OpenId from Admin connect

- Create admin environment for redirect uri of openID
 - Add log out redirect when user click on log out button

Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com>
This commit is contained in:
Gregoire Parant 2021-11-08 19:27:01 +01:00
parent 603045bcad
commit 4c028bfcb3
3 changed files with 21 additions and 17 deletions

View file

@ -15,6 +15,7 @@ export const FRONT_URL = process.env.FRONT_URL || "http://localhost";
export const OPID_CLIENT_ID = process.env.OPID_CLIENT_ID || ""; export const OPID_CLIENT_ID = process.env.OPID_CLIENT_ID || "";
export const OPID_CLIENT_SECRET = process.env.OPID_CLIENT_SECRET || ""; export const OPID_CLIENT_SECRET = process.env.OPID_CLIENT_SECRET || "";
export const OPID_CLIENT_ISSUER = process.env.OPID_CLIENT_ISSUER || ""; export const OPID_CLIENT_ISSUER = process.env.OPID_CLIENT_ISSUER || "";
export const OPID_CLIENT_REDIREC_URL = process.env.OPID_CLIENT_REDIREC_URL || FRONT_URL + "/jwt";
export { export {
SECRET_KEY, SECRET_KEY,

View file

@ -150,6 +150,10 @@ class AdminApi {
return ADMIN_URL + `/profile?token=${accessToken}`; return ADMIN_URL + `/profile?token=${accessToken}`;
} }
async logoutOauth(token: string) {
await Axios.get(ADMIN_API_URL + `/oauth/logout?token=${token}`);
}
} }
export const adminApi = new AdminApi(); export const adminApi = new AdminApi();

View file

@ -1,7 +1,10 @@
import { Issuer, Client, IntrospectionResponse } from "openid-client"; import { Issuer, Client, IntrospectionResponse } from "openid-client";
import { OPID_CLIENT_ID, OPID_CLIENT_SECRET, OPID_CLIENT_ISSUER, FRONT_URL } from "../Enum/EnvironmentVariable"; import {
OPID_CLIENT_ID,
const opidRedirectUri = FRONT_URL + "/jwt"; OPID_CLIENT_SECRET,
OPID_CLIENT_ISSUER,
OPID_CLIENT_REDIREC_URL,
} from "../Enum/EnvironmentVariable";
class OpenIDClient { class OpenIDClient {
private issuerPromise: Promise<Client> | null = null; private issuerPromise: Promise<Client> | null = null;
@ -12,7 +15,7 @@ class OpenIDClient {
return new issuer.Client({ return new issuer.Client({
client_id: OPID_CLIENT_ID, client_id: OPID_CLIENT_ID,
client_secret: OPID_CLIENT_SECRET, client_secret: OPID_CLIENT_SECRET,
redirect_uris: [opidRedirectUri], redirect_uris: [OPID_CLIENT_REDIREC_URL],
response_types: ["code"], response_types: ["code"],
}); });
}); });
@ -20,30 +23,26 @@ class OpenIDClient {
return this.issuerPromise; return this.issuerPromise;
} }
public authorizationUrl(state: string, nonce: string, playUri?: string, redirect?: string) { public authorizationUrl(playUri?: string, redirect?: string) {
return this.initClient().then((client) => { return this.initClient().then((client) => {
return client.authorizationUrl({ return client.authorizationUrl({
scope: "openid email", scope: "openid email",
prompt: "login", prompt: "login",
state: state,
nonce: nonce,
playUri: playUri, playUri: playUri,
redirect: redirect, redirect: redirect,
}); });
}); });
} }
public getUserInfo(code: string, nonce: string): Promise<{ email: string; sub: string; access_token: string }> { public getUserInfo(accessToken: string): Promise<{ email: string; sub: string; access_token: string }> {
return this.initClient().then((client) => { return this.initClient().then((client) => {
return client.callback(opidRedirectUri, { code }, { nonce }).then((tokenSet) => { return client.userinfo(accessToken).then((res) => {
return client.userinfo(tokenSet).then((res) => { return {
return { ...res,
...res, email: res.email as string,
email: res.email as string, sub: res.sub,
sub: res.sub, access_token: accessToken as string,
access_token: tokenSet.access_token as string, };
};
});
}); });
}); });
} }