k-space/wildflock
10
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Activity

fix(oidc): get all oidc parameters from env
Some checks failed
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone Build is failing
Details
ci/woodpecker/manual/woodpecker Pipeline was successful
Details

Browse Source
This commit is contained in:
Erki Aas 2024-03-25 15:10:26 +02:00
parent caca4f3409
commit 29480105c5
2 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
config/prod.js
View File

@ -3,9 +3,17 @@ module.exports = {
sessionSecret: process.env.SESSION_SECRET, sessionSecret: process.env.SESSION_SECRET,
oidc: { oidc: {
gatewayUri: process.env.OIDC_GATEWAY_URI, gatewayUri: process.env.OIDC_GATEWAY_URI,
gatewayAuthUri: process.env.OIDC_GATEWAY_AUTH_URI,
gatewayTokenUri: process.env.OIDC_GATEWAY_TOKEN_URI,
gatewayUserinfoUri: process.env.OIDC_GATEWAY_USERINFO_URI,
clientId: process.env.OIDC_CLIENT_ID, clientId: process.env.OIDC_CLIENT_ID,
clientSecret: process.env.OIDC_CLIENT_SECRET, clientSecret: process.env.OIDC_CLIENT_SECRET,
redirectUris: process.env.OIDC_REDIRECT_URIS, redirectUris: process.env.OIDC_REDIRECT_URIS,
scopes: process.env.OIDC_AVAILABLE_SCOPES,
grantTypes: process.env.OIDC_GRANT_TYPES,
signedResponseAlg: process.env.OIDC_ID_TOKEN_SIGNED_RESPONSE_ALG,
responseTypes: process.env.OIDC_RESPONSE_TYPES,
authMethod: process.env.OIDC_TOKEN_ENDPOINT_AUTH_METHOD,
}, },
wildDuck: { wildDuck: {
url: process.env.WILDDUCK_URL, url: process.env.WILDDUCK_URL,

8
src/services/auth-oidc/auth-oidc.class.ts
View File

@ -29,17 +29,17 @@ export class AuthOidcService<ServiceParams extends AuthOidcParams = AuthOidcPara
client_id: config.get('oidc.clientId'), client_id: config.get('oidc.clientId'),
client_secret: config.get('oidc.clientSecret'), client_secret: config.get('oidc.clientSecret'),
redirect_uris: [config.get('oidc.redirectUris')], redirect_uris: [config.get('oidc.redirectUris')],
response_types: ['code'], response_types: [config.get('oidc.responseTypes')],
}); });
const codeVerifier = generators.codeVerifier(); const codeVerifier = generators.codeVerifier();
const codeChallenge = generators.codeChallenge(codeVerifier); const codeChallenge = generators.codeChallenge(codeVerifier);
const url = client.authorizationUrl({ const url = client.authorizationUrl({
redirect_uri: config.get('clientUrl') + '/auth-oidc/callback', redirect_uri: config.get('clientUrl') + '/auth-oidc/callback',
scope: 'openid profile offline_access', scope: config.get('oidc.scopes'),
response_type: 'code', response_type: config.get('oidc.responseTypes'),
code_challenge: codeChallenge, code_challenge: codeChallenge,
code_challenge_method: 'S256', code_challenge_method: config.get('oidc.signedResponseAlg'),
}); });
params.session.codeVerifier = codeVerifier; params.session.codeVerifier = codeVerifier;