UNPKG

@mvx/identity

Version:

identity is oidc for mvc, type-mvc is base on koa. Decorator, Ioc, AOP mvc framework on server.

github.com/zhouhoujun/type-mvc

zhouhoujun/type-mvc

100 lines (99 loc) 3.73 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
import { ICoreInjector } from '@tsdi/core'; import { AfterInit } from '@tsdi/components'; import { Strategy } from './Strategy'; import { IStrategyOption } from './IAuthenticator'; import { Context } from 'koa'; import { SessionStore, StateStore } from '../stores'; import { ValidationResult } from './results'; export declare type OIDCVerifyFunction = (ctx: Context, iss: string, sub: string, profile: any, jwtClaims?: string, accessToken?: string, refreshToken?: string, params?: any) => Promise<{ user: any; info: any; }>; export interface OIDCConfigure { issuer?: string; authorizationURL?: string; tokenURL?: string; userInfoURL?: string; clientID: string; clientSecret: string; callbackURL?: string; registrationURL?: string; _raw?: any; nonce?: any; display?: string; prompt?: string; timestamp?: number; params?: any; } export interface OIDCOption extends IStrategyOption, OIDCConfigure { sessionKey?: string; identifierField?: string; scope: string | string[]; store?: SessionStore; customHeaders?: any; skipUserProfile?: boolean | ((issuer: string, subject: string) => Promise<any>); passReqToCallback?: string; verify: OIDCVerifyFunction; getClient?: (issuer: string) => Promise<any>; /** * Return extra parameters to be included in the authorization request. * * Some OAuth 2.0 providers allow additional, non-standard parameters to be * included when requesting authorization. Since these parameters are not * standardized by the OAuth 2.0 specification, OAuth 2.0-based authentication * strategies can overrride this function in order to populate these parameters * as required by the provider. * */ authorizationParams: (options: any) => any; } /** * OIDC authenticate strategy * * @export * @class OIDCStrategy * @extends {Strategy} * @implements {AfterInit} */ export declare class OIDCStrategy extends Strategy implements AfterInit { protected stateStore: StateStore; protected scope: string | string[]; protected identifierField: string; protected issuer: string; protected sessionKey: string; protected tokenURL: string; protected authorizationURL: string; protected clientID: string; protected clientSecret: string; protected callbackURL?: string; protected userInfoURL?: string; protected customHeaders?: any; protected verify: OIDCVerifyFunction; protected passReqToCallback: string; protected skipUserProfile?: boolean | ((issuer: string, subject: string) => Promise<any>); /** * Return extra parameters to be included in the authorization request. * * Some OAuth 2.0 providers allow additional, non-standard parameters to be * included when requesting authorization. Since these parameters are not * standardized by the OAuth 2.0 specification, OAuth 2.0-based authentication * strategies can overrride this function in order to populate these parameters * as required by the provider. * */ protected authorizationParams: (options: any) => any; options: OIDCOption; injector: ICoreInjector; onAfterInit(): Promise<void>; authenticate(ctx: Context, options?: any): Promise<ValidationResult>; private shouldLoadUserProfile; private parseOAuthError; protected getConfigure(identifier: string): Promise<OIDCConfigure>; protected dynamicConfigure(identifier: string): Promise<OIDCConfigure>; protected manualConfigure(identifier: string): Promise<OIDCConfigure>; static ρAnn(): any; } export declare class Resolver { resolve(identifier: any): Promise<string>; static ρAnn(): any; }