UNPKG

@youngshand/payload-auth-plugin

Version:

A temporary fork for testing of Authentication plugin for Payload CMS, use @payload-auth-plugin

github.com/chrisAlwinYS/payload-auth-plugin

chrisAlwinYS/payload-auth-plugin

44 lines (43 loc) 1.97 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
// src/core/protocols/oauth/oauth2_callback.ts import { parseCookies } from "payload"; import * as oauth from "oauth4webapi"; import { getCallbackURL } from "../../utils/cb.js"; import { MissingOrInvalidSession } from "../../errors/consoleErrors.js"; async function OAuth2Callback(pluginType, request, providerConfig, session_callback) { const parsedCookies = parseCookies(request.headers); const code_verifier = parsedCookies.get("__session-code-verifier"); const state = parsedCookies.get("__session-oauth-state"); const clientOrigin = parsedCookies.get("__client-origin"); if (!code_verifier || !clientOrigin) { throw new MissingOrInvalidSession; } const { client_id, client_secret, authorization_server, profile, client_auth_type } = providerConfig; const client = { client_id }; const clientAuth = client_auth_type === "client_secret_basic" ? oauth.ClientSecretBasic(client_secret ?? "") : oauth.ClientSecretPost(client_secret ?? ""); const current_url = new URL(request.url); const callback_url = getCallbackURL(request.payload.config.serverURL, pluginType, providerConfig.id); const as = authorization_server; const params = oauth.validateAuthResponse(as, client, current_url, state); const grantResponse = await oauth.authorizationCodeGrantRequest(as, client, clientAuth, params, callback_url.toString(), code_verifier); let body = await grantResponse.json(); let response = new Response(JSON.stringify(body), grantResponse); if (Array.isArray(body.scope)) { body.scope = body.scope.join(" "); response = new Response(JSON.stringify(body), grantResponse); } const token_result = await oauth.processAuthorizationCodeResponse(as, client, response); const userInfoResponse = await oauth.userInfoRequest(as, client, token_result.access_token); const userInfo = await userInfoResponse.json(); return session_callback(profile(userInfo), clientOrigin); } export { OAuth2Callback };