UNPKG

@travetto/auth-passport

Version:

Rest authentication integration support for the travetto framework

travetto.io

90 lines (78 loc) 2.91 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
import * as passport from 'passport'; import { Authenticator, Principal } from '@travetto/auth'; import { Request, Response } from '@travetto/rest'; import { LoginContextⲐ } from '@travetto/auth-rest/src/internal/types'; import { PassportAuthOptions, PassportUtil } from './util'; type SimplePrincipal = Omit<Principal, 'issuedAt' | 'expiresAt'>; /** * Authenticator via passport */ export class PassportAuthenticator<U> implements Authenticator<U, Principal, { req: Request, res: Response }> { #strategyName: string; #strategy: passport.Strategy; #toPrincipal: (user: U) => SimplePrincipal; #passportAuthenticateOptions: passport.AuthenticateOptions; #extraOptions: PassportAuthOptions; session = false; /** * Creating a new PassportAuthenticator * * @param strategyName Name of passport strategy * @param strategy A passport strategy * @param toPrincipal How to convert a user to an identity * @param passportAuthenticateOptions Extra passport options */ constructor( strategyName: string, strategy: passport.Strategy, toPrincipal: (user: U) => SimplePrincipal, passportAuthenticateOptions: passport.AuthenticateOptions = {}, extraOptions: PassportAuthOptions = {} ) { this.#strategyName = strategyName; this.#strategy = strategy; this.#toPrincipal = toPrincipal; this.#passportAuthenticateOptions = passportAuthenticateOptions; this.#extraOptions = extraOptions; passport.use(this.#strategyName, this.#strategy); } /** * Handler for auth context * @param err A possible error from authentication * @param user The authenticated user */ async #authHandler(err: Error | undefined, user: U): Promise<Principal> { if (err) { throw err; } else { // Remove profile fields from passport // eslint-disable-next-line @typescript-eslint/consistent-type-assertions const du = user as (U & { _json?: unknown, _raw?: unknown, source?: unknown }); delete du._json; delete du._raw; delete du.source; const p = this.#toPrincipal(user); p.issuer ??= this.#strategyName; return p; } } /** * Authenticate a request given passport config * @param req The travetto request * @param res The travetto response */ authenticate(user: U, { req, res }: { req: Request, res: Response }): Promise<Principal | undefined> { return new Promise<Principal | undefined>((resolve, reject) => { // Get the login context req[LoginContextⲐ] = PassportUtil.getLoginContext(req); const filter = passport.authenticate(this.#strategyName, { session: this.session, ...this.#passportAuthenticateOptions, ...PassportUtil.createLoginContext(req, this.#extraOptions) }, (err, u) => this.#authHandler(err, u).then(resolve, reject)); filter(req, res); }); } }