@redocly/portal-plugin-gravitee-sso/src/handle-initiate-login.ts

Gravitee SSO plugin for @redocly/portal

import type { Store } from '@redocly/realm/dist/server/store.js';
import type { Logger } from '@redocly/realm/dist/server/utils/reporter/logger.js';
import type { Context } from 'hono';
import type { GraviteeSsoConfig } from './config.js';

import { LOGIN_PAGE_SLUG } from './constants.js';
import { isGraviteeSsoConfig } from './is-gravitee-sso-config.js';

export default async function (ctx: Context, store: Store): Promise<Response> {
  const logger = ctx.get('logger') as Logger;

  const parsedUrl = new URL(ctx.req.url);

  const idpId = parsedUrl.searchParams.get('idpId');

  if (!idpId) {
    logger.error('Gravitee SSO: idpId query parameter not found');
    return ctx.text('Forbidden', 403);
  }

  const idpConfig = store.ssoDirect?.[idpId] as GraviteeSsoConfig | unknown;

  if (!isGraviteeSsoConfig(idpConfig)) {
    logger.error(`Gravitee SSO: invalid idpId in query params: ${idpId}`);
    return ctx.text('Forbidden', 403);
  }

  logger.info('Gravitee login initiated');

  const redirectTo = parsedUrl.searchParams.get('redirectTo') || '/';
  const localePrefix = parsedUrl.searchParams.get('localePrefix') || '';

  const loginQueryParams = new URLSearchParams({
    redirectTo,
    idpId,
  });

  const loginPageUrl = `${localePrefix}${LOGIN_PAGE_SLUG}?${loginQueryParams.toString()}`;

  return ctx.newResponse(null, 302, {
    Location: loginPageUrl,
  });
}