workadventure/pusher/src/Services/JWTTokenManager.ts

import { ADMIN_API_URL, ADMIN_SOCKETS_TOKEN, ALLOW_ARTILLERY, SECRET_KEY } from "../Enum/EnvironmentVariable";
import { uuid } from "uuidv4";
import Jwt, { verify } from "jsonwebtoken";
import { TokenInterface } from "../Controller/AuthenticateController";
import { adminApi, AdminBannedData } from "../Services/AdminApi";
import { InvalidTokenError } from "../Controller/InvalidTokenError";

export interface AuthTokenData {
    identifier: string; //will be a email if logged in or an uuid if anonymous
    accessToken?: string;
}
export interface AdminSocketTokenData {
    authorizedRoomIds: string[]; //the list of rooms the client is authorized to read from.
}
export const tokenInvalidException = "tokenInvalid";

class JWTTokenManager {
    public verifyAdminSocketToken(token: string): AdminSocketTokenData {
        return Jwt.verify(token, ADMIN_SOCKETS_TOKEN) as AdminSocketTokenData;
    }

    public createAuthToken(identifier: string, accessToken?: string) {
        return Jwt.sign({ identifier, accessToken }, SECRET_KEY, { expiresIn: "30d" });
    }

    public verifyJWTToken(token: string, ignoreExpiration: boolean = false): AuthTokenData {
        try {
            return Jwt.verify(token, SECRET_KEY, { ignoreExpiration }) as AuthTokenData;
        } catch (e) {
            if (e instanceof Error) {
                // FIXME: we are loosing the stacktrace here.
                throw new InvalidTokenError(e.message);
            } else {
                throw e;
            }
        }
    }
}

export const jwtTokenManager = new JWTTokenManager();
FIX: the admin sockets now uses a short live to check room authorization 2021-10-28 14:53:07 +02:00			`import { ADMIN_API_URL, ADMIN_SOCKETS_TOKEN, ALLOW_ARTILLERY, SECRET_KEY } from "../Enum/EnvironmentVariable";`
Applying Prettier on pusher and back 2021-06-24 10:09:10 +02:00			`import { uuid } from "uuidv4";`
FEATURE: users can now login via an openID client 2021-07-27 16:37:01 +02:00			`import Jwt, { verify } from "jsonwebtoken";`
Applying Prettier on pusher and back 2021-06-24 10:09:10 +02:00			`import { TokenInterface } from "../Controller/AuthenticateController";`
			`import { adminApi, AdminBannedData } from "../Services/AdminApi";`
Creating only one WS connection to pusher from admin Also: migration to Typescript 4.5 and µWebsockets 1.20.4 2021-12-01 10:12:07 +01:00			`import { InvalidTokenError } from "../Controller/InvalidTokenError";`
Adding a Pusher container as a middleware/dispatcher between front and back 2020-11-13 18:00:22 +01:00
FEATURE: users can now login via an openID client 2021-07-27 16:37:01 +02:00			`export interface AuthTokenData {`
			`identifier: string; //will be a email if logged in or an uuid if anonymous`
Update hydraAccessToken to accessToken 2021-11-15 12:30:25 +01:00			`accessToken?: string;`
FEATURE: users can now login via an openID client 2021-07-27 16:37:01 +02:00			`}`
FIX: the admin sockets now uses a short live to check room authorization 2021-10-28 14:53:07 +02:00			`export interface AdminSocketTokenData {`
			`authorizedRoomIds: string[]; //the list of rooms the client is authorized to read from.`
			`}`
FEATURE: users can now login via an openID client 2021-07-27 16:37:01 +02:00			`export const tokenInvalidException = "tokenInvalid";`

Adding a Pusher container as a middleware/dispatcher between front and back 2020-11-13 18:00:22 +01:00			`class JWTTokenManager {`
FIX: the admin sockets now uses a short live to check room authorization 2021-10-28 14:53:07 +02:00			`public verifyAdminSocketToken(token: string): AdminSocketTokenData {`
			`return Jwt.verify(token, ADMIN_SOCKETS_TOKEN) as AdminSocketTokenData;`
			`}`

Update hydraAccessToken to accessToken 2021-11-15 12:30:25 +01:00			`public createAuthToken(identifier: string, accessToken?: string) {`
			`return Jwt.sign({ identifier, accessToken }, SECRET_KEY, { expiresIn: "30d" });`
Adding a Pusher container as a middleware/dispatcher between front and back 2020-11-13 18:00:22 +01:00			`}`

Update token generation (#1372) - Permit only decode token to get map details, - If user have token expired, set the token to null and reload the page. This feature will be updated when authentication stategy will be finished. Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> 2021-08-15 22:51:06 +02:00			`public verifyJWTToken(token: string, ignoreExpiration: boolean = false): AuthTokenData {`
FEATURE: users can now login via an openID client 2021-07-27 16:37:01 +02:00			`try {`
Update token generation (#1372) - Permit only decode token to get map details, - If user have token expired, set the token to null and reload the page. This feature will be updated when authentication stategy will be finished. Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> 2021-08-15 22:51:06 +02:00			`return Jwt.verify(token, SECRET_KEY, { ignoreExpiration }) as AuthTokenData;`
FEATURE: users can now login via an openID client 2021-07-27 16:37:01 +02:00			`} catch (e) {`
Creating only one WS connection to pusher from admin Also: migration to Typescript 4.5 and µWebsockets 1.20.4 2021-12-01 10:12:07 +01:00			`if (e instanceof Error) {`
			`// FIXME: we are loosing the stacktrace here.`
			`throw new InvalidTokenError(e.message);`
			`} else {`
			`throw e;`
			`}`
Adding a Pusher container as a middleware/dispatcher between front and back 2020-11-13 18:00:22 +01:00			`}`
			`}`
			`}`

			`export const jwtTokenManager = new JWTTokenManager();`