diff --git a/src/routes/oidc.js b/src/routes/oidc.js index bc09c8a71..ef9c2d763 100644 --- a/src/routes/oidc.js +++ b/src/routes/oidc.js @@ -1,7 +1,7 @@ 'use strict'; exports = module.exports = { - + loadClient, addClient, listClients, getClient, @@ -47,15 +47,22 @@ async function addClient(req, res, next) { next(new HttpSuccess(201, data)); } -async function getClient(req, res, next) { +async function loadClient(req, res, next) { assert.strictEqual(typeof req.params.clientId, 'string'); const [error, client] = await safe(oidc.getClient(req.params.clientId)); if (error) return next(BoxError.toHttpError(error)); - if (!client) return next(new HttpError(404, 'OpenID connect client not found')); - if (client.appId) return next(new HttpError(422, 'OpenID connect client from an internal app')); + if (!client) return next(new HttpError(404, 'OIDC client not found')); + if (client.appId) return next(new HttpError(422, 'OIDC client of an internal app')); - next(new HttpSuccess(200, client)); + req.oidcClient = client; + next(); +} + +async function getClient(req, res, next) { + assert.strictEqual(typeof req.params.clientId, 'string'); + + next(new HttpSuccess(200, req.oidcClient)); } async function updateClient(req, res, next) { @@ -66,11 +73,6 @@ async function updateClient(req, res, next) { if (typeof req.body.loginRedirectUri !== 'string' || !req.body.loginRedirectUri) return next(new HttpError(400, 'loginRedirectUri must be non-empty string')); if (req.body.tokenSignatureAlgorithm !== 'EdDSA' && req.body.tokenSignatureAlgorithm !== 'RS256') return next(new HttpError(400, 'tokenSignatureAlgorithm must be either EdDSA or RS256')); - const [error, client] = await safe(oidc.getClient(req.params.clientId)); - if (error) return next(BoxError.toHttpError(error)); - if (!client) return next(new HttpError(404, 'OpenID connect client not found')); - if (client.appId) return next(new HttpError(422, 'OpenID connect client from an internal app')); - const data = { name: req.body.name, appId: '', // always empty for custom clients @@ -94,11 +96,6 @@ async function listClients(req, res, next) { async function delClient(req, res, next) { assert.strictEqual(typeof req.params.clientId, 'string'); - const [error, client] = await safe(oidc.oidc.getClient(req.params.clientId)); - if (error) return next(BoxError.toHttpError(error)); - if (!client) return next(new HttpError(404, 'OpenID connect client not found')); - if (client.appId) return next(new HttpError(422, 'OpenID connect client from an internal app')); - const [delError] = await safe(oidc.delClient(req.params.clientId)); if (delError) return next(BoxError.toHttpError(delError)); diff --git a/src/server.js b/src/server.js index 6cd22c3e6..5237d689c 100644 --- a/src/server.js +++ b/src/server.js @@ -422,9 +422,9 @@ async function initializeExpressSync() { // OpenID connect clients router.get ('/api/v1/oidc/clients', token, authorizeAdmin, routes.oidc.listClients); router.post('/api/v1/oidc/clients', json, token, authorizeAdmin, routes.oidc.addClient); - router.get ('/api/v1/oidc/clients/:clientId', token, authorizeAdmin, routes.oidc.getClient); - router.post('/api/v1/oidc/clients/:clientId', json, token, authorizeAdmin, routes.oidc.updateClient); - router.del ('/api/v1/oidc/clients/:clientId', token, authorizeAdmin, routes.oidc.delClient); + router.get ('/api/v1/oidc/clients/:clientId', token, authorizeAdmin, routes.oidc.loadClient, routes.oidc.getClient); + router.post('/api/v1/oidc/clients/:clientId', json, token, authorizeAdmin, routes.oidc.loadClient, routes.oidc.updateClient); + router.del ('/api/v1/oidc/clients/:clientId', token, authorizeAdmin, routes.oidc.loadClient, routes.oidc.delClient); // OpenID connect sessions router.del ('/api/v1/oidc/sessions', token, authorizeUser, routes.oidc.destroyUserSession);