From bf8919f7a7b9215b1df806d74b50dfd2b2f529f6 Mon Sep 17 00:00:00 2001 From: Fenris Wolf Date: Sun, 20 Oct 2024 18:26:24 +0200 Subject: [PATCH] [mod] oidc --- lib/plankton/plankton.d.ts | 16 +++++++---- lib/plankton/plankton.js | 10 +++---- source/auth.ts | 55 +++++++++++++++++++++----------------- 3 files changed, 46 insertions(+), 35 deletions(-) diff --git a/lib/plankton/plankton.d.ts b/lib/plankton/plankton.d.ts index 74e1432..bb115dc 100644 --- a/lib/plankton/plankton.d.ts +++ b/lib/plankton/plankton.d.ts @@ -1,11 +1,11 @@ /** * @author fenris */ -declare type int = number; +type int = number; /** * @author fenris */ -declare type float = number; +type float = number; declare var process: any; declare var require: any; declare class Buffer { @@ -22,7 +22,7 @@ declare namespace lib_plankton.base { /** * @author fenris */ -declare type type_pseudopointer = { +type type_pseudopointer = { value: type_value; }; /** @@ -2186,7 +2186,7 @@ declare namespace lib_plankton.storage.memory { clear(): Promise; write(key: any, value: any): Promise; delete(key: any): Promise; - read(key: any): Promise; + read(key: any): Promise>; search(term: any): Promise<{ key: string; preview: string; @@ -4183,7 +4183,13 @@ declare namespace lib_plankton.auth.oidc { /** * @see https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest */ - export function authorization_url(subject: type_subject): string; + export function authorization_url(subject: type_subject, state: string): string; + /** + */ + export function prepare_login(subject: type_subject): { + state: string; + authorization_url: string; + }; /** */ export function handle_authorization_callback(subject: type_subject, cookie: (null | string), stuff: Record): Promise<{ diff --git a/lib/plankton/plankton.js b/lib/plankton/plankton.js index 2c7cfb2..807a8f8 100644 --- a/lib/plankton/plankton.js +++ b/lib/plankton/plankton.js @@ -1568,7 +1568,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) { function verb(n) { return function (v) { return step([n, v]); }; } function step(op) { if (f) throw new TypeError("Generator is already executing."); - while (_) try { + while (g && (g = 0, op[0] && (_ = 0)), _) try { if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; if (y = 0, t) op = [op[0] & 2, t.value]; switch (op[0]) { @@ -6564,7 +6564,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) { function verb(n) { return function (v) { return step([n, v]); }; } function step(op) { if (f) throw new TypeError("Generator is already executing."); - while (_) try { + while (g && (g = 0, op[0] && (_ = 0)), _) try { if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; if (y = 0, t) op = [op[0] & 2, t.value]; switch (op[0]) { @@ -9886,7 +9886,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) { function verb(n) { return function (v) { return step([n, v]); }; } function step(op) { if (f) throw new TypeError("Generator is already executing."); - while (_) try { + while (g && (g = 0, op[0] && (_ = 0)), _) try { if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; if (y = 0, t) op = [op[0] & 2, t.value]; switch (op[0]) { @@ -13940,7 +13940,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) { function verb(n) { return function (v) { return step([n, v]); }; } function step(op) { if (f) throw new TypeError("Generator is already executing."); - while (_) try { + while (g && (g = 0, op[0] && (_ = 0)), _) try { if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; if (y = 0, t) op = [op[0] & 2, t.value]; switch (op[0]) { @@ -14824,7 +14824,7 @@ var lib_plankton; subject.cases[state] = {}; return { "state": state, - "authorization_url": authorization_url(state), + "authorization_url": authorization_url(subject, state), }; } oidc.prepare_login = prepare_login; diff --git a/source/auth.ts b/source/auth.ts index 7613cd4..4dec54e 100644 --- a/source/auth.ts +++ b/source/auth.ts @@ -106,7 +106,7 @@ namespace _zeitbild.auth { switch (_zeitbild.conf.get().authentication.kind) { case "oidc": { - if (_subject_oidc === null) { + if ((_subject_oidc === null) || (_oidc_redict_uri_template_map === null)) { throw (new Error("not initialized yet")); } else { @@ -150,7 +150,7 @@ namespace _zeitbild.auth /** */ - export function oidc_handle_authorization_callback( + export async function oidc_handle_authorization_callback( cookie : (null | string), data : Record ) : Promise< @@ -164,34 +164,39 @@ namespace _zeitbild.auth } > { - const state : string = data["state"]; - const result : { - token : string; - userinfo : { - name : (null | string); - email : (null | string); - }; - } = await lib_plankton.auth.oidc.handle_authorization_callback( - _oidc_subject, - cookie, - data - ); - return Promise.resolve< - { + if ((_subject_oidc === null) || (_oidc_redict_uri_template_map === null)) { + throw (new Error("not initialized yet")); + } + else { + const state : string = data["state"]; + const result : { token : string; userinfo : { name : (null | string); email : (null | string); }; - redirect_uri_template : string; - } - >( - { - "token": result.token, - "userinfo": result.userinfo, - "redirect_uri_template": _oidc_redict_uri_template_map.get(state), - } - ) + } = await lib_plankton.auth.oidc.handle_authorization_callback( + _subject_oidc, + cookie, + data + ); + return Promise.resolve< + { + token : string; + userinfo : { + name : (null | string); + email : (null | string); + }; + redirect_uri_template : string; + } + >( + { + "token": result.token, + "userinfo": result.userinfo, + "redirect_uri_template": _oidc_redict_uri_template_map.get(state), + } + ); + } } }