-
Notifications
You must be signed in to change notification settings - Fork 144
/
Copy pathauth.js
101 lines (89 loc) · 3.13 KB
/
auth.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
const express = require('express');
const debug = require('../lib/debug')('auth');
const { get: getConfig } = require('../lib/config');
const { requiresAuth } = require('./requiresAuth');
const attemptSilentLogin = require('./attemptSilentLogin');
const TransientCookieHandler = require('../lib/transientHandler');
const { RequestContext, ResponseContext } = require('../lib/context');
const appSession = require('../lib/appSession');
const enforceLeadingSlash = (path) => {
return path.split('')[0] === '/' ? path : '/' + path;
};
/**
* Returns a router with two routes /login and /callback
*
* @param {Object} [params] The parameters object; see index.d.ts for types and descriptions.
*
* @returns {express.Router} the router
*/
const auth = function (params) {
const config = getConfig(params);
debug('configuration object processed, resulting configuration: %O', config);
const router = new express.Router();
const transient = new TransientCookieHandler(config);
router.use(appSession(config));
// Express context and OpenID Issuer discovery.
router.use(async (req, res, next) => {
req.oidc = new RequestContext(config, req, res, next);
res.oidc = new ResponseContext(config, req, res, next, transient);
next();
});
// Login route, configurable with routes.login
if (config.routes.login) {
const path = enforceLeadingSlash(config.routes.login);
debug('adding GET %s route', path);
router.get(path, express.urlencoded({ extended: false }), (req, res) =>
res.oidc.login({ returnTo: config.baseURL })
);
} else {
debug('login handling route not applied');
}
// Logout route, configurable with routes.logout
if (config.routes.logout) {
const path = enforceLeadingSlash(config.routes.logout);
debug('adding GET %s route', path);
router.get(path, (req, res) => res.oidc.logout());
} else {
debug('logout handling route not applied');
}
// Callback route, configured with routes.callback.
if (config.routes.callback) {
const path = enforceLeadingSlash(config.routes.callback);
debug('adding GET %s route', path);
router.get(path, (req, res) => res.oidc.callback());
debug('adding POST %s route', path);
router.post(path, express.urlencoded({ extended: false }), (req, res) =>
res.oidc.callback()
);
} else {
debug('callback handling route not applied');
}
if (config.authRequired) {
debug(
'authentication is required for all routes this middleware is applied to'
);
router.use(requiresAuth());
} else {
debug(
'authentication is not required for any of the routes this middleware is applied to ' +
'see and apply `requiresAuth` middlewares to your protected resources'
);
}
if (config.attemptSilentLogin) {
debug("silent login will be attempted on end-user's initial HTML request");
router.use(attemptSilentLogin());
}
return router;
};
/**
* Used for instantiating a custom session store. eg
*
* ```js
* const { auth } = require('express-openid-connect');
* const MemoryStore = require('memorystore')(auth);
* ```
*
* @constructor
*/
auth.Store = function () {};
module.exports = auth;