forest-express/dist/services/authentication.js

Official package for all Forest Express Lianas

"use strict";

var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
var _regenerator = _interopRequireDefault(require("@babel/runtime/regenerator"));
var _asyncToGenerator2 = _interopRequireDefault(require("@babel/runtime/helpers/asyncToGenerator"));
var _classCallCheck2 = _interopRequireDefault(require("@babel/runtime/helpers/classCallCheck"));
var _createClass2 = _interopRequireDefault(require("@babel/runtime/helpers/createClass"));
var _defineProperty2 = _interopRequireDefault(require("@babel/runtime/helpers/defineProperty"));
var AuthenticationService = /*#__PURE__*/function () {
  /** @private @readonly @type {import('./authorization-finder')} */

  /** @private @readonly @type {import('./token')} */

  /** @private @readonly @type {import('./oidc-client-manager')} */

  /** @private @readonly @type {import('../utils/error-messages')} */

  /**
   * @param {import("../context/init").Context} context
   */
  function AuthenticationService(_ref) {
    var authorizationFinder = _ref.authorizationFinder,
      tokenService = _ref.tokenService,
      errorMessages = _ref.errorMessages,
      oidcClientManagerService = _ref.oidcClientManagerService;
    (0, _classCallCheck2["default"])(this, AuthenticationService);
    (0, _defineProperty2["default"])(this, "authorizationFinder", void 0);
    (0, _defineProperty2["default"])(this, "tokenService", void 0);
    (0, _defineProperty2["default"])(this, "oidcClientManagerService", void 0);
    (0, _defineProperty2["default"])(this, "errorMessages", void 0);
    this.authorizationFinder = authorizationFinder;
    this.tokenService = tokenService;
    this.oidcClientManagerService = oidcClientManagerService;
    this.errorMessages = errorMessages;
  }

  /**
   * @private
   * @param {string} state
   * @returns {{renderingId: string}}
   */
  (0, _createClass2["default"])(AuthenticationService, [{
    key: "_parseState",
    value: function _parseState(state) {
      if (!state) {
        throw new Error(this.errorMessages.SERVER_TRANSACTION.INVALID_STATE_MISSING);
      }

      /** @type {string} */
      var renderingId;
      try {
        var parsedState = JSON.parse(state);
        renderingId = parsedState.renderingId;
      } catch (e) {
        throw new Error(this.errorMessages.SERVER_TRANSACTION.INVALID_STATE_FORMAT);
      }
      if (!renderingId) {
        throw new Error(this.errorMessages.SERVER_TRANSACTION.INVALID_STATE_RENDERING_ID);
      }
      return {
        renderingId: renderingId
      };
    }

    /**
     * Step 1 of the authentication
     * @param {string} redirectUrl
     * @param {{renderingId: string|number}} state
     * @returns {Promise<{
     *  authorizationUrl: string;
     * }>}
     */
  }, {
    key: "startAuthentication",
    value: function () {
      var _startAuthentication = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee(redirectUrl, state) {
        var client, authorizationUrl;
        return _regenerator["default"].wrap(function _callee$(_context) {
          while (1) switch (_context.prev = _context.next) {
            case 0:
              _context.next = 2;
              return this.oidcClientManagerService.getClientForCallbackUrl(redirectUrl);
            case 2:
              client = _context.sent;
              authorizationUrl = client.authorizationUrl({
                scope: 'openid email profile',
                state: JSON.stringify(state)
              });
              return _context.abrupt("return", {
                authorizationUrl: authorizationUrl
              });
            case 5:
            case "end":
              return _context.stop();
          }
        }, _callee, this);
      }));
      function startAuthentication(_x, _x2) {
        return _startAuthentication.apply(this, arguments);
      }
      return startAuthentication;
    }()
    /**
     * @param {string} redirectUrl
     * @param {import('openid-client').CallbackParamsType} params
     * @param {{ envSecret: string, authSecret: string }} options
     */
  }, {
    key: "verifyCodeAndGenerateToken",
    value: function () {
      var _verifyCodeAndGenerateToken = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee2(redirectUrl, params, options) {
        var client, _this$_parseState, renderingId, tokenSet, user;
        return _regenerator["default"].wrap(function _callee2$(_context2) {
          while (1) switch (_context2.prev = _context2.next) {
            case 0:
              _context2.next = 2;
              return this.oidcClientManagerService.getClientForCallbackUrl(redirectUrl);
            case 2:
              client = _context2.sent;
              _this$_parseState = this._parseState(params.state), renderingId = _this$_parseState.renderingId;
              _context2.next = 6;
              return client.callback(redirectUrl, params, {
                state: params.state
              });
            case 6:
              tokenSet = _context2.sent;
              _context2.next = 9;
              return this.authorizationFinder.authenticate(renderingId, options.envSecret, tokenSet.access_token);
            case 9:
              user = _context2.sent;
              return _context2.abrupt("return", this.tokenService.createToken(user, renderingId, options));
            case 11:
            case "end":
              return _context2.stop();
          }
        }, _callee2, this);
      }));
      function verifyCodeAndGenerateToken(_x3, _x4, _x5) {
        return _verifyCodeAndGenerateToken.apply(this, arguments);
      }
      return verifyCodeAndGenerateToken;
    }()
  }]);
  return AuthenticationService;
}();
module.exports = AuthenticationService;