diff --git a/src/oidc.js b/src/oidc.js index 25a2f7c51..babb03b77 100644 --- a/src/oidc.js +++ b/src/oidc.js @@ -8,6 +8,7 @@ exports = module.exports = { const assert = require('assert'), debug = require('debug')('box:oidc'), fs = require('fs'), + middleware = require('./middleware'), path = require('path'), paths = require('./paths.js'), BoxError = require('./boxerror.js'), @@ -271,6 +272,9 @@ function attachInteractionRoutes(routePrefix, app, provider) { next(); } + // FIXME duplicate, all those routes should go to server.js + const json = middleware.json({ strict: true, limit: '2mb' }); // application/json + app.get(routePrefix + '/interaction/:uid', setNoCache, async (req, res, next) => { try { const { uid, prompt, params, session } = await provider.interactionDetails(req, res); @@ -314,12 +318,15 @@ function attachInteractionRoutes(routePrefix, app, provider) { default: return undefined; } - } catch (err) { - return next(err); + } catch (error) { + debug(`route interaction get uid:${uid} error`); + console.log(error); + + return next(error); } }); - app.post(routePrefix + '/interaction/:uid/login', setNoCache, async (req, res, next) => { + app.post(routePrefix + '/interaction/:uid/login', json, setNoCache, async (req, res, next) => { const [detailsError, details] = await safe(provider.interactionDetails(req, res)); if (detailsError) return next(new HttpError(500, detailsError)); @@ -352,13 +359,16 @@ function attachInteractionRoutes(routePrefix, app, provider) { }, }; - const [interactionFinishError, interaction] = await safe(provider.interactionFinished(req, res, result)); + const [interactionFinishError, redirectTo] = await safe(provider.interactionResult(req, res, result)); if (interactionFinishError) return next(new HttpError(500, interactionFinishError)); - next(new HttpSuccess(200, { redirectTo: interaction.redirectTo })); + debug(`route interaction login post result redirectTo:${redirectTo}`); + + res.status(200).send({ redirectTo }); + // next(new HttpSuccess(200, { redirectTo })); }); - app.post(routePrefix + '/interaction/:uid/confirm', setNoCache, async (req, res, next) => { + app.post(routePrefix + '/interaction/:uid/confirm', json, setNoCache, async (req, res, next) => { try { const interactionDetails = await provider.interactionDetails(req, res); const { uid, prompt: { name, details }, params, session: { accountId } } = interactionDetails; @@ -457,6 +467,14 @@ async function getProvider(routePrefix) { required: function pkceRequired(ctx, client) { return false; } + }, + ttl: { + // in seconds, can also be a function returning the seconds https://github.com/panva/node-oidc-provider/blob/b1c1a9318036c2d3793cc9e668f99937c5c36bc6/docs/README.md#ttl + AccessToken: 3600, // 1 hour + IdToken: 3600, // 1 hour + Grant: 1209600, // 14 days + Session: 1209600, // 14 days + Interaction: 3600 // 1 hour } }; diff --git a/src/oidc_templates/login.ejs b/src/oidc_templates/login.ejs index 6b245bb46..95c6e189f 100644 --- a/src/oidc_templates/login.ejs +++ b/src/oidc_templates/login.ejs @@ -68,15 +68,17 @@ document.getElementById('loginForm').addEventListener('submit', function (event) }; fetch(apiUrl, { - method: 'POST' + method: 'POST', body: JSON.stringify(body), headers: { 'Content-type': 'application/json; charset=UTF-8' } }).then(function (response) { if (response.ok) return response.json(); return Promise.reject(response); }).then(function (data) { - console.log('login success', data); + if (data.redirectTo) window.location.href = data.redirectTo; + else console.log('login success but missing redirectTo in data:', data); }).catch(function (error) { + if (error.status === 401) document.getElementById('inputPassword').value = '' console.warn('Something went wrong.', error); }); });