OpenId from Admin connect

- Create admin environment for redirect uri of openID - Add log out redirect when user click on log out button Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com>
2021-11-08 19:27:01 +01:00 · 2021-11-08 19:27:01 +01:00 · 4c028bfcb3
parent 603045bcad
commit 4c028bfcb3
3 changed files with 21 additions and 17 deletions
--- a/pusher/src/Enum/EnvironmentVariable.ts
+++ b/pusher/src/Enum/EnvironmentVariable.ts
@ -15,6 +15,7 @@ export const FRONT_URL = process.env.FRONT_URL || "http://localhost";
 export const OPID_CLIENT_ID = process.env.OPID_CLIENT_ID || "";
 export const OPID_CLIENT_SECRET = process.env.OPID_CLIENT_SECRET || "";
 export const OPID_CLIENT_ISSUER = process.env.OPID_CLIENT_ISSUER || "";
+export const OPID_CLIENT_REDIREC_URL = process.env.OPID_CLIENT_REDIREC_URL || FRONT_URL + "/jwt";

 export {
    SECRET_KEY,
--- a/pusher/src/Services/AdminApi.ts
+++ b/pusher/src/Services/AdminApi.ts
@ -150,6 +150,10 @@ class AdminApi {

        return ADMIN_URL + `/profile?token=${accessToken}`;
    }
+
+    async logoutOauth(token: string) {
+        await Axios.get(ADMIN_API_URL + `/oauth/logout?token=${token}`);
+    }
 }

 export const adminApi = new AdminApi();
--- a/pusher/src/Services/OpenIDClient.ts
+++ b/pusher/src/Services/OpenIDClient.ts
@ -1,7 +1,10 @@
 import { Issuer, Client, IntrospectionResponse } from "openid-client";
-import { OPID_CLIENT_ID, OPID_CLIENT_SECRET, OPID_CLIENT_ISSUER, FRONT_URL } from "../Enum/EnvironmentVariable";
-
-const opidRedirectUri = FRONT_URL + "/jwt";
+import {
+    OPID_CLIENT_ID,
+    OPID_CLIENT_SECRET,
+    OPID_CLIENT_ISSUER,
+    OPID_CLIENT_REDIREC_URL,
+} from "../Enum/EnvironmentVariable";

 class OpenIDClient {
    private issuerPromise: Promise<Client> | null = null;
@ -12,7 +15,7 @@ class OpenIDClient {
                return new issuer.Client({
                    client_id: OPID_CLIENT_ID,
                    client_secret: OPID_CLIENT_SECRET,
-                    redirect_uris: [opidRedirectUri],
+                    redirect_uris: [OPID_CLIENT_REDIREC_URL],
                    response_types: ["code"],
                });
            });
@ -20,30 +23,26 @@ class OpenIDClient {
        return this.issuerPromise;
    }

-    public authorizationUrl(state: string, nonce: string, playUri?: string, redirect?: string) {
+    public authorizationUrl(playUri?: string, redirect?: string) {
        return this.initClient().then((client) => {
            return client.authorizationUrl({
                scope: "openid email",
                prompt: "login",
-                state: state,
-                nonce: nonce,
                playUri: playUri,
                redirect: redirect,
            });
        });
    }

-    public getUserInfo(code: string, nonce: string): Promise<{ email: string; sub: string; access_token: string }> {
+    public getUserInfo(accessToken: string): Promise<{ email: string; sub: string; access_token: string }> {
        return this.initClient().then((client) => {
-            return client.callback(opidRedirectUri, { code }, { nonce }).then((tokenSet) => {
-                return client.userinfo(tokenSet).then((res) => {
-                    return {
-                        ...res,
-                        email: res.email as string,
-                        sub: res.sub,
-                        access_token: tokenSet.access_token as string,
-                    };
-                });
+            return client.userinfo(accessToken).then((res) => {
+                return {
+                    ...res,
+                    email: res.email as string,
+                    sub: res.sub,
+                    access_token: accessToken as string,
+                };
            });
        });
    }