restaf-server
Version:
Custom app server for Viya apps
93 lines (77 loc) • 3.05 kB
JavaScript
/*
* ------------------------------------------------------------------------------------
* * Copyright (c) SAS Institute Inc.
* * Licensed under the Apache License, Version 2.0 (the "License");
* * you may not use this file except in compliance with the License.
* * You may obtain a copy of the License at
* *
* * http://www.apache.org/licenses/LICENSE-2.0
* *
* * Unless required by applicable law or agreed to in writing, software
* * distributed under the License is distributed on an "AS IS" BASIS,
* * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* * See the License for the specific language governing permissions and
* limitations under the License.
* ----------------------------------------------------------------------------------------
*
*/
;
let bell = require('@hapi/bell'),
// eslint-disable-next-line no-unused-vars
uuid = require('uuid'),
cookie = require('@hapi/cookie');
async function SASauth (hapiServer) {
let authCookieOptions,
bellAuthOptions,
provider;
//TBD: do we need keepalive?
authCookieOptions = {
cookie: {
password : uuid.v4(),
name : 'authCookie',
domain : process.env.APPHOST,
isSecure : false,
isSameSite: (process.env.SAMESITE != null) ? process.env.SAMESITE : 'Strict'
},
validateFunc: async function (req, session) {
if (process.env.PROXYSERVER === 'YES') {
let credentials = await req.server.app.cache.get(session.sid);
return {
valid : true,
credentials: credentials
}
} else {
return {
valid : true,
credentials: req.auth.credentials
}
}
}
};
if (process.env.OAUTH2 == 'YES') {
let authURL = process.env.VIYA_SERVER ;
provider = {
name : 'sas',
protocol : 'oauth2',
useParamsAuth: false,
auth : authURL + '/SASLogon/oauth/authorize',
token : authURL + '/SASLogon/oauth/token'
};
bellAuthOptions = {
provider : provider,
password : uuid.v4(),
clientId : process.env.CLIENTID,
clientSecret: (process.env.CLIENTSECRET == null) ? ' ' : process.env.CLIENTSECRET,
isSecure : false
};
if (process.env.BELL_LOCATION != null) {
bellAuthOptions.location = process.env.BELL_LOCATION;
}
await hapiServer.register(bell);
await hapiServer.register(cookie);
hapiServer.auth.strategy('sas', 'bell', bellAuthOptions);
hapiServer.auth.strategy('session', 'cookie', authCookieOptions);
hapiServer.auth.default('session');
}
}
module.exports = SASauth;