UNPKG

@youngshand/payload-auth-plugin

Version:

A temporary fork for testing of Authentication plugin for Payload CMS, use @payload-auth-plugin

github.com/chrisAlwinYS/payload-auth-plugin

chrisAlwinYS/payload-auth-plugin

82 lines (70 loc) 2.34 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
import { parseCookies, type PayloadRequest } from "payload" import * as oauth from "oauth4webapi" import type { OAuth2ProviderConfig, AccountInfo } from "../../../types.js" import { getCallbackURL } from "../../utils/cb.js" import { MissingOrInvalidSession } from "../../errors/consoleErrors.js" export async function OAuth2Callback( pluginType: string, request: PayloadRequest, providerConfig: OAuth2ProviderConfig, session_callback: ( oauthAccountInfo: AccountInfo, clientOrigin: string, ) => Promise<Response>, ): Promise<Response> { const parsedCookies = parseCookies(request.headers) const code_verifier = parsedCookies.get("__session-code-verifier") const state = parsedCookies.get("__session-oauth-state") const clientOrigin = parsedCookies.get("__client-origin") if (!code_verifier || !clientOrigin) { throw new MissingOrInvalidSession() } const { client_id, client_secret, authorization_server, profile, client_auth_type, } = providerConfig const client: oauth.Client = { client_id, } const clientAuth = client_auth_type === "client_secret_basic" ? oauth.ClientSecretBasic(client_secret ?? "") : oauth.ClientSecretPost(client_secret ?? "") const current_url = new URL(request.url as string) as URL const callback_url = getCallbackURL( request.payload.config.serverURL, pluginType, providerConfig.id, ) const as = authorization_server const params = oauth.validateAuthResponse(as, client, current_url, state!) const grantResponse = await oauth.authorizationCodeGrantRequest( as, client, clientAuth, params, callback_url.toString(), code_verifier, ) let body = (await grantResponse.json()) as { scope: string | string[] } let response = new Response(JSON.stringify(body), grantResponse) if (Array.isArray(body.scope)) { body.scope = body.scope.join(" ") response = new Response(JSON.stringify(body), grantResponse) } const token_result = await oauth.processAuthorizationCodeResponse( as, client, response, ) const userInfoResponse = await oauth.userInfoRequest( as, client, token_result.access_token, ) const userInfo = (await userInfoResponse.json()) as Record<string, string> return session_callback(profile(userInfo), clientOrigin) }