UNPKG

@doneisbetter/sso

Version:

A secure, privacy-focused SSO solution with ephemeral token handling

sso.doneisbetter.com

moldovancsaba/sso

66 lines 2.8 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
import { IdentityManager } from '../identity/manager'; /** * Handles OAuth authentication requests, managing both the initial login form display * and the subsequent authentication process. */ export class OAuthAuthHandler { constructor(db) { this.db = db; this.identityManager = new IdentityManager(); } /** * Generates login form data for the initial OAuth authorization request * @param clientName Name of the OAuth client requesting authorization * @param redirectUri Callback URL for the OAuth flow * @param state OAuth state parameter for security * @returns Login form data with client information */ async getLoginFormData(clientName, redirectUri, state) { return { client_name: clientName, redirect_uri: redirectUri, state, login_options: { identifier: true, email: true }, message: 'Please authenticate to continue' }; } /** * Authenticates a user based on the provided identifier * Creates or retrieves the user and their identity profile * @param identifier User's identifier (anonymous or email-based) * @returns Authenticated user with identity */ async authenticateUser(identifier) { // Initialize identity manager if not already done await this.identityManager.init(); // Create or update user record with current timestamp const now = new Date().toISOString(); const user = await this.db.createOrUpdateUser(identifier); // Ensure user has an identity profile const identityId = user.identityId || user.id; const identity = await this.identityManager.getOrCreate(identityId); // Update user with identity reference if (!user.identityId) { await this.db.createOrUpdateUser(user.identifier, { metadata: Object.assign(Object.assign({}, (user.metadata || {})), { identityId }) }); } return Object.assign(Object.assign({}, user), { profile: Object.assign(Object.assign({}, user.profile), { nickname: identity.gametag }) }); } /** * Validates the authentication request parameters * @param identifier User's provided identifier * @param request OAuth authorization request * @returns Validation result and any error messages */ validateAuthRequest(identifier, request) { if (!identifier || identifier.trim().length === 0) { return { isValid: false, error: 'Identifier is required' }; } // Add additional validation as needed // For example, email format validation if using email authentication return { isValid: true }; } } //# sourceMappingURL=auth-handler.js.map