openapi-connect/lib/middleware/oauth.js

Base for microservices around OpenAPI/Swagger

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.getIssuer = void 0;
const express_jwt_1 = require("express-jwt");
const express_unless_1 = require("express-unless");
const jwksRsa = require("jwks-rsa");
const openid_client_1 = require("openid-client");
const mem = require("mem");
const promiseMemoize = require("promise-memoize");
openid_client_1.custom.setHttpOptionsDefaults({
    timeout: 5000
});
exports.getIssuer = promiseMemoize((url) => openid_client_1.Issuer.discover(url), {
    maxAge: 60 * 60 * 1000,
    maxErrorAge: 0
});
const getJwtMiddleware = mem((jwksUri, audience) => (0, express_jwt_1.expressjwt)({
    algorithms: ['RS256'],
    clockTolerance: 10,
    audience,
    secret: jwksRsa.expressJwtSecret({
        cache: true,
        cacheMaxEntries: 10,
        rateLimit: true,
        jwksRequestsPerMinute: 15,
        jwksUri
    }),
    requestProperty: 'user'
}), {
    cacheKey: (...args) => args.join(',')
});
exports.default = (options) => {
    const middleware = (req, res, next) => {
        return (0, exports.getIssuer)(options.url)
            .then(issuer => getJwtMiddleware(issuer.metadata.jwks_uri, options.audience)(req, res, next))
            .catch(e => next(e));
    };
    middleware.unless = express_unless_1.unless;
    return middleware;
};
//# sourceMappingURL=oauth.js.map