UNPKG

nest-oidc-provider

Version:

oidc-provider module for Nest framework (node.js)

github.com/adrianbrs/nest-oidc-provider

adrianbrs/nest-oidc-provider

320 lines (244 loc) 8.71 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
# nest-oidc-provider [![NPM Version](https://img.shields.io/npm/v/nest-oidc-provider.svg)](https://www.npmjs.com/package/nest-oidc-provider) [![npm](https://img.shields.io/npm/dw/nest-oidc-provider)](https://www.npmjs.com/package/nest-oidc-provider) [![NPM License](https://img.shields.io/npm/l/nest-oidc-provider)](https://github.com/adrianbrs/nest-oidc-provider/blob/main/LICENSE) [![Coverage Status](https://coveralls.io/repos/github/adrianbrs/nest-oidc-provider/badge.svg?branch=main)](https://coveralls.io/github/adrianbrs/nest-oidc-provider?branch=main) [![Continuous Integration](https://github.com/adrianbrs/nest-oidc-provider/actions/workflows/test.yml/badge.svg)](https://github.com/adrianbrs/nest-oidc-provider/actions/workflows/test.yml) ## Description [oidc-provider](https://github.com/panva/node-oidc-provider) module for [Nest](https://github.com/nestjs/nest) framework (node.js) ## Installation ```bash $ npm i --save nest-oidc-provider oidc-provider ``` OR ```bash $ yarn add nest-oidc-provider oidc-provider ``` OR ```bash $ pnpm add nest-oidc-provider oidc-provider ``` ## Setup > ⚠️ Version 8 of `oidc-provider` [is now ESM-only](<https://github.com/panva/node-oidc-provider/releases/tag/v8.0.0#:~:text=tokens%20(cb67083)-,oidc%2Dprovider%20is%20now%20an%20ESM%2Donly%20module,-(3c5ebe1)>), which is not yet supported by NestJS natively ([nest#7021](https://github.com/nestjs/nest/issues/7021), [nest#8736](https://github.com/nestjs/nest/pull/8736)). This library enables the use of the ESM-only version of `oidc-provider` for Node.js <= 20.17.x via dynamic imports. To avoid errors like [ERR_REQUIRE_ESM], all interfaces should be imported from this package, and the module should be accessed through dependency injection. Use `@InjectOidcModule()` to inject the `oidc-provider` module and `@InjectOidcProvider()` for the running instance. **You must not import anything directly from** `oidc-provider`, unless you're using Node.js >= 20.17.x with the experimental `--experimental-require-module` flag ([#54447](https://github.com/nodejs/node/pull/54447))! ### TypeScript You need to install the `oidc-provider` @types package if you want to use the re-exported types from this library. ```bash npm install @types/oidc-provider --save-dev ``` ### Basic configuration ```ts @Module({ imports: [ OidcModule.forRoot({ issuer: 'http://localhost:3000', path: '/oidc', oidc: ... // oidc-provider configuration }) ], }) export class AppModule {} ``` ### Custom factory function You can pass a `factory` function to customize the provider instantiation. ```ts @Module({ imports: [ OidcModule.forRoot({ issuer: 'http://localhost:3000', path: '/oidc', factory: ({ issuer, config, module }) => { // `module` is the import from `oidc-provider` const provider = new module.Provider(issuer, config); provider.on('server_error', (ctx, err) => {...}) return provider; }, oidc: ... // oidc-provider configuration }) ], }) export class AppModule {} ``` ### Trusting TLS offloading proxies You can set the `proxy` option to `true` to trust TLS offloading proxies.\ For more info visit the `oidc-provider` documentation: [Trusting TLS offloading proxies](https://github.com/panva/node-oidc-provider/blob/v7.12.0/docs/README.md#trusting-tls-offloading-proxies) ```ts @Module({ imports: [ OidcModule.forRoot({ issuer: 'http://localhost:3000', path: '/oidc', proxy: true, // <- trust TLS offloading proxies oidc: {...} }) ], }) export class AppModule {} ``` ### Dynamic host routing You can set the `host` option to require the HTTP host of incoming requests to match some specific value before they are processed by the [`oidc-provider`](https://github.com/panva/node-oidc-provider/blob/main/docs/README.md#basic-configuration-example) callback. For more info visit the NestJS documentation: [Sub-domain routing](https://docs.nestjs.com/controllers#sub-domain-routing). ```ts @Module({ imports: [ OidcModule.forRoot({ issuer: 'https://oidc.example.com', path: '/oidc', host: 'oidc.example.com', // <- Use a specific host/subdomain oidc: {...} }) ], }) export class AppModule {} ``` ### Async configuration #### `useFactory` ```ts @Module({ imports: [ OidcModule.forRootAsync({ imports: [ConfigModule], useFactory: async (configService: ConfigService) => ({ issuer: configService.get<string>('ISSUER'), path: configService.get<string>('OIDC_PATH'), oidc: ... // oidc-provider configuration }), inject: [ConfigService], }), ], }) export class AppModule {} ``` #### `useClass` ```ts @Module({ imports: [ OidcModule.forRootAsync({ useClass: OidcConfigService, }), ], }) export class AppModule {} ``` Note that in this example, the `OidcConfigService` has to implement the `OidcModuleOptionsFactory` interface, as shown below. ```ts import type { OidcModuleOptionsFactory } from 'nest-oidc-provider'; @Injectable() export class OidcConfigService implements OidcModuleOptionsFactory { constructor(private readonly @InjectConnection() conn: Connection) {} createModuleOptions(): OidcModuleOptions { return { issuer: 'http://localhost:3001', path: '/oidc', oidc: ..., // oidc-provider configuration }; } createAdapterFactory?(): AdapterFactory { return (modelName: string) => new MyAdapter(modelName, this.conn); } } ``` You can omit the `Adapter` option of oidc-provider configuration if you implement the `createAdapterFactory` method. #### `useExisting` ```ts @Module({ imports: [ OidcModule.forRootAsync({ imports: [OidcConfigModule], useExisting: OidcConfigService, }), ], }) export class AppModule {} ``` ## Custom injection decorators To be able to access the exports of the `oidc-provider` module or the running instance, you need to use decorators or injection tokens: ```ts import { InjectOidcModule, InjectOidcProvider, type Provider, type ProviderModule, } from 'nest-oidc-provider'; @Controller('/some-controller') export class SomeController { constructor( /** Returns exports from the `oidc-provider` module */ @InjectOidcModule() oidc: ProviderModule, /** Returns the running `oidc-provider` instance */ @InjectOidcProvider() provider: Provider, ) {} } ``` OR ```ts import { OIDC_PROVIDER, OIDC_PROVIDER_MODULE, type Provider, type ProviderModule, } from 'nest-oidc-provider'; async function bootstrap() { const app = await NestFactory.create<NestExpressApplication>(AppModule); const { Provider, errors, interactionPolicy } = app.get<ProviderModule>(OIDC_PROVIDER_MODULE); const provider = app.get<Provider>(OIDC_PROVIDER); await app.listen(3000); } ``` ## Custom param decorators ### `@OidcInteraction()` Returns an instance of `InteractionHelper` class. ```ts import { OidcInteraction, type InteractionHelper } from 'nest-oidc-provider'; @Get(':uid') @Render('login') async login( @OidcInteraction() interaction: InteractionHelper ) { const { prompt, params, uid } = await interaction.details(); const client = await this.provider.Client.find(params.client_id as string); return { prompt, client, params, uid, ...}; } ``` The `InteractionHelper` class is just a helper that omits the `req` and `res` parameters from the existing interaction methods in `oidc-provider`. ```ts interface InteractionHelper { details(): Promise<InteractionDetails>; finished( result: InteractionResults, options?: { mergeWithLastSubmission?: boolean }, ): Promise<void>; result( result: InteractionResults, options?: { mergeWithLastSubmission?: boolean }, ): Promise<string>; } ``` ### `@OidcContext()` Returns an instance of `KoaContextWithOIDC`. ```ts import { OidcContext, type KoaContextWithOIDC } from 'nest-oidc-provider'; @Get() async index(@OidcContext() ctx: KoaContextWithOIDC) { const { oidc: { provider } } = ctx; const session = await provider.Session.get(ctx); //... } ``` ### `@OidcSession()` Returns the user `Session` from the current context, equivalent to retrieving the session from `KoaContextWithOIDC`. ```ts import { OidcSession, type Session } from 'nest-oidc-provider'; @Get() async index(@OidcSession() session: Session) { //... } ``` ## Examples A complete example can be found in the [example](example) directory. ## Contributing You are welcome to contribute to this project, just open a PR. ## CHANGELOG See [CHANGELOG](CHANGELOG.md) for more information. ## License This project is [MIT licensed](LICENSE).