zeitbild/backend
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[mod] oidc

Browse source
This commit is contained in:
Fenris Wolf 2024-10-20 18:26:24 +02:00
parent 6521f60601
commit bf8919f7a7
3 changed files with 46 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
lib/plankton/plankton.d.ts vendored
View file

@ -1,11 +1,11 @@
/** /**
* @author fenris * @author fenris
*/ */
declare type int = number; type int = number;
/** /**
* @author fenris * @author fenris
*/ */
declare type float = number; type float = number;
declare var process: any; declare var process: any;
declare var require: any; declare var require: any;
declare class Buffer { declare class Buffer {
@ -22,7 +22,7 @@ declare namespace lib_plankton.base {
/** /**
* @author fenris * @author fenris
*/ */
declare type type_pseudopointer<type_value> = { type type_pseudopointer<type_value> = {
value: type_value; value: type_value;
}; };
/** /**
@ -2186,7 +2186,7 @@ declare namespace lib_plankton.storage.memory {
clear(): Promise<void>; clear(): Promise<void>;
write(key: any, value: any): Promise<boolean>; write(key: any, value: any): Promise<boolean>;
delete(key: any): Promise<void>; delete(key: any): Promise<void>;
read(key: any): Promise<type_item>; read(key: any): Promise<Awaited<type_item>>;
search(term: any): Promise<{ search(term: any): Promise<{
key: string; key: string;
preview: string; preview: string;
@ -4183,7 +4183,13 @@ declare namespace lib_plankton.auth.oidc {
/** /**
* @see https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest * @see https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest
*/ */
export function authorization_url(subject: type_subject): string; export function authorization_url(subject: type_subject, state: string): string;
/**
*/
export function prepare_login(subject: type_subject): {
state: string;
authorization_url: string;
};
/** /**
*/ */
export function handle_authorization_callback(subject: type_subject, cookie: (null | string), stuff: Record<string, string>): Promise<{ export function handle_authorization_callback(subject: type_subject, cookie: (null | string), stuff: Record<string, string>): Promise<{

10
lib/plankton/plankton.js
View file

@ -1568,7 +1568,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
function verb(n) { return function (v) { return step([n, v]); }; } function verb(n) { return function (v) { return step([n, v]); }; }
function step(op) { function step(op) {
if (f) throw new TypeError("Generator is already executing."); if (f) throw new TypeError("Generator is already executing.");
while (_) try { while (g && (g = 0, op[0] && (_ = 0)), _) try {
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
if (y = 0, t) op = [op[0] & 2, t.value]; if (y = 0, t) op = [op[0] & 2, t.value];
switch (op[0]) { switch (op[0]) {
@ -6564,7 +6564,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
function verb(n) { return function (v) { return step([n, v]); }; } function verb(n) { return function (v) { return step([n, v]); }; }
function step(op) { function step(op) {
if (f) throw new TypeError("Generator is already executing."); if (f) throw new TypeError("Generator is already executing.");
while (_) try { while (g && (g = 0, op[0] && (_ = 0)), _) try {
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
if (y = 0, t) op = [op[0] & 2, t.value]; if (y = 0, t) op = [op[0] & 2, t.value];
switch (op[0]) { switch (op[0]) {
@ -9886,7 +9886,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
function verb(n) { return function (v) { return step([n, v]); }; } function verb(n) { return function (v) { return step([n, v]); }; }
function step(op) { function step(op) {
if (f) throw new TypeError("Generator is already executing."); if (f) throw new TypeError("Generator is already executing.");
while (_) try { while (g && (g = 0, op[0] && (_ = 0)), _) try {
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
if (y = 0, t) op = [op[0] & 2, t.value]; if (y = 0, t) op = [op[0] & 2, t.value];
switch (op[0]) { switch (op[0]) {
@ -13940,7 +13940,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
function verb(n) { return function (v) { return step([n, v]); }; } function verb(n) { return function (v) { return step([n, v]); }; }
function step(op) { function step(op) {
if (f) throw new TypeError("Generator is already executing."); if (f) throw new TypeError("Generator is already executing.");
while (_) try { while (g && (g = 0, op[0] && (_ = 0)), _) try {
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
if (y = 0, t) op = [op[0] & 2, t.value]; if (y = 0, t) op = [op[0] & 2, t.value];
switch (op[0]) { switch (op[0]) {
@ -14824,7 +14824,7 @@ var lib_plankton;
subject.cases[state] = {}; subject.cases[state] = {};
return { return {
"state": state, "state": state,
"authorization_url": authorization_url(state), "authorization_url": authorization_url(subject, state),
}; };
} }
oidc.prepare_login = prepare_login; oidc.prepare_login = prepare_login;

13
source/auth.ts
View file

@ -106,7 +106,7 @@ namespace _zeitbild.auth
{ {
switch (_zeitbild.conf.get().authentication.kind) { switch (_zeitbild.conf.get().authentication.kind) {
case "oidc": { case "oidc": {
if (_subject_oidc === null) { if ((_subject_oidc === null) || (_oidc_redict_uri_template_map === null)) {
throw (new Error("not initialized yet")); throw (new Error("not initialized yet"));
} }
else { else {
@ -150,7 +150,7 @@ namespace _zeitbild.auth
/** /**
*/ */
export function oidc_handle_authorization_callback( export async function oidc_handle_authorization_callback(
cookie : (null | string), cookie : (null | string),
data : Record<string, string> data : Record<string, string>
) : Promise< ) : Promise<
@ -164,6 +164,10 @@ namespace _zeitbild.auth
} }
> >
{ {
if ((_subject_oidc === null) || (_oidc_redict_uri_template_map === null)) {
throw (new Error("not initialized yet"));
}
else {
const state : string = data["state"]; const state : string = data["state"];
const result : { const result : {
token : string; token : string;
@ -172,7 +176,7 @@ namespace _zeitbild.auth
email : (null | string); email : (null | string);
}; };
} = await lib_plankton.auth.oidc.handle_authorization_callback( } = await lib_plankton.auth.oidc.handle_authorization_callback(
_oidc_subject, _subject_oidc,
cookie, cookie,
data data
); );
@ -191,7 +195,8 @@ namespace _zeitbild.auth
"userinfo": result.userinfo, "userinfo": result.userinfo,
"redirect_uri_template": _oidc_redict_uri_template_map.get(state), "redirect_uri_template": _oidc_redict_uri_template_map.get(state),
} }
) );
}
} }
} }