UNPKG

forest-express

Version:

Official package for all Forest Express Lianas

193 lines (187 loc) 7.13 kB
"use strict"; var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault"); var _regenerator = _interopRequireDefault(require("@babel/runtime/regenerator")); var _asyncToGenerator2 = _interopRequireDefault(require("@babel/runtime/helpers/asyncToGenerator")); var _typeof2 = _interopRequireDefault(require("@babel/runtime/helpers/typeof")); var _require = require('@forestadmin/context'), inject = _require.inject; var START_AUTHENTICATION_ROUTE = 'authentication'; var CALLBACK_AUTHENTICATION_ROUTE = 'authentication/callback'; var LOGOUT_ROUTE = 'authentication/logout'; var PUBLIC_ROUTES = ["/".concat(START_AUTHENTICATION_ROUTE), "/".concat(CALLBACK_AUTHENTICATION_ROUTE), "/".concat(LOGOUT_ROUTE)]; /** * @param {import('../context/init').Context} context * @param {string} applicationUrl * @returns {string} */ function getCallbackUrl(context, applicationUrl) { return context.joinUrl(applicationUrl, "/forest/".concat(CALLBACK_AUTHENTICATION_ROUTE)); } /** * @param {{ * authSecret: string; * }} options * @param {import('../utils/error-messages')} errorMessages */ function checkAuthSecret(options, errorMessages) { if (!options.authSecret) { throw new Error(errorMessages.CONFIGURATION.AUTH_SECRET_MISSING); } } /** * @param {import('express').Request} request * @param {import('../context/init').Context} context * @returns {number} */ function getAndCheckRenderingId(request, context) { if (!request.body || !request.body.renderingId) { throw new Error(context.errorMessages.SERVER_TRANSACTION.MISSING_RENDERING_ID); } var renderingId = request.body.renderingId; if (!['string', 'number'].includes((0, _typeof2["default"])(renderingId)) || Number.isNaN(renderingId)) { throw new Error(context.errorMessages.SERVER_TRANSACTION.INVALID_RENDERING_ID); } return Number(renderingId); } /** * @param {import('../context/init').Context} context * @param {Error} error * @param {import('express').Response} response * @param {import('express').NextFunction} next */ function handleError(context, error, response, next) { if (error instanceof context.openIdClient.errors.OPError) { switch (error.error) { case 'access_denied': case 'invalid_client': response.status(403).send(error); break; default: response.status(400).send(error); } return; } if (error instanceof context.openIdClient.errors.RPError) { response.status(400).send(error); return; } next(error); } /** * @param {import('../context/init').Context} context * @param {import('express').Request} request * @param {import('express').Response} response * @param {import('express').NextFunction} next */ function startAuthentication(_x, _x2, _x3, _x4) { return _startAuthentication.apply(this, arguments); } /** * @param {import('../context/init').Context} context * @param {{envSecret: string, authSecret: string}} options * @param {import('express').Request} request * @param {import('express').Response} response * @param {import('express').NextFunction} next */ function _startAuthentication() { _startAuthentication = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee(context, request, response, next) { var renderingId, result; return _regenerator["default"].wrap(function _callee$(_context) { while (1) switch (_context.prev = _context.next) { case 0: _context.prev = 0; renderingId = getAndCheckRenderingId(request, context); _context.next = 4; return context.authenticationService.startAuthentication(getCallbackUrl(context, context.env.APPLICATION_URL), { renderingId: renderingId }); case 4: result = _context.sent; response.status(200).send(result); _context.next = 11; break; case 8: _context.prev = 8; _context.t0 = _context["catch"](0); handleError(context, _context.t0, response, next); case 11: case "end": return _context.stop(); } }, _callee, null, [[0, 8]]); })); return _startAuthentication.apply(this, arguments); } function authenticationCallback(_x5, _x6, _x7, _x8, _x9) { return _authenticationCallback.apply(this, arguments); } /** * @param {import('../context/init').Context} context * @param {import('express').Request} request * @param {import('express').Response} response */ function _authenticationCallback() { _authenticationCallback = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee2(context, options, request, response, next) { var token; return _regenerator["default"].wrap(function _callee2$(_context2) { while (1) switch (_context2.prev = _context2.next) { case 0: _context2.prev = 0; _context2.next = 3; return context.authenticationService.verifyCodeAndGenerateToken(getCallbackUrl(context, context.env.APPLICATION_URL), request.query, options); case 3: token = _context2.sent; response.status(200); response.send({ token: token, tokenData: context.jsonwebtoken.decode(token) }); _context2.next = 11; break; case 8: _context2.prev = 8; _context2.t0 = _context2["catch"](0); handleError(context, _context2.t0, response, next); case 11: case "end": return _context2.stop(); } }, _callee2, null, [[0, 8]]); })); return _authenticationCallback.apply(this, arguments); } function logout(_x10, _x11, _x12) { return _logout.apply(this, arguments); } /** * @param {import('express').Application} app * @param {{ * authSecret: string; * envSecret: string; * }} options * @param {import('../context/init').Context} context */ function _logout() { _logout = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee3(context, request, response) { return _regenerator["default"].wrap(function _callee3$(_context3) { while (1) switch (_context3.prev = _context3.next) { case 0: // Not needed anymore, as we don't use cookies response.status(204).send(); case 1: case "end": return _context3.stop(); } }, _callee3); })); return _logout.apply(this, arguments); } function initAuthenticationRoutes(app, options, context) { checkAuthSecret(options, context.errorMessages); app.post(context.pathService.generate(START_AUTHENTICATION_ROUTE, options), startAuthentication.bind(undefined, inject())); app.get(context.pathService.generate(CALLBACK_AUTHENTICATION_ROUTE, options), authenticationCallback.bind(undefined, inject(), options)); app.post(context.pathService.generate(LOGOUT_ROUTE, options), logout.bind(undefined, inject())); } initAuthenticationRoutes.PUBLIC_ROUTES = PUBLIC_ROUTES; initAuthenticationRoutes.CALLBACK_ROUTE = CALLBACK_AUTHENTICATION_ROUTE; module.exports = initAuthenticationRoutes;