class InMemoryAdapter {
|
|
10
13
|
constructor(type) {
|
|
11
14
|
this.type = type;
|
|
12
|
-
this.tokenStorage = new
|
|
13
|
-
this.sessionStorage = new
|
|
14
|
-
this.grantIdStorage = new
|
|
15
|
+
this.tokenStorage = new LRU({ max: 1000 });
|
|
16
|
+
this.sessionStorage = new LRU({ max: 1000 });
|
|
17
|
+
this.grantIdStorage = new LRU({ max: 1000 });
|
|
15
18
|
}
|
|
16
19
|
key(id) {
|
|
17
20
|
return `${this.type}:${id}`;
|
|
18
21
|
}
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
this.
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
const grant = this.grantIdStorage.get(grantId);
|
|
30
|
-
if (!grant) {
|
|
22
|
+
upsert(id, payload, expiresIn) {
|
|
23
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
24
|
+
const key = this.key(id);
|
|
25
|
+
if (this.type === 'Session' && payload.uid) {
|
|
26
|
+
this.sessionStorage.set(payload.uid, id, {
|
|
27
|
+
ttl: expiresIn * 1000
|
|
28
|
+
});
|
|
29
|
+
}
|
|
30
|
+
const { grantId, userCode } = payload;
|
|
31
|
+
if (grantId) {
|
|
31
32
|
this.grantIdStorage.set(grantId, [key]);
|
|
33
|
+
const grant = this.grantIdStorage.get(grantId);
|
|
34
|
+
if (!grant) {
|
|
35
|
+
this.grantIdStorage.set(grantId, [key]);
|
|
36
|
+
}
|
|
37
|
+
else {
|
|
38
|
+
grant.push(key);
|
|
39
|
+
}
|
|
32
40
|
}
|
|
33
|
-
|
|
34
|
-
|
|
41
|
+
if (userCode) {
|
|
42
|
+
throw 'UNSUPPORTED';
|
|
35
43
|
}
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
}
|
|
40
|
-
this.tokenStorage.set(key, payload, {
|
|
41
|
-
ttl: expiresIn * 1000
|
|
44
|
+
this.tokenStorage.set(key, payload, {
|
|
45
|
+
ttl: expiresIn * 1000
|
|
46
|
+
});
|
|
42
47
|
});
|
|
43
48
|
}
|
|
44
49
|
findByUserCode(userCode) {
|
|
45
50
|
throw new Error('UNSUPPORTED');
|
|
46
51
|
}
|
|
47
|
-
|
|
48
|
-
return
|
|
52
|
+
find(id) {
|
|
53
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
54
|
+
return this.tokenStorage.get(this.key(id));
|
|
55
|
+
});
|
|
49
56
|
}
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
57
|
+
findByUid(uid) {
|
|
58
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
59
|
+
const id = yield this.sessionStorage.get(uid);
|
|
60
|
+
return id ? this.find(id) : undefined;
|
|
61
|
+
});
|
|
53
62
|
}
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
63
|
+
consume(id) {
|
|
64
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
65
|
+
const payload = this.tokenStorage.get(this.key(id));
|
|
66
|
+
if (payload) {
|
|
67
|
+
payload.consumed = epochTime();
|
|
68
|
+
}
|
|
69
|
+
});
|
|
59
70
|
}
|
|
60
|
-
|
|
61
|
-
|
|
71
|
+
destroy(id) {
|
|
72
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
73
|
+
this.tokenStorage.del(this.key(id));
|
|
74
|
+
});
|
|
62
75
|
}
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
grant
|
|
67
|
-
|
|
68
|
-
|
|
76
|
+
revokeByGrantId(grantId) {
|
|
77
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
78
|
+
const grant = this.grantIdStorage.get(grantId);
|
|
79
|
+
if (grant) {
|
|
80
|
+
grant.forEach((token) => this.tokenStorage.del(token));
|
|
81
|
+
this.grantIdStorage.del(grantId);
|
|
82
|
+
}
|
|
83
|
+
});
|
|
69
84
|
}
|
|
70
85
|
}
|
|
71
|
-
exports.InMemoryAdapter = InMemoryAdapter;
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
/// <reference types="koa-router" />
|
|
2
2
|
import Provider from 'oidc-provider';
|
|
3
|
-
import { Logger } from 'winston';
|
|
4
|
-
import { IdentityContext } from '../interfaces';
|
|
5
|
-
import { OIDCConfig } from './interfaces';
|
|
6
|
-
import { IdentitySrvGrpcClient } from
|
|
7
|
-
export { OIDCConfig };
|
|
8
|
-
export { createOIDCRouter, CreateOIDCRouterArgs } from './router';
|
|
3
|
+
import { type Logger } from 'winston';
|
|
4
|
+
import { type IdentityContext } from '../interfaces.js';
|
|
5
|
+
import type { OIDCConfig } from './interfaces.js';
|
|
6
|
+
import { type IdentitySrvGrpcClient } from '../grpc/index.js';
|
|
7
|
+
export type { OIDCConfig };
|
|
8
|
+
export { createOIDCRouter, type CreateOIDCRouterArgs } from './router.js';
|
|
9
9
|
export interface CreateOIDCArgs {
|
|
10
10
|
logger: Logger;
|
|
11
11
|
identitySrvClient: IdentitySrvGrpcClient;
|
|
@@ -1,20 +1,22 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
return (
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
4
9
|
};
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
var router_2 = require("./router");
|
|
13
|
-
Object.defineProperty(exports, "createOIDCRouter", { enumerable: true, get: function () { return router_2.createOIDCRouter; } });
|
|
14
|
-
function createOIDC({ identitySrvClient, env, logger, config: { loginFn, post_logout_redirect_uris, localTokenServiceFactory, remoteTokenService, cookies, redirect_uris, client_id, client_secret, issuer, jwks, templates } }) {
|
|
10
|
+
import Provider from 'oidc-provider';
|
|
11
|
+
import { createOIDCRouter } from './router.js';
|
|
12
|
+
import { createIdentityServiceAdapterClass } from './adapter.js';
|
|
13
|
+
import { findUserById, loginUserBody, loginUserCredentials } from './user.js';
|
|
14
|
+
import { registerPasswordGrantType } from './password-grant.js';
|
|
15
|
+
export { createOIDCRouter } from './router.js';
|
|
16
|
+
export function createOIDC({ identitySrvClient, env, logger, config: { loginFn, post_logout_redirect_uris, localTokenServiceFactory, remoteTokenService, cookies, redirect_uris, client_id, client_secret, issuer, jwks, templates } }) {
|
|
15
17
|
var _a, _b;
|
|
16
|
-
const adapterClass =
|
|
17
|
-
const provider = new
|
|
18
|
+
const adapterClass = createIdentityServiceAdapterClass(remoteTokenService !== null && remoteTokenService !== void 0 ? remoteTokenService : identitySrvClient.token, logger, localTokenServiceFactory);
|
|
19
|
+
const provider = new Provider(issuer, {
|
|
18
20
|
adapter: adapterClass,
|
|
19
21
|
clients: [{
|
|
20
22
|
post_logout_redirect_uris,
|
|
@@ -45,15 +47,15 @@ function createOIDC({ identitySrvClient, env, logger, config: { loginFn, post_lo
|
|
|
45
47
|
// oidc-provider only looks up the accounts by their ID when it has to read the claims,
|
|
46
48
|
// passing it our Account model method is sufficient, it should return a Promise that resolves
|
|
47
49
|
// with an object with accountId property and a claims method.
|
|
48
|
-
findAccount:
|
|
49
|
-
var
|
|
50
|
+
findAccount: (ctx, id) => __awaiter(this, void 0, void 0, function* () {
|
|
51
|
+
var _c;
|
|
50
52
|
try {
|
|
51
|
-
const userService = (
|
|
53
|
+
const userService = (_c = ctx === null || ctx === void 0 ? void 0 : ctx.identitySrvClient) === null || _c === void 0 ? void 0 : _c.user;
|
|
52
54
|
return {
|
|
53
55
|
accountId: id,
|
|
54
|
-
claims:
|
|
56
|
+
claims: (use, scope) => __awaiter(this, void 0, void 0, function* () {
|
|
55
57
|
try {
|
|
56
|
-
const user =
|
|
58
|
+
const user = yield findUserById(userService, id);
|
|
57
59
|
return {
|
|
58
60
|
sub: id,
|
|
59
61
|
data: user
|
|
@@ -68,13 +70,13 @@ function createOIDC({ identitySrvClient, env, logger, config: { loginFn, post_lo
|
|
|
68
70
|
}
|
|
69
71
|
};
|
|
70
72
|
}
|
|
71
|
-
},
|
|
73
|
+
}),
|
|
72
74
|
};
|
|
73
75
|
}
|
|
74
76
|
catch (error) {
|
|
75
77
|
logger.error('OIDC findAccount error', error);
|
|
76
78
|
}
|
|
77
|
-
},
|
|
79
|
+
}),
|
|
78
80
|
claims: {
|
|
79
81
|
acr: null,
|
|
80
82
|
sid: null,
|
|
@@ -96,9 +98,7 @@ function createOIDC({ identitySrvClient, env, logger, config: { loginFn, post_lo
|
|
|
96
98
|
// don't run into weird issues with multiple interactions open
|
|
97
99
|
// at a time.
|
|
98
100
|
interactions: {
|
|
99
|
-
url(ctx) {
|
|
100
|
-
return `/interaction/${ctx.oidc.uid}`;
|
|
101
|
-
},
|
|
101
|
+
url: (ctx) => `/interaction/${ctx.oidc.uid}`,
|
|
102
102
|
},
|
|
103
103
|
features: {
|
|
104
104
|
introspection: {
|
|
@@ -115,16 +115,16 @@ function createOIDC({ identitySrvClient, env, logger, config: { loginFn, post_lo
|
|
|
115
115
|
});
|
|
116
116
|
// Disabled due to playground being disabled
|
|
117
117
|
// provider.use(helmet());
|
|
118
|
-
const router =
|
|
119
|
-
loginFn: loginFn !== null && loginFn !== void 0 ? loginFn :
|
|
118
|
+
const router = createOIDCRouter({
|
|
119
|
+
loginFn: loginFn !== null && loginFn !== void 0 ? loginFn : loginUserBody,
|
|
120
120
|
templates,
|
|
121
121
|
logger,
|
|
122
122
|
provider,
|
|
123
123
|
env,
|
|
124
124
|
});
|
|
125
|
-
|
|
125
|
+
registerPasswordGrantType({
|
|
126
126
|
authLogService: identitySrvClient.authentication_log,
|
|
127
|
-
authenticate:
|
|
127
|
+
authenticate: loginUserCredentials,
|
|
128
128
|
provider
|
|
129
129
|
});
|
|
130
130
|
// Disable forbidding redirect to http/localhost in dev mode
|
|
@@ -145,4 +145,3 @@ function createOIDC({ identitySrvClient, env, logger, config: { loginFn, post_lo
|
|
|
145
145
|
router
|
|
146
146
|
};
|
|
147
147
|
}
|
|
148
|
-
exports.createOIDC = createOIDC;
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
import { Adapter, errors } from 'oidc-provider';
|
|
2
|
-
import Provider from 'oidc-provider';
|
|
3
|
-
import { IdentityContext } from '../interfaces';
|
|
4
|
-
import { AuthenticationLogServiceClient as authLogService } from '@restorecommerce/rc-grpc-clients/dist/generated/io/restorecommerce/authentication_log';
|
|
5
|
-
import { TokenServiceClient as tokenService } from
|
|
6
|
-
import { User } from
|
|
1
|
+
import { type Adapter, errors } from 'oidc-provider';
|
|
2
|
+
import type Provider from 'oidc-provider';
|
|
3
|
+
import { type IdentityContext } from '../interfaces.js';
|
|
4
|
+
import { type AuthenticationLogServiceClient as authLogService } from '@restorecommerce/rc-grpc-clients/dist/generated/io/restorecommerce/authentication_log.js';
|
|
5
|
+
import { type TokenServiceClient as tokenService } from '@restorecommerce/rc-grpc-clients/dist/generated/io/restorecommerce/token.js';
|
|
6
|
+
import { type User } from '@restorecommerce/rc-grpc-clients/dist/generated/io/restorecommerce/user.js';
|
|
7
7
|
export interface OIDCHbsTemplates {
|
|
8
8
|
login?: string;
|
|
9
9
|
layout?: string;
|
|
@@ -1,11 +1,7 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
exports.InvalidPasswordGrant = void 0;
|
|
4
|
-
const oidc_provider_1 = require("oidc-provider");
|
|
5
|
-
class InvalidPasswordGrant extends oidc_provider_1.errors.InvalidGrant {
|
|
1
|
+
import { errors } from 'oidc-provider';
|
|
2
|
+
export class InvalidPasswordGrant extends errors.InvalidGrant {
|
|
6
3
|
constructor(detail) {
|
|
7
4
|
super('invalid_password_grant');
|
|
8
5
|
Object.assign(this, { error_description: detail, error_detail: detail });
|
|
9
6
|
}
|
|
10
7
|
}
|
|
11
|
-
exports.InvalidPasswordGrant = InvalidPasswordGrant;
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
import { OIDCPasswordGrantTypeConfig } from './interfaces';
|
|
1
|
+
import { type OIDCPasswordGrantTypeConfig } from './interfaces.js';
|
|
2
2
|
export declare const registerPasswordGrantType: (config: OIDCPasswordGrantTypeConfig) => void;
|
|
@@ -1,59 +1,42 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
-
}) : function(o, v) {
|
|
16
|
-
o["default"] = v;
|
|
17
|
-
});
|
|
18
|
-
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
-
if (mod && mod.__esModule) return mod;
|
|
20
|
-
var result = {};
|
|
21
|
-
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
-
__setModuleDefault(result, mod);
|
|
23
|
-
return result;
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
24
9
|
};
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
const
|
|
33
|
-
const
|
|
34
|
-
const registerPasswordGrantType = (config) => {
|
|
35
|
-
const performPasswordGrant = async (ctx, clientId, identifier, password, key) => {
|
|
10
|
+
import { InvalidPasswordGrant } from './interfaces.js';
|
|
11
|
+
import { nanoid, epochTime } from './utils.js';
|
|
12
|
+
import * as useragent from 'useragent';
|
|
13
|
+
import * as uuid from 'uuid';
|
|
14
|
+
import * as requestIp from 'request-ip';
|
|
15
|
+
import { AuthenticationLog, AuthenticationLogList } from '@restorecommerce/rc-grpc-clients/dist/generated/io/restorecommerce/authentication_log.js';
|
|
16
|
+
import { Subject } from '@restorecommerce/rc-grpc-clients/dist/generated/io/restorecommerce/auth.js';
|
|
17
|
+
export const registerPasswordGrantType = (config) => {
|
|
18
|
+
const performPasswordGrant = (ctx, clientId, identifier, password, key) => __awaiter(void 0, void 0, void 0, function* () {
|
|
36
19
|
var _a, _b;
|
|
37
|
-
const client =
|
|
20
|
+
const client = yield ctx.oidc.provider.Client.find(clientId);
|
|
38
21
|
let account;
|
|
39
22
|
try {
|
|
40
23
|
let user = {
|
|
41
24
|
identifier,
|
|
42
25
|
[key]: password
|
|
43
26
|
};
|
|
44
|
-
account =
|
|
27
|
+
account = yield config.authenticate(ctx, user);
|
|
45
28
|
}
|
|
46
29
|
catch (err) {
|
|
47
30
|
if (err.details && err.details.includes(':')) {
|
|
48
31
|
err.details = err.details.split(':')[1].trim();
|
|
49
32
|
}
|
|
50
|
-
throw new
|
|
33
|
+
throw new InvalidPasswordGrant(err.details);
|
|
51
34
|
}
|
|
52
35
|
if (!account || !account.user) {
|
|
53
36
|
if (account.error && account.error.message) {
|
|
54
|
-
throw new
|
|
37
|
+
throw new InvalidPasswordGrant('invalid credentials provided: ' + account.error.message);
|
|
55
38
|
}
|
|
56
|
-
throw new
|
|
39
|
+
throw new InvalidPasswordGrant('invalid credentials provided');
|
|
57
40
|
}
|
|
58
41
|
let expiresIn = config.tokenExpiration;
|
|
59
42
|
if (!expiresIn) {
|
|
@@ -80,44 +63,39 @@ const registerPasswordGrantType = (config) => {
|
|
|
80
63
|
expiresIn
|
|
81
64
|
});
|
|
82
65
|
ctx.oidc.entity('AccessToken', at);
|
|
83
|
-
const accessToken =
|
|
66
|
+
const accessToken = yield at.save();
|
|
84
67
|
let last_access;
|
|
85
68
|
if ((_a = claims === null || claims === void 0 ? void 0 : claims.data) === null || _a === void 0 ? void 0 : _a.lastAccess) {
|
|
86
69
|
last_access = claims.data.lastAccess;
|
|
87
70
|
}
|
|
88
71
|
if ((_b = claims === null || claims === void 0 ? void 0 : claims.data) === null || _b === void 0 ? void 0 : _b.tokens) {
|
|
89
|
-
claims.data = {
|
|
90
|
-
...claims.data,
|
|
91
|
-
tokens: []
|
|
92
|
-
};
|
|
72
|
+
claims.data = Object.assign(Object.assign({}, claims.data), { tokens: [] });
|
|
93
73
|
}
|
|
94
|
-
const generateIdToken =
|
|
95
|
-
const client =
|
|
74
|
+
const generateIdToken = (ctx, clientId, expiresIn, claims) => __awaiter(void 0, void 0, void 0, function* () {
|
|
75
|
+
const client = yield ctx.oidc.provider.Client.find(clientId);
|
|
96
76
|
ctx.oidc.entity('Client', client);
|
|
97
77
|
const { IdToken } = ctx.oidc.provider;
|
|
98
|
-
const jti =
|
|
99
|
-
const exp =
|
|
100
|
-
const token = new IdToken({
|
|
101
|
-
...claims,
|
|
102
|
-
}, { ctx });
|
|
78
|
+
const jti = nanoid();
|
|
79
|
+
const exp = epochTime() + expiresIn;
|
|
80
|
+
const token = new IdToken(Object.assign({}, claims), { ctx });
|
|
103
81
|
token.set('jti', jti);
|
|
104
82
|
token.scope = 'openid profile';
|
|
105
|
-
return
|
|
106
|
-
};
|
|
107
|
-
const idToken =
|
|
83
|
+
return yield token.issue({ expiresAt: exp });
|
|
84
|
+
});
|
|
85
|
+
const idToken = yield generateIdToken(ctx, clientId, expiresIn, claims);
|
|
108
86
|
return {
|
|
109
87
|
access_token: accessToken,
|
|
110
88
|
id_token: idToken,
|
|
111
|
-
expires_in:
|
|
112
|
-
last_login:
|
|
89
|
+
expires_in: epochTime() + at.expiration,
|
|
90
|
+
last_login: epochTime(),
|
|
113
91
|
token_type: at.tokenType,
|
|
114
92
|
scope: 'openid',
|
|
115
93
|
token_name: tokenName,
|
|
116
94
|
default_scope: defaultScope,
|
|
117
95
|
last_access
|
|
118
96
|
};
|
|
119
|
-
};
|
|
120
|
-
config.provider.registerGrantType('password',
|
|
97
|
+
});
|
|
98
|
+
config.provider.registerGrantType('password', (ctx, next) => __awaiter(void 0, void 0, void 0, function* () {
|
|
121
99
|
try {
|
|
122
100
|
const { body, client } = ctx.oidc;
|
|
123
101
|
ctx.type = 'json';
|
|
@@ -137,7 +115,7 @@ const registerPasswordGrantType = (config) => {
|
|
|
137
115
|
os = agent.os.toString();
|
|
138
116
|
agentName = agent.toAgent();
|
|
139
117
|
}
|
|
140
|
-
ctx.body =
|
|
118
|
+
ctx.body = yield performPasswordGrant(ctx, client.clientId, body.identifier, passwordValue, key);
|
|
141
119
|
const token_name = ctx.body.token_name;
|
|
142
120
|
const token = ctx.body.access_token;
|
|
143
121
|
const scope = ctx.body.default_scope;
|
|
@@ -149,7 +127,7 @@ const registerPasswordGrantType = (config) => {
|
|
|
149
127
|
else if (clientIP && clientIP.includes(':')) {
|
|
150
128
|
ipv6_address = clientIP;
|
|
151
129
|
}
|
|
152
|
-
const authLogItem =
|
|
130
|
+
const authLogItem = AuthenticationLog.fromPartial({
|
|
153
131
|
ipv4Address: ipv4_address,
|
|
154
132
|
ipv6Address: ipv6_address,
|
|
155
133
|
operatingSystem: os,
|
|
@@ -158,13 +136,13 @@ const registerPasswordGrantType = (config) => {
|
|
|
158
136
|
activity: 'login',
|
|
159
137
|
tokenName: token_name
|
|
160
138
|
});
|
|
161
|
-
|
|
139
|
+
yield config.authLogService.create(AuthenticationLogList.fromPartial({
|
|
162
140
|
items: [authLogItem],
|
|
163
|
-
subject:
|
|
141
|
+
subject: Subject.fromPartial({ token, scope })
|
|
164
142
|
}));
|
|
165
143
|
}
|
|
166
144
|
catch (ex) {
|
|
167
|
-
if (ex instanceof
|
|
145
|
+
if (ex instanceof InvalidPasswordGrant) {
|
|
168
146
|
ctx.status = 401;
|
|
169
147
|
ctx.type = 'json';
|
|
170
148
|
ctx.body = {
|
|
@@ -180,7 +158,6 @@ const registerPasswordGrantType = (config) => {
|
|
|
180
158
|
};
|
|
181
159
|
}
|
|
182
160
|
}
|
|
183
|
-
|
|
184
|
-
}, ['identifier', 'password'], []);
|
|
161
|
+
yield next();
|
|
162
|
+
}), ['identifier', 'password'], []);
|
|
185
163
|
};
|
|
186
|
-
exports.registerPasswordGrantType = registerPasswordGrantType;
|
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
import KoaRouter from 'koa-router';
|
|
2
|
-
import Provider from 'oidc-provider';
|
|
3
|
-
import { Logger } from 'winston';
|
|
4
|
-
import { IdentityContext } from '../interfaces';
|
|
5
|
-
import { OIDCHbsTemplates, OIDCBodyLoginFn } from './interfaces';
|
|
1
|
+
import type KoaRouter from 'koa-router';
|
|
2
|
+
import type Provider from 'oidc-provider';
|
|
3
|
+
import { type Logger } from 'winston';
|
|
4
|
+
import { type IdentityContext } from '../interfaces.js';
|
|
5
|
+
import { type OIDCHbsTemplates, type OIDCBodyLoginFn } from './interfaces.js';
|
|
6
6
|
export interface CreateOIDCRouterArgs {
|
|
7
7
|
logger: Logger;
|
|
8
8
|
provider: Provider;
|
|
@@ -10,4 +10,4 @@ export interface CreateOIDCRouterArgs {
|
|
|
10
10
|
templates?: OIDCHbsTemplates;
|
|
11
11
|
loginFn: OIDCBodyLoginFn;
|
|
12
12
|
}
|
|
13
|
-
export declare
|
|
13
|
+
export declare const createOIDCRouter: ({ logger, loginFn, provider, env, templates }: CreateOIDCRouterArgs) => KoaRouter<{}, IdentityContext>;
|
|
@@ -1,20 +1,26 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
import { OIDCTemplateEngine } from './templates.js';
|
|
11
|
+
import { koaBody } from 'koa-body';
|
|
12
|
+
import Router from 'koa-router';
|
|
13
|
+
export const createOIDCRouter = ({ logger, loginFn, provider, env, templates }) => {
|
|
8
14
|
const dev = env === 'development';
|
|
9
|
-
const tplEngine = new
|
|
15
|
+
const tplEngine = new OIDCTemplateEngine(templates);
|
|
10
16
|
const router = new Router();
|
|
11
|
-
router.get('/interaction/:uid',
|
|
12
|
-
const { uid, prompt, params, session, } =
|
|
13
|
-
const client =
|
|
17
|
+
router.get('/interaction/:uid', (ctx, next) => __awaiter(void 0, void 0, void 0, function* () {
|
|
18
|
+
const { uid, prompt, params, session, } = yield provider.interactionDetails(ctx.req, ctx.res);
|
|
19
|
+
const client = yield provider.Client.find(params.client_id);
|
|
14
20
|
switch (prompt.name) {
|
|
15
21
|
case 'login': {
|
|
16
22
|
ctx.type = 'html';
|
|
17
|
-
ctx.body =
|
|
23
|
+
ctx.body = yield tplEngine.login({
|
|
18
24
|
title: 'Login',
|
|
19
25
|
dev,
|
|
20
26
|
uid,
|
|
@@ -28,7 +34,7 @@ function createOIDCRouter({ logger, loginFn, provider, env, templates }) {
|
|
|
28
34
|
}
|
|
29
35
|
case 'consent': {
|
|
30
36
|
console.log('consent', prompt.details);
|
|
31
|
-
const { prompt: { name, details } } =
|
|
37
|
+
const { prompt: { name, details } } = yield provider.interactionDetails(ctx.req, ctx.res);
|
|
32
38
|
const consent = {};
|
|
33
39
|
consent.rejectedScopes = [];
|
|
34
40
|
// replace = false means previously rejected scopes and claims remain rejected
|
|
@@ -55,7 +61,7 @@ function createOIDCRouter({ logger, loginFn, provider, env, templates }) {
|
|
|
55
61
|
default:
|
|
56
62
|
return next();
|
|
57
63
|
}
|
|
58
|
-
});
|
|
64
|
+
}));
|
|
59
65
|
// router.post('/interaction/:uid/confirm', bodyParser({
|
|
60
66
|
// text: false, json: false
|
|
61
67
|
// }), async (ctx) => {
|
|
@@ -70,16 +76,16 @@ function createOIDCRouter({ logger, loginFn, provider, env, templates }) {
|
|
|
70
76
|
// mergeWithLastSubmission: true,
|
|
71
77
|
// });
|
|
72
78
|
// });
|
|
73
|
-
router.post('/interaction/:uid/login',
|
|
79
|
+
router.post('/interaction/:uid/login', koaBody({
|
|
74
80
|
text: false, json: false
|
|
75
|
-
}),
|
|
76
|
-
const { prompt, uid, params, session } =
|
|
81
|
+
}), (ctx) => __awaiter(void 0, void 0, void 0, function* () {
|
|
82
|
+
const { prompt, uid, params, session } = yield provider.interactionDetails(ctx.req, ctx.res);
|
|
77
83
|
if (prompt.name !== 'login') {
|
|
78
84
|
throw new Error('INVALID_PROMPT');
|
|
79
85
|
}
|
|
80
|
-
const render =
|
|
86
|
+
const render = ({ error, identifier, remember } = {}) => __awaiter(void 0, void 0, void 0, function* () {
|
|
81
87
|
ctx.response.type = 'html';
|
|
82
|
-
ctx.response.body =
|
|
88
|
+
ctx.response.body = yield tplEngine.login({
|
|
83
89
|
title: 'Login',
|
|
84
90
|
uid,
|
|
85
91
|
identifier,
|
|
@@ -96,13 +102,13 @@ function createOIDCRouter({ logger, loginFn, provider, env, templates }) {
|
|
|
96
102
|
}
|
|
97
103
|
});
|
|
98
104
|
return;
|
|
99
|
-
};
|
|
105
|
+
});
|
|
100
106
|
const body = typeof ctx.request.body === 'object' && ctx.request.body ? ctx.request.body : undefined;
|
|
101
107
|
if (!body) {
|
|
102
108
|
logger.error('OIDC login invalid body', body);
|
|
103
109
|
return render();
|
|
104
110
|
}
|
|
105
|
-
const { error, user, identifier, remember } =
|
|
111
|
+
const { error, user, identifier, remember } = yield loginFn(ctx, body);
|
|
106
112
|
if (error || !user) {
|
|
107
113
|
logger.error('OIDC login callback error', error);
|
|
108
114
|
return render({
|
|
@@ -132,8 +138,8 @@ function createOIDCRouter({ logger, loginFn, provider, env, templates }) {
|
|
|
132
138
|
return provider.interactionFinished(ctx.req, ctx.res, result, {
|
|
133
139
|
mergeWithLastSubmission: false,
|
|
134
140
|
});
|
|
135
|
-
});
|
|
136
|
-
router.get('/interaction/:uid/abort',
|
|
141
|
+
}));
|
|
142
|
+
router.get('/interaction/:uid/abort', (ctx) => __awaiter(void 0, void 0, void 0, function* () {
|
|
137
143
|
const result = {
|
|
138
144
|
error: 'access_denied',
|
|
139
145
|
error_description: 'End-User aborted interaction',
|
|
@@ -141,7 +147,7 @@ function createOIDCRouter({ logger, loginFn, provider, env, templates }) {
|
|
|
141
147
|
return provider.interactionFinished(ctx.req, ctx.res, result, {
|
|
142
148
|
mergeWithLastSubmission: false,
|
|
143
149
|
});
|
|
144
|
-
});
|
|
150
|
+
}));
|
|
145
151
|
// router.get('/session', async (ctx) => {
|
|
146
152
|
// const _ctx = provider.app.createContext(ctx.req, ctx.res);
|
|
147
153
|
// // const session = await provider.Session.get(_ctx)
|
|
@@ -154,6 +160,5 @@ function createOIDCRouter({ logger, loginFn, provider, env, templates }) {
|
|
|
154
160
|
// };
|
|
155
161
|
// });
|
|
156
162
|
return router;
|
|
157
|
-
}
|
|
158
|
-
exports.createOIDCRouter = createOIDCRouter;
|
|
163
|
+
};
|
|
159
164
|
;
|