UNPKG

open-collaboration-server

Version:

Open Collaboration Server implementation, part of the Open Collaboration Tools project

100 lines 4.66 kB
"use strict"; // ****************************************************************************** // Copyright 2025 TypeFox GmbH // This program and the accompanying materials are made available under the // terms of the MIT License, which is available in the project root. // ****************************************************************************** var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.KeycloakOAuthEndpoint = void 0; const oauth_endpoint_1 = require("./oauth-endpoint"); const passport_oauth2_1 = __importDefault(require("passport-oauth2")); const inversify_1 = require("inversify"); let KeycloakOAuthEndpoint = class KeycloakOAuthEndpoint extends oauth_endpoint_1.OAuthEndpoint { constructor() { super(...arguments); this.id = 'keycloak'; this.path = '/api/login/keycloak'; this.redirectPath = '/api/login/keycloak-callback'; } init() { this.host = this.configuration.getValue('keycloak-host'); this.realm = this.configuration.getValue('keycloak-realm'); this.clientID = this.configuration.getValue('keycloak-client-id'); this.clientSecret = this.configuration.getValue('keycloak-client-secret'); this.userNameClaim = this.configuration.getValue('keycloak-username-claim'); this.label = this.configuration.getValue('keycloak-client-label'); this.keycloakBaseUrl = `${this.host}/realms/${this.realm}`; } getProtocolProvider() { var _a, _b; return { endpoint: this.path, name: (_a = this.label) !== null && _a !== void 0 ? _a : 'Keycloak', type: 'web', label: { code: '', message: (_b = this.label) !== null && _b !== void 0 ? _b : 'Keycloak', params: [] }, group: oauth_endpoint_1.ThirdParty }; } shouldActivate() { return !!this.host && !!this.realm && !!this.clientID; } getStrategy(host, port) { var _a; return new KeycloakStrategy({ authorizationURL: `${this.keycloakBaseUrl}/protocol/openid-connect/auth`, tokenURL: `${this.keycloakBaseUrl}/protocol/openid-connect/token`, userInfoURL: `${this.keycloakBaseUrl}/protocol/openid-connect/userinfo`, clientID: this.clientID, clientSecret: (_a = this.clientSecret) !== null && _a !== void 0 ? _a : '', scope: ['openid', 'email', 'profile'], callbackURL: this.createRedirectUrl(host, port, this.redirectPath), }, (accessToken, refreshToken, profile, done) => { var _a, _b; const userInfo = { name: profile[(_a = this.userNameClaim) !== null && _a !== void 0 ? _a : 'preferred_username'], email: profile.email, authProvider: (_b = this.label) !== null && _b !== void 0 ? _b : 'Keycloak', }; done(undefined, userInfo); }); } }; exports.KeycloakOAuthEndpoint = KeycloakOAuthEndpoint; __decorate([ (0, inversify_1.postConstruct)() ], KeycloakOAuthEndpoint.prototype, "init", null); exports.KeycloakOAuthEndpoint = KeycloakOAuthEndpoint = __decorate([ (0, inversify_1.injectable)() ], KeycloakOAuthEndpoint); class KeycloakStrategy extends passport_oauth2_1.default { constructor(options, verify) { super(options, verify); this.options = options; } async userProfile(accessToken, done) { fetch(this.options.userInfoURL, { headers: { Authorization: `Bearer ${accessToken}`, }, }).then(async (response) => { if (!response.ok) { throw new Error(`Failed to fetch user profile: ${response.statusText}`); } done(undefined, await response.json()); }).catch(err => done(err)); } } //# sourceMappingURL=keycloak-endoint.js.map