open-collaboration-server
Version:
Open Collaboration Server implementation, part of the Open Collaboration Tools project
100 lines • 4.66 kB
JavaScript
"use strict";
// ******************************************************************************
// Copyright 2025 TypeFox GmbH
// This program and the accompanying materials are made available under the
// terms of the MIT License, which is available in the project root.
// ******************************************************************************
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.KeycloakOAuthEndpoint = void 0;
const oauth_endpoint_1 = require("./oauth-endpoint");
const passport_oauth2_1 = __importDefault(require("passport-oauth2"));
const inversify_1 = require("inversify");
let KeycloakOAuthEndpoint = class KeycloakOAuthEndpoint extends oauth_endpoint_1.OAuthEndpoint {
constructor() {
super(...arguments);
this.id = 'keycloak';
this.path = '/api/login/keycloak';
this.redirectPath = '/api/login/keycloak-callback';
}
init() {
this.host = this.configuration.getValue('keycloak-host');
this.realm = this.configuration.getValue('keycloak-realm');
this.clientID = this.configuration.getValue('keycloak-client-id');
this.clientSecret = this.configuration.getValue('keycloak-client-secret');
this.userNameClaim = this.configuration.getValue('keycloak-username-claim');
this.label = this.configuration.getValue('keycloak-client-label');
this.keycloakBaseUrl = `${this.host}/realms/${this.realm}`;
}
getProtocolProvider() {
var _a, _b;
return {
endpoint: this.path,
name: (_a = this.label) !== null && _a !== void 0 ? _a : 'Keycloak',
type: 'web',
label: {
code: '',
message: (_b = this.label) !== null && _b !== void 0 ? _b : 'Keycloak',
params: []
},
group: oauth_endpoint_1.ThirdParty
};
}
shouldActivate() {
return !!this.host && !!this.realm && !!this.clientID;
}
getStrategy(host, port) {
var _a;
return new KeycloakStrategy({
authorizationURL: `${this.keycloakBaseUrl}/protocol/openid-connect/auth`,
tokenURL: `${this.keycloakBaseUrl}/protocol/openid-connect/token`,
userInfoURL: `${this.keycloakBaseUrl}/protocol/openid-connect/userinfo`,
clientID: this.clientID,
clientSecret: (_a = this.clientSecret) !== null && _a !== void 0 ? _a : '',
scope: ['openid', 'email', 'profile'],
callbackURL: this.createRedirectUrl(host, port, this.redirectPath),
}, (accessToken, refreshToken, profile, done) => {
var _a, _b;
const userInfo = {
name: profile[(_a = this.userNameClaim) !== null && _a !== void 0 ? _a : 'preferred_username'],
email: profile.email,
authProvider: (_b = this.label) !== null && _b !== void 0 ? _b : 'Keycloak',
};
done(undefined, userInfo);
});
}
};
exports.KeycloakOAuthEndpoint = KeycloakOAuthEndpoint;
__decorate([
(0, inversify_1.postConstruct)()
], KeycloakOAuthEndpoint.prototype, "init", null);
exports.KeycloakOAuthEndpoint = KeycloakOAuthEndpoint = __decorate([
(0, inversify_1.injectable)()
], KeycloakOAuthEndpoint);
class KeycloakStrategy extends passport_oauth2_1.default {
constructor(options, verify) {
super(options, verify);
this.options = options;
}
async userProfile(accessToken, done) {
fetch(this.options.userInfoURL, {
headers: {
Authorization: `Bearer ${accessToken}`,
},
}).then(async (response) => {
if (!response.ok) {
throw new Error(`Failed to fetch user profile: ${response.statusText}`);
}
done(undefined, await response.json());
}).catch(err => done(err));
}
}
//# sourceMappingURL=keycloak-endoint.js.map