d2b8d7dc04
* Active authentication Oauth - Google authentication - GitHub authentication - Linkedin authentication Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Finish connexion et get user info connexion Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Fix lint error Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Change the expires token for 30 days Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Update connexion stratgey - Set last room when it will be created and not when connexion is openned - Add '/login' end point permit to logout and open iframe to log user - Add logout feature permit to logout in front Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Implement logout and revoke token with hydra Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Fix pull develop conflict Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Profile url (#1399) * Create function that permit to get profile URL Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Continue profil user Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Add menu and logout button Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Update last room use Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Profile callback permit to get url profile setting from admin Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Finish profile show Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Delete profileUrl will be not use today Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Correct lint Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Update size of iframe Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Delete console log Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Update feedback ARP Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com>
63 lines
2.1 KiB
TypeScript
63 lines
2.1 KiB
TypeScript
import { Issuer, Client, IntrospectionResponse } from "openid-client";
|
|
import { OPID_CLIENT_ID, OPID_CLIENT_SECRET, OPID_CLIENT_ISSUER, FRONT_URL } from "../Enum/EnvironmentVariable";
|
|
|
|
const opidRedirectUri = FRONT_URL + "/jwt";
|
|
|
|
class OpenIDClient {
|
|
private issuerPromise: Promise<Client> | null = null;
|
|
|
|
private initClient(): Promise<Client> {
|
|
if (!this.issuerPromise) {
|
|
this.issuerPromise = Issuer.discover(OPID_CLIENT_ISSUER).then((issuer) => {
|
|
return new issuer.Client({
|
|
client_id: OPID_CLIENT_ID,
|
|
client_secret: OPID_CLIENT_SECRET,
|
|
redirect_uris: [opidRedirectUri],
|
|
response_types: ["code"],
|
|
});
|
|
});
|
|
}
|
|
return this.issuerPromise;
|
|
}
|
|
|
|
public authorizationUrl(state: string, nonce: string) {
|
|
return this.initClient().then((client) => {
|
|
return client.authorizationUrl({
|
|
scope: "openid email",
|
|
prompt: "login",
|
|
state: state,
|
|
nonce: nonce,
|
|
});
|
|
});
|
|
}
|
|
|
|
public getUserInfo(code: string, nonce: string): Promise<{ email: string; sub: string; access_token: string }> {
|
|
return this.initClient().then((client) => {
|
|
return client.callback(opidRedirectUri, { code }, { nonce }).then((tokenSet) => {
|
|
return client.userinfo(tokenSet).then((res) => {
|
|
return {
|
|
...res,
|
|
email: res.email as string,
|
|
sub: res.sub,
|
|
access_token: tokenSet.access_token as string,
|
|
};
|
|
});
|
|
});
|
|
});
|
|
}
|
|
|
|
public logoutUser(token: string): Promise<void> {
|
|
return this.initClient().then((client) => {
|
|
return client.revoke(token);
|
|
});
|
|
}
|
|
|
|
public checkTokenAuth(token: string): Promise<IntrospectionResponse> {
|
|
return this.initClient().then((client) => {
|
|
return client.userinfo(token);
|
|
});
|
|
}
|
|
}
|
|
|
|
export const openIDClient = new OpenIDClient();
|