@labshare/services-auth/dist/src/providers/user-info.provider.js

Loopback 4 plugin for resource scope-based HTTP route authz

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.UserInfoActionProvider = void 0;
const tslib_1 = require("tslib");
const core_1 = require("@loopback/core");
const keys_1 = require("../keys");
const parse_bearer_token_1 = tslib_1.__importDefault(require("parse-bearer-token"));
const tiny = tslib_1.__importStar(require("tiny-json-http"));
/**
 * @description Provider of a function which authenticates
 * @example `context.bind('authentication_key')
 *   .toProvider(UserInfoActionProvider)`
 */
let UserInfoActionProvider = class UserInfoActionProvider {
    constructor(getConfig) {
        this.getConfig = getConfig;
    }
    /**
     * Sequence handler for setting the user profile on the request
     */
    value() {
        return (request) => this.action(request);
    }
    /**
     * @description The userInfo() sequence action. It attaches a "userInfo" object
     * to the incoming request if the following conditions are met:
     *  - The configuration has been set up for the component
     *  - A bearer token exists in the request headers
     *  - The user info endpoint request to the Auth service is successful
     */
    async action(request) {
        const token = (0, parse_bearer_token_1.default)(request);
        // A bearer token is required to use the user_info route, so we skip the action if
        // it doesn't exist.
        if (!token) {
            return;
        }
        const { authUrl, tenant } = await this.getConfig();
        if (!authUrl) {
            throw new Error("`authUrl` configuration option is required");
        }
        if (!tenant) {
            throw new Error("`tenant` configuration option is required");
        }
        const { body } = await tiny.get({
            url: `${authUrl}/auth/${tenant}/me`,
            headers: {
                Authorization: `Bearer ${token}`,
            },
        });
        request.userInfo = body;
    }
};
UserInfoActionProvider = tslib_1.__decorate([
    tslib_1.__param(0, core_1.inject.getter(keys_1.AuthenticationBindings.AUTH_CONFIG)),
    tslib_1.__metadata("design:paramtypes", [Function])
], UserInfoActionProvider);
exports.UserInfoActionProvider = UserInfoActionProvider;
//# sourceMappingURL=user-info.provider.js.map