jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

oidc: use better json based file store for objects

Browse Source
This commit is contained in:
Johannes Zellner
2023-03-24 20:08:17 +01:00
parent 44706b9c70
commit 99e0979c2e
7 changed files with 129 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
src/routes/oidc.js Normal file
View File

@@ -0,0 +1,101 @@
'use strict';
exports = module.exports = {
clients: {
get,
list,
add,
update,
del
},
destroyUserSession
};
const assert = require('assert'),
BoxError = require('../boxerror.js'),
oidc = require('../oidc.js'),
HttpError = require('connect-lastmile').HttpError,
HttpSuccess = require('connect-lastmile').HttpSuccess,
safe = require('safetydance');
async function add(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
if (typeof req.body.id !== 'string' || !req.body.id) return next(new HttpError(400, 'id must be non-empty string'));
if (typeof req.body.name !== 'string' || !req.body.name) return next(new HttpError(400, 'name must be non-empty string'));
if (typeof req.body.secret !== 'string' || !req.body.secret) return next(new HttpError(400, 'secret must be non-empty string'));
if (typeof req.body.loginRedirectUri !== 'string' || !req.body.loginRedirectUri) return next(new HttpError(400, 'loginRedirectUri must be non-empty string'));
if ('logoutRedirectUri' in req.body && (typeof req.body.logoutRedirectUri !== 'string' || !req.body.logoutRedirectUri)) return next(new HttpError(400, 'logoutRedirectUri must be non-empty string if provided'));
const data = {
secret: req.body.secret,
name: req.body.name,
appId: '', // always empty for custom clients
loginRedirectUri: req.body.loginRedirectUri,
logoutRedirectUri: req.body.logoutRedirectUri || ''
};
const [error] = await safe(oidc.clients.add(req.body.id, data));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(201, {}));
}
async function get(req, res, next) {
assert.strictEqual(typeof req.params.clientId, 'string');
const [error, client] = await safe(oidc.clients.get(req.params.clientId));
if (error) return next(BoxError.toHttpError(error));
if (!client) return next(new HttpError(404, 'OpenID connect client not found'));
next(new HttpSuccess(200, client));
}
async function update(req, res, next) {
assert.strictEqual(typeof req.params.clientId, 'string');
assert.strictEqual(typeof req.body, 'object');
if (typeof req.body.name !== 'string' || !req.body.name) return next(new HttpError(400, 'name must be non-empty string'));
if (typeof req.body.secret !== 'string' || !req.body.secret) return next(new HttpError(400, 'secret must be non-empty string'));
if (typeof req.body.loginRedirectUri !== 'string' || !req.body.loginRedirectUri) return next(new HttpError(400, 'loginRedirectUri must be non-empty string'));
if ('logoutRedirectUri' in req.body && (typeof req.body.logoutRedirectUri !== 'string' || !req.body.logoutRedirectUri)) return next(new HttpError(400, 'logoutRedirectUri must be non-empty string if provided'));
const data = {
secret: req.body.secret,
name: req.body.name,
appId: '', // always empty for custom clients
loginRedirectUri: req.body.loginRedirectUri,
logoutRedirectUri: req.body.logoutRedirectUri || ''
};
const [error] = await safe(oidc.clients.update(req.params.clientId, data));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(201, {}));
}
async function list(req, res, next) {
const [error, result] = await safe(oidc.clients.list());
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(200, { clients: result }));
}
async function del(req, res, next) {
assert.strictEqual(typeof req.params.clientId, 'string');
const [error] = await safe(oidc.clients.del(req.params.clientId));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(204));
}
async function destroyUserSession(req, res, next) {
assert.strictEqual(typeof req.user, 'object');
const [error] = await safe(oidc.revokeByUserId(req.user.id));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(204));
}