move tokens.ID_ into oidcClients.ID_
This commit is contained in:
Girish Ramakrishnan
+22
-6
@@ -6,6 +6,14 @@ exports = module.exports = {
|
||||
del,
|
||||
update,
|
||||
list,
|
||||
|
||||
validateId,
|
||||
|
||||
// token client ids. we categorize them so we can have different restrictions based on the client
|
||||
ID_WEBADMIN: 'cid-webadmin', // dashboard
|
||||
ID_DEVELOPMENT: 'cid-development', // dashboard development
|
||||
ID_CLI: 'cid-cli', // cloudron cli
|
||||
ID_SDK: 'cid-sdk', // created by user via dashboard
|
||||
};
|
||||
|
||||
const assert = require('assert'),
|
||||
@@ -13,13 +21,21 @@ const assert = require('assert'),
|
||||
dashboard = require('./dashboard.js'),
|
||||
database = require('./database.js'),
|
||||
hat = require('./hat.js'),
|
||||
safe = require('safetydance'),
|
||||
tokens = require('./tokens.js');
|
||||
safe = require('safetydance');
|
||||
|
||||
const OIDC_CLIENTS_TABLE_NAME = 'oidcClients';
|
||||
const OIDC_CLIENTS_FIELDS = [ 'id', 'secret', 'name', 'appId', 'loginRedirectUri', 'tokenSignatureAlgorithm' ];
|
||||
const DEFAULT_TOKEN_SIGNATURE_ALGORITHM='RS256';
|
||||
|
||||
function validateId(type) {
|
||||
assert.strictEqual(typeof type, 'string');
|
||||
|
||||
const types = [ exports.ID_WEBADMIN, exports.ID_SDK, exports.ID_DEVELOPMENT, exports.ID_CLI ];
|
||||
if (types.indexOf(type) === -1) return new BoxError(BoxError.BAD_FIELD, `type must be one of ${types.join(',')}`);
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
function postProcess(result) {
|
||||
assert.strictEqual(typeof result, 'object');
|
||||
|
||||
@@ -50,19 +66,19 @@ async function add(data) {
|
||||
async function get(id) {
|
||||
assert.strictEqual(typeof id, 'string');
|
||||
|
||||
if (id === tokens.ID_WEBADMIN) {
|
||||
if (id === exports.ID_WEBADMIN) {
|
||||
const { fqdn:dashboardFqdn } = await dashboard.getLocation();
|
||||
return {
|
||||
id: tokens.ID_WEBADMIN,
|
||||
id: exports.ID_WEBADMIN,
|
||||
secret: 'notused',
|
||||
application_type: 'web',
|
||||
response_types: ['code', 'code token'],
|
||||
grant_types: ['authorization_code', 'implicit'],
|
||||
loginRedirectUri: `https://${dashboardFqdn}/authcallback.html`
|
||||
};
|
||||
} else if (id === tokens.ID_DEVELOPMENT) {
|
||||
} else if (id === exports.ID_DEVELOPMENT) {
|
||||
return {
|
||||
id: tokens.ID_DEVELOPMENT,
|
||||
id: exports.ID_DEVELOPMENT,
|
||||
secret: 'notused',
|
||||
application_type: 'native', // have to use native here to support plaintext http, this however makes it impossible to skip consent screen
|
||||
response_types: ['code', 'code token'],
|
||||
|
||||
Reference in New Issue
Block a user