store express sessions in redis, delete only aliases from preferred domain #3

Merged
lauri merged 5 commits from dev into master 2023-08-12 08:14:49 +00:00
25 changed files with 524 additions and 591 deletions
Showing only changes of commit feb5e5b4ca - Show all commits

9
.prettierrc.json Normal file
View File

@ -0,0 +1,9 @@
{
"trailingComma": "es5",
"tabWidth": 4,
"semi": true,
"singleQuote": true,
"printWidth": 120,
"quoteProps": "as-needed",
"arrowParens": "avoid"
}

View File

@ -1,33 +1,33 @@
import { app } from "./app";
import { logger } from "./logger";
import { app } from './app';
import { logger } from './logger';
const port = app.get("port");
const host = app.get("host");
const port = app.get('port');
const host = app.get('host');
const server = app.listen(port);
app.listen(port).then(() => {
logger.info(`Walias app listening on http://${host}:${port}`);
logger.info(`Walias app listening on http://${host}:${port}`);
});
process.on("SIGINT", () => {
logger.info("Received SIGINT signal. Shutting down gracefully.");
process.on('SIGINT', () => {
logger.info('Received SIGINT signal. Shutting down gracefully.');
server.close(() => {
logger.info("HTTP server closed.");
process.exit(0);
});
server.close(() => {
logger.info('HTTP server closed.');
process.exit(0);
});
});
process.on("SIGTERM", () => {
logger.info("Received SIGTERM signal. Shutting down gracefully.");
process.on('SIGTERM', () => {
logger.info('Received SIGTERM signal. Shutting down gracefully.');
server.close(() => {
logger.info("HTTP server closed.");
process.exit(0);
});
server.close(() => {
logger.info('HTTP server closed.');
process.exit(0);
});
});
process.on("unhandledRejection", (reason) => {
logger.error("Unhandled rejection", reason);
process.exit(1);
process.on('unhandledRejection', reason => {
logger.error('Unhandled rejection', reason);
process.exit(1);
});

View File

@ -1,10 +1,10 @@
// For more information about this file see https://dove.feathersjs.com/guides/cli/logging.html
import { createLogger, format, transports } from "winston";
import { createLogger, format, transports } from 'winston';
// Configure the Winston logger. For the complete documentation see https://github.com/winstonjs/winston
export const logger = createLogger({
// To see more detailed errors, change this to 'debug'
level: "info",
format: format.combine(format.splat(), format.simple()),
transports: [new transports.Console()],
// To see more detailed errors, change this to 'debug'
level: 'info',
format: format.combine(format.splat(), format.simple()),
transports: [new transports.Console()],
});

View File

@ -1,27 +1,19 @@
import { randomUUID } from "crypto";
import { feathers } from "@feathersjs/feathers";
import express, {
rest,
json,
urlencoded,
cors,
serveStatic,
notFound,
errorHandler,
} from "@feathersjs/express";
import configuration from "@feathersjs/configuration";
import socketio from "@feathersjs/socketio";
import session from "express-session";
import cookieParser from "cookie-parser";
import RedisStore from "connect-redis";
import { createClient } from "redis";
import config from "config";
import type { Application } from "./declarations";
import { logger } from "./logger";
import { logError } from "./hooks/log-error";
import { services } from "./services/index";
import { channels } from "./channels";
import { Env, getEnv } from "./helpers/get-env";
import { randomUUID } from 'crypto';
import { feathers } from '@feathersjs/feathers';
import express, { rest, json, urlencoded, cors, serveStatic, notFound, errorHandler } from '@feathersjs/express';
import configuration from '@feathersjs/configuration';
import socketio from '@feathersjs/socketio';
import session from 'express-session';
import cookieParser from 'cookie-parser';
import RedisStore from 'connect-redis';
import { createClient } from 'redis';
import config from 'config';
import type { Application } from './declarations';
import { logger } from './logger';
import { logError } from './hooks/log-error';
import { services } from './services/index';
import { channels } from './channels';
import { Env, getEnv } from './helpers/get-env';
const app: Application = express(feathers());
@ -29,54 +21,54 @@ const app: Application = express(feathers());
app.configure(configuration());
app.use(cors());
app.use(
json({
limit: "20mb",
}),
json({
limit: '20mb',
})
);
app.use(cookieParser());
const sessionStore =
getEnv() === Env.prod
? new RedisStore({
prefix: "walias:",
client: createClient({
url: config.get("redis.url"),
}),
})
: undefined;
getEnv() === Env.prod
? new RedisStore({
prefix: 'walias:',
client: createClient({
url: config.get('redis.url'),
}),
})
: undefined;
app.use(
session({
store: sessionStore,
secret: randomUUID(),
resave: false,
saveUninitialized: false,
cookie: { secure: false },
}),
session({
store: sessionStore,
secret: randomUUID(),
resave: false,
saveUninitialized: false,
cookie: { secure: false },
})
);
// Propagate session to request.params in feathers services
app.use(function (req, _res, next) {
req.feathers = {
...req.feathers,
session: req.session,
};
next();
req.feathers = {
...req.feathers,
session: req.session,
};
next();
});
app.use(urlencoded({ extended: true }));
// Host the public folder
app.use("/", serveStatic(app.get("public")));
app.use('/', serveStatic(app.get('public')));
// Configure services and real-time functionality
app.configure(rest());
app.configure(
socketio({
cors: {
origin: app.get("origins"),
},
}),
socketio({
cors: {
origin: app.get('origins'),
},
})
);
app.configure(services);
app.configure(channels);
@ -87,17 +79,17 @@ app.use(errorHandler({ logger }));
// Register hooks that run on all service methods
app.hooks({
around: {
all: [logError],
},
before: {},
after: {},
error: {},
around: {
all: [logError],
},
before: {},
after: {},
error: {},
});
// Register application setup and teardown hooks here
app.hooks({
setup: [],
teardown: [],
setup: [],
teardown: [],
});
export { app };

View File

@ -1,41 +1,38 @@
// For more information about this file see https://dove.feathersjs.com/guides/cli/channels.html
import type { RealTimeConnection, Params } from "@feathersjs/feathers";
import type { AuthenticationResult } from "@feathersjs/authentication";
import "@feathersjs/transport-commons";
import type { Application, HookContext } from "./declarations";
import { logger } from "./logger";
import type { RealTimeConnection, Params } from '@feathersjs/feathers';
import type { AuthenticationResult } from '@feathersjs/authentication';
import '@feathersjs/transport-commons';
import type { Application, HookContext } from './declarations';
import { logger } from './logger';
export const channels = (app: Application) => {
logger.warn(
"Publishing all events to all authenticated users. See `channels.ts` and https://dove.feathersjs.com/api/channels.html for more information.",
);
logger.warn(
'Publishing all events to all authenticated users. See `channels.ts` and https://dove.feathersjs.com/api/channels.html for more information.'
);
app.on("connection", (connection: RealTimeConnection) => {
// On a new real-time connection, add it to the anonymous channel
app.channel("anonymous").join(connection);
});
app.on('connection', (connection: RealTimeConnection) => {
// On a new real-time connection, add it to the anonymous channel
app.channel('anonymous').join(connection);
});
app.on(
"login",
(authResult: AuthenticationResult, { connection }: Params) => {
// connection can be undefined if there is no
// real-time connection, e.g. when logging in via REST
if (connection) {
// The connection is no longer anonymous, remove it
app.channel("anonymous").leave(connection);
app.on('login', (authResult: AuthenticationResult, { connection }: Params) => {
// connection can be undefined if there is no
// real-time connection, e.g. when logging in via REST
if (connection) {
// The connection is no longer anonymous, remove it
app.channel('anonymous').leave(connection);
// Add it to the authenticated user channel
app.channel("authenticated").join(connection);
}
},
);
// Add it to the authenticated user channel
app.channel('authenticated').join(connection);
}
});
// eslint-disable-next-line no-unused-vars
app.publish((data: any, context: HookContext) => {
// Here you can add event publishers to channels set up in `channels.js`
// To publish only for a specific event use `app.publish(eventname, () => {})`
// eslint-disable-next-line no-unused-vars
app.publish((data: any, context: HookContext) => {
// Here you can add event publishers to channels set up in `channels.js`
// To publish only for a specific event use `app.publish(eventname, () => {})`
// e.g. to publish all service events to all authenticated users use
return app.channel("authenticated");
});
// e.g. to publish all service events to all authenticated users use
return app.channel('authenticated');
});
};

View File

@ -1,12 +1,12 @@
import axios from "axios";
import config from "config";
import axios from 'axios';
import config from 'config';
const wildDuckClient = axios.create({
baseURL: config.get("wildDuck.url"),
headers: {
"X-Access-Token": config.get("wildDuck.token"),
},
responseType: "json",
baseURL: config.get('wildDuck.url'),
headers: {
'X-Access-Token': config.get('wildDuck.token'),
},
responseType: 'json',
});
export default wildDuckClient;

View File

@ -1,9 +1,6 @@
// For more information about this file see https://dove.feathersjs.com/guides/cli/typescript.html
import {
HookContext as FeathersHookContext,
NextFunction,
} from "@feathersjs/feathers";
import { Application as FeathersApplication } from "@feathersjs/express";
import { HookContext as FeathersHookContext, NextFunction } from '@feathersjs/feathers';
import { Application as FeathersApplication } from '@feathersjs/express';
type ApplicationConfiguration = any;
export { NextFunction };

View File

@ -1,16 +1,16 @@
export enum Env {
dev = "dev",
prod = "prod",
test = "test",
dev = 'dev',
prod = 'prod',
test = 'test',
}
export const getEnv = (): Env => {
const env = process.env.NODE_ENV;
if (env === "prod") {
return Env.prod;
} else if (env === "test") {
return Env.test;
} else {
return Env.dev;
}
const env = process.env.NODE_ENV;
if (env === 'prod') {
return Env.prod;
} else if (env === 'test') {
return Env.test;
} else {
return Env.dev;
}
};

View File

@ -1,17 +1,17 @@
import type { HookContext, NextFunction } from "../declarations";
import { logger } from "../logger";
import type { HookContext, NextFunction } from '../declarations';
import { logger } from '../logger';
export const logError = async (context: HookContext, next: NextFunction) => {
try {
await next();
} catch (error: any) {
logger.error(error.stack);
try {
await next();
} catch (error: any) {
logger.error(error.stack);
// Log validation errors
if (error.data) {
logger.error("Data: %O", error.data);
// Log validation errors
if (error.data) {
logger.error('Data: %O', error.data);
}
throw error;
}
throw error;
}
};

View File

@ -1,9 +1,9 @@
import { NotAuthenticated } from "@feathersjs/errors";
import type { HookContext, NextFunction } from "../declarations";
import { NotAuthenticated } from '@feathersjs/errors';
import type { HookContext, NextFunction } from '../declarations';
// Check if user is stored in session
export const validateAuth = async (context: HookContext) => {
if (!context.params.session?.user) {
throw new NotAuthenticated("Not authenticated");
}
if (!context.params.session?.user) {
throw new NotAuthenticated('Not authenticated');
}
};

View File

@ -1,13 +1,11 @@
import { app } from "./app";
import { logger } from "./logger";
import { app } from './app';
import { logger } from './logger';
const port = app.get("port");
const host = app.get("host");
const port = app.get('port');
const host = app.get('host');
process.on("unhandledRejection", (reason) =>
logger.error("Unhandled Rejection %O", reason),
);
process.on('unhandledRejection', reason => logger.error('Unhandled Rejection %O', reason));
app.listen(port).then(() => {
logger.info(`Feathers app listening on http://${host}:${port}`);
logger.info(`Feathers app listening on http://${host}:${port}`);
});

View File

@ -1,10 +1,10 @@
// For more information about this file see https://dove.feathersjs.com/guides/cli/logging.html
import { createLogger, format, transports } from "winston";
import { createLogger, format, transports } from 'winston';
// Configure the Winston logger. For the complete documentation see https://github.com/winstonjs/winston
export const logger = createLogger({
// To see more detailed errors, change this to 'debug'
level: "info",
format: format.combine(format.splat(), format.simple()),
transports: [new transports.Console()],
// To see more detailed errors, change this to 'debug'
level: 'info',
format: format.combine(format.splat(), format.simple()),
transports: [new transports.Console()],
});

View File

@ -1,186 +1,142 @@
import type {
NullableId,
Params,
ServiceInterface,
} from "@feathersjs/feathers";
import type { NullableId, Params, ServiceInterface } from '@feathersjs/feathers';
import type { Application } from "../../declarations";
import wildDuckClient from "../../clients/wildduck.client";
import { faker, th } from "@faker-js/faker";
import { BadRequest } from "@feathersjs/errors";
import config from "config";
import type { Application } from '../../declarations';
import wildDuckClient from '../../clients/wildduck.client';
import { faker, th } from '@faker-js/faker';
import { BadRequest } from '@feathersjs/errors';
import config from 'config';
interface WildDuckAddress {
success: boolean;
id: string;
address: string;
main: boolean;
user: string;
tags: string[];
created: string;
success: boolean;
id: string;
address: string;
main: boolean;
user: string;
tags: string[];
created: string;
}
interface GetWildDuckAddressInfoResponse {
success: boolean;
results: WildDuckAddress[];
success: boolean;
results: WildDuckAddress[];
}
interface AliasApiResponse {
id: string | null;
address: string;
tags: string[];
created: string;
id: string | null;
address: string;
tags: string[];
created: string;
}
interface CreateWildDuckAddressResponse {
success: boolean;
id: string;
success: boolean;
id: string;
}
type AliasesData = any;
type AliasesPatch = any;
type AliasesQuery = any;
export type {
WildDuckAddress as Aliases,
AliasesData,
AliasesPatch,
AliasesQuery,
};
export type { WildDuckAddress as Aliases, AliasesData, AliasesPatch, AliasesQuery };
export interface AliasesServiceOptions {
app: Application;
app: Application;
}
export interface AliasesParams extends Params<AliasesQuery> {
session?: any;
session?: any;
}
export class AliasesService<ServiceParams extends AliasesParams = AliasesParams>
implements
ServiceInterface<
AliasApiResponse,
AliasesData,
ServiceParams,
AliasesPatch
>
implements ServiceInterface<AliasApiResponse, AliasesData, ServiceParams, AliasesPatch>
{
constructor(public options: AliasesServiceOptions) {}
constructor(public options: AliasesServiceOptions) {}
async find(params: ServiceParams): Promise<AliasApiResponse[]> {
const userId = await this.getUserIdByEmailAddress(params);
async find(params: ServiceParams): Promise<AliasApiResponse[]> {
const userId = await this.getUserIdByEmailAddress(params);
return this.getUserAddresses(userId);
}
async create(
data: AliasesData,
params: ServiceParams,
): Promise<AliasApiResponse>;
async create(
data: AliasesData,
params: ServiceParams,
): Promise<AliasApiResponse | AliasApiResponse[]> {
const userId = await this.getUserIdByEmailAddress(params);
const randomString = faker.git.commitSha({ length: 4 });
// Replace all non-alphanumeric characters with nothing and spaces with dashes
const alias =
`${faker.color.human()}-${faker.animal.snake()}-${randomString}`
.replace(/\s+/g, "-")
.replace(/[^a-zA-Z0-9-]/g, "")
.toLowerCase();
const emailDomain = config.get("wildDuck.domain");
const createResult =
await wildDuckClient.post<CreateWildDuckAddressResponse>(
`/users/${userId}/addresses`,
{
address: `${alias}@${emailDomain}`,
},
);
if (!createResult.data.success) {
throw new BadRequest("Failed to create alias");
return this.getUserAddresses(userId);
}
return this.getUserAddresses(userId);
}
async create(data: AliasesData, params: ServiceParams): Promise<AliasApiResponse>;
async create(data: AliasesData, params: ServiceParams): Promise<AliasApiResponse | AliasApiResponse[]> {
const userId = await this.getUserIdByEmailAddress(params);
private async getUserIdByEmailAddress(
params: ServiceParams,
): Promise<string> {
const emails = params.session?.user?.emails;
const randomString = faker.git.commitSha({ length: 4 });
const preferredDomain = config.get("wildDuck.preferredDomain");
// Replace all non-alphanumeric characters with nothing and spaces with dashes
const alias = `${faker.color.human()}-${faker.animal.snake()}-${randomString}`
.replace(/\s+/g, '-')
.replace(/[^a-zA-Z0-9-]/g, '')
.toLowerCase();
if (!emails.length || !preferredDomain) {
throw new BadRequest("Unable to find user");
const emailDomain = config.get('wildDuck.domain');
const createResult = await wildDuckClient.post<CreateWildDuckAddressResponse>(`/users/${userId}/addresses`, {
address: `${alias}@${emailDomain}`,
});
if (!createResult.data.success) {
throw new BadRequest('Failed to create alias');
}
return this.getUserAddresses(userId);
}
const addressInfoResponse = await Promise.any(
emails
.filter((email: string) =>
email.endsWith(config.get("wildDuck.preferredDomain")),
)
.map((email: string) =>
wildDuckClient.get<WildDuckAddress>(`addresses/resolve/${email}`),
),
);
private async getUserIdByEmailAddress(params: ServiceParams): Promise<string> {
const emails = params.session?.user?.emails;
return addressInfoResponse.data.user;
}
const preferredDomain = config.get('wildDuck.preferredDomain');
private async getUserAddresses(userId: string): Promise<AliasApiResponse[]> {
const { data: userAddressesResponse } =
await wildDuckClient.get<GetWildDuckAddressInfoResponse>(
`/users/${userId}/addresses`,
);
if (!emails.length || !preferredDomain) {
throw new BadRequest('Unable to find user');
}
return userAddressesResponse.results.map(this.sanitizeAliasResponse);
}
const addressInfoResponse = await Promise.any(
emails
.filter((email: string) => email.endsWith(config.get('wildDuck.preferredDomain')))
.map((email: string) => wildDuckClient.get<WildDuckAddress>(`addresses/resolve/${email}`))
);
async remove(
id: NullableId,
params: ServiceParams,
): Promise<AliasApiResponse[]> {
const { data: addressInfoResponse } =
await wildDuckClient.get<WildDuckAddress>(`addresses/resolve/${id}`);
const allowedDomain: string = config.get("wildDuck.domain");
// If address does not match the allowed domain, throw an error
if (
!allowedDomain ||
!addressInfoResponse.address.endsWith(allowedDomain)
) {
throw new BadRequest("Unable to delete address");
return addressInfoResponse.data.user;
}
const userId = await this.getUserIdByEmailAddress(params);
await wildDuckClient.delete<WildDuckAddress>(
`users/${userId}/addresses/${id}`,
);
private async getUserAddresses(userId: string): Promise<AliasApiResponse[]> {
const { data: userAddressesResponse } = await wildDuckClient.get<GetWildDuckAddressInfoResponse>(
`/users/${userId}/addresses`
);
return this.getUserAddresses(userId);
}
return userAddressesResponse.results.map(this.sanitizeAliasResponse);
}
sanitizeAliasResponse(alias: WildDuckAddress): AliasApiResponse {
// Hide the id if the alias is not removable
const isRemovable =
alias.main ||
!alias.address.endsWith(config.get("wildDuck.preferredDomain"));
async remove(id: NullableId, params: ServiceParams): Promise<AliasApiResponse[]> {
const { data: addressInfoResponse } = await wildDuckClient.get<WildDuckAddress>(`addresses/resolve/${id}`);
const allowedDomain: string = config.get('wildDuck.domain');
return {
id: isRemovable ? null : alias.id,
address: alias.address,
tags: alias.tags,
created: alias.created,
};
}
// If address does not match the allowed domain, throw an error
if (!allowedDomain || !addressInfoResponse.address.endsWith(allowedDomain)) {
throw new BadRequest('Unable to delete address');
}
const userId = await this.getUserIdByEmailAddress(params);
await wildDuckClient.delete<WildDuckAddress>(`users/${userId}/addresses/${id}`);
return this.getUserAddresses(userId);
}
sanitizeAliasResponse(alias: WildDuckAddress): AliasApiResponse {
// Hide the id if the alias is not removable
const isRemovable = alias.main || !alias.address.endsWith(config.get('wildDuck.preferredDomain'));
return {
id: isRemovable ? null : alias.id,
address: alias.address,
tags: alias.tags,
created: alias.created,
};
}
}
export const getOptions = (app: Application) => {
return { app };
return { app };
};

View File

@ -1,39 +1,39 @@
import type { Application } from "../../declarations";
import { validateAuth } from "../../hooks/validate-auth";
import { AliasesService, getOptions } from "./aliases.class";
import type { Application } from '../../declarations';
import { validateAuth } from '../../hooks/validate-auth';
import { AliasesService, getOptions } from './aliases.class';
export const aliasesPath = "aliases";
export const aliasesMethods = ["find", "create", "remove"] as const;
export const aliasesPath = 'aliases';
export const aliasesMethods = ['find', 'create', 'remove'] as const;
export * from "./aliases.class";
export * from './aliases.class';
export const aliases = (app: Application) => {
app.use(aliasesPath, new AliasesService(getOptions(app)), {
methods: aliasesMethods,
events: [],
});
app.use(aliasesPath, new AliasesService(getOptions(app)), {
methods: aliasesMethods,
events: [],
});
app.service(aliasesPath).hooks({
around: {
all: [],
},
before: {
all: [validateAuth],
find: [],
create: [],
},
after: {
all: [],
},
error: {
all: [],
},
});
app.service(aliasesPath).hooks({
around: {
all: [],
},
before: {
all: [validateAuth],
find: [],
create: [],
},
after: {
all: [],
},
error: {
all: [],
},
});
};
// Add this service to the service type index
declare module "../../declarations" {
interface ServiceTypes {
[aliasesPath]: AliasesService;
}
declare module '../../declarations' {
interface ServiceTypes {
[aliasesPath]: AliasesService;
}
}

View File

@ -1,9 +1,9 @@
import type { Params, ServiceInterface } from "@feathersjs/feathers";
import type { Params, ServiceInterface } from '@feathersjs/feathers';
import type { Application } from "../../declarations";
import type { Application } from '../../declarations';
import { Issuer, generators } from "openid-client";
import config from "config";
import { Issuer, generators } from 'openid-client';
import config from 'config';
type AuthOidcResponse = string;
type AuthOidcQuery = any;
@ -11,43 +11,42 @@ type AuthOidcQuery = any;
export type { AuthOidcResponse as AuthOidc, AuthOidcQuery };
export interface AuthOidcServiceOptions {
app: Application;
app: Application;
}
export interface AuthOidcParams extends Params<AuthOidcQuery> {
session?: any;
session?: any;
}
export class AuthOidcService<
ServiceParams extends AuthOidcParams = AuthOidcParams,
> implements ServiceInterface<AuthOidcResponse, ServiceParams>
export class AuthOidcService<ServiceParams extends AuthOidcParams = AuthOidcParams>
implements ServiceInterface<AuthOidcResponse, ServiceParams>
{
constructor(public options: AuthOidcServiceOptions) {}
constructor(public options: AuthOidcServiceOptions) {}
async find(params: ServiceParams): Promise<AuthOidcResponse> {
const issuer = await Issuer.discover(config.get("oidc.gatewayUri"));
const client = new issuer.Client({
client_id: config.get("oidc.clientId"),
client_secret: config.get("oidc.clientSecret"),
redirect_uris: [config.get("oidc.redirectUris")],
response_types: ["code"],
});
const codeVerifier = generators.codeVerifier();
const codeChallenge = generators.codeChallenge(codeVerifier);
async find(params: ServiceParams): Promise<AuthOidcResponse> {
const issuer = await Issuer.discover(config.get('oidc.gatewayUri'));
const client = new issuer.Client({
client_id: config.get('oidc.clientId'),
client_secret: config.get('oidc.clientSecret'),
redirect_uris: [config.get('oidc.redirectUris')],
response_types: ['code'],
});
const codeVerifier = generators.codeVerifier();
const codeChallenge = generators.codeChallenge(codeVerifier);
const url = client.authorizationUrl({
redirect_uri: config.get("clientUrl") + "/auth-oidc/callback",
scope: "openid profile offline_access",
response_type: "code",
code_challenge: codeChallenge,
code_challenge_method: "S256",
});
const url = client.authorizationUrl({
redirect_uri: config.get('clientUrl') + '/auth-oidc/callback',
scope: 'openid profile offline_access',
response_type: 'code',
code_challenge: codeChallenge,
code_challenge_method: 'S256',
});
params.session.codeVerifier = codeVerifier;
return url;
}
params.session.codeVerifier = codeVerifier;
return url;
}
}
export const getOptions = (app: Application) => {
return { app };
return { app };
};

View File

@ -1,45 +1,45 @@
import type { Application } from "../../declarations";
import { AuthOidcService, getOptions } from "./auth-oidc.class";
import type { Application } from '../../declarations';
import { AuthOidcService, getOptions } from './auth-oidc.class';
export const authOidcPath = "auth-oidc";
export const authOidcMethods = ["find"] as const;
export const authOidcPath = 'auth-oidc';
export const authOidcMethods = ['find'] as const;
export * from "./auth-oidc.class";
export * from './auth-oidc.class';
export const authOidc = (app: Application) => {
// TODO: fix this to use the correct type
// @ts-ignore
app.use(
authOidcPath,
new AuthOidcService(getOptions(app)),
{
methods: authOidcMethods,
events: [],
},
(req: any, res: any) => {
return res.redirect(res.data);
},
);
// TODO: fix this to use the correct type
// @ts-ignore
app.use(
authOidcPath,
new AuthOidcService(getOptions(app)),
{
methods: authOidcMethods,
events: [],
},
(req: any, res: any) => {
return res.redirect(res.data);
}
);
app.service(authOidcPath).hooks({
around: {
all: [],
},
before: {
all: [],
find: [],
},
after: {
all: [],
},
error: {
all: [],
},
});
app.service(authOidcPath).hooks({
around: {
all: [],
},
before: {
all: [],
find: [],
},
after: {
all: [],
},
error: {
all: [],
},
});
};
declare module "../../declarations" {
interface ServiceTypes {
[authOidcPath]: AuthOidcService;
}
declare module '../../declarations' {
interface ServiceTypes {
[authOidcPath]: AuthOidcService;
}
}

View File

@ -1,68 +1,56 @@
import type { Params, ServiceInterface } from "@feathersjs/feathers";
import type { Application } from "../../../declarations";
import { Issuer } from "openid-client";
import type { Params, ServiceInterface } from '@feathersjs/feathers';
import type { Application } from '../../../declarations';
import { Issuer } from 'openid-client';
import config from "config";
import config from 'config';
type AuthOidcCallback = string;
type AuthOidcCallbackData = any;
type AuthOidcCallbackPatch = any;
type AuthOidcCallbackQuery = any;
export type {
AuthOidcCallback,
AuthOidcCallbackData,
AuthOidcCallbackPatch,
AuthOidcCallbackQuery,
};
export type { AuthOidcCallback, AuthOidcCallbackData, AuthOidcCallbackPatch, AuthOidcCallbackQuery };
export interface AuthOidcCallbackServiceOptions {
app: Application;
app: Application;
}
export interface AuthOidcCallbackParams extends Params<AuthOidcCallbackQuery> {
session?: any;
query: {
iss: string;
code: string;
};
session?: any;
query: {
iss: string;
code: string;
};
}
export class AuthOidcCallbackService<
ServiceParams extends AuthOidcCallbackParams = AuthOidcCallbackParams,
> implements
ServiceInterface<
AuthOidcCallback,
AuthOidcCallbackData,
ServiceParams,
AuthOidcCallbackPatch
>
export class AuthOidcCallbackService<ServiceParams extends AuthOidcCallbackParams = AuthOidcCallbackParams>
implements ServiceInterface<AuthOidcCallback, AuthOidcCallbackData, ServiceParams, AuthOidcCallbackPatch>
{
constructor(public options: AuthOidcCallbackServiceOptions) {}
constructor(public options: AuthOidcCallbackServiceOptions) {}
async find(params: ServiceParams): Promise<AuthOidcCallback> {
const issuer = await Issuer.discover(config.get("oidc.gatewayUri"));
const client = new issuer.Client({
client_id: config.get("oidc.clientId"),
client_secret: config.get("oidc.clientSecret"),
redirect_uris: [config.get("oidc.redirectUris")],
response_types: ["code"],
});
async find(params: ServiceParams): Promise<AuthOidcCallback> {
const issuer = await Issuer.discover(config.get('oidc.gatewayUri'));
const client = new issuer.Client({
client_id: config.get('oidc.clientId'),
client_secret: config.get('oidc.clientSecret'),
redirect_uris: [config.get('oidc.redirectUris')],
response_types: ['code'],
});
const codeVerifier = params.session.codeVerifier;
const tokenSet = await client.callback(
config.get("clientUrl") + "/auth-oidc/callback",
{ code: params.query.code, iss: params.query.iss },
{ code_verifier: codeVerifier },
);
const userinfo = await client.userinfo(tokenSet.access_token as string);
const codeVerifier = params.session.codeVerifier;
const tokenSet = await client.callback(
config.get('clientUrl') + '/auth-oidc/callback',
{ code: params.query.code, iss: params.query.iss },
{ code_verifier: codeVerifier }
);
const userinfo = await client.userinfo(tokenSet.access_token as string);
params.session.user = userinfo;
params.session.user = userinfo;
return "/";
}
return '/';
}
}
export const getOptions = (app: Application) => {
return { app };
return { app };
};

View File

@ -1,49 +1,46 @@
import { http } from "@feathersjs/transport-commons";
import type { Application } from "../../../declarations";
import {
AuthOidcCallbackService,
getOptions,
} from "./auth-oidc-callback.class";
import { http } from '@feathersjs/transport-commons';
import type { Application } from '../../../declarations';
import { AuthOidcCallbackService, getOptions } from './auth-oidc-callback.class';
export const authOidcCallbackPath = "auth-oidc/callback";
export const authOidcCallbackMethods = ["find"] as const;
export const authOidcCallbackPath = 'auth-oidc/callback';
export const authOidcCallbackMethods = ['find'] as const;
export * from "./auth-oidc-callback.class";
export * from './auth-oidc-callback.class';
export const authOidcCallback = (app: Application) => {
// TODO: fix this to use the correct type
// @ts-ignore
app.use(
authOidcCallbackPath,
new AuthOidcCallbackService(getOptions(app)),
{
methods: authOidcCallbackMethods,
events: [],
},
(req: any, res: any) => {
return res.redirect(res.data);
},
);
// TODO: fix this to use the correct type
// @ts-ignore
app.use(
authOidcCallbackPath,
new AuthOidcCallbackService(getOptions(app)),
{
methods: authOidcCallbackMethods,
events: [],
},
(req: any, res: any) => {
return res.redirect(res.data);
}
);
app.service(authOidcCallbackPath).hooks({
around: {
all: [],
},
before: {
all: [],
find: [],
},
after: {
all: [],
},
error: {
all: [],
},
});
app.service(authOidcCallbackPath).hooks({
around: {
all: [],
},
before: {
all: [],
find: [],
},
after: {
all: [],
},
error: {
all: [],
},
});
};
declare module "../../../declarations" {
interface ServiceTypes {
[authOidcCallbackPath]: AuthOidcCallbackService;
}
declare module '../../../declarations' {
interface ServiceTypes {
[authOidcCallbackPath]: AuthOidcCallbackService;
}
}

View File

@ -1,10 +1,10 @@
import { authOidcCallback } from "./auth-oidc/callback/auth-oidc-callback";
import { authOidc } from "./auth-oidc/auth-oidc";
import { aliases } from "./aliases/aliases";
import type { Application } from "../declarations";
import { authOidcCallback } from './auth-oidc/callback/auth-oidc-callback';
import { authOidc } from './auth-oidc/auth-oidc';
import { aliases } from './aliases/aliases';
import type { Application } from '../declarations';
export const services = (app: Application) => {
app.configure(authOidcCallback);
app.configure(authOidc);
app.configure(aliases);
app.configure(authOidcCallback);
app.configure(authOidc);
app.configure(aliases);
};

View File

@ -1,29 +1,29 @@
// For more information about this file see https://dove.feathersjs.com/guides/cli/validators.html
import { Ajv, addFormats } from "@feathersjs/schema";
import type { FormatsPluginOptions } from "@feathersjs/schema";
import { Ajv, addFormats } from '@feathersjs/schema';
import type { FormatsPluginOptions } from '@feathersjs/schema';
const formats: FormatsPluginOptions = [
"date-time",
"time",
"date",
"email",
"hostname",
"ipv4",
"ipv6",
"uri",
"uri-reference",
"uuid",
"uri-template",
"json-pointer",
"relative-json-pointer",
"regex",
'date-time',
'time',
'date',
'email',
'hostname',
'ipv4',
'ipv6',
'uri',
'uri-reference',
'uuid',
'uri-template',
'json-pointer',
'relative-json-pointer',
'regex',
];
export const dataValidator: Ajv = addFormats(new Ajv({}), formats);
export const queryValidator: Ajv = addFormats(
new Ajv({
coerceTypes: true,
}),
formats,
new Ajv({
coerceTypes: true,
}),
formats
);

View File

@ -1,40 +1,40 @@
// For more information about this file see https://dove.feathersjs.com/guides/cli/app.test.html
import assert from "assert";
import axios from "axios";
import type { Server } from "http";
import { app } from "../src/app";
import assert from 'assert';
import axios from 'axios';
import type { Server } from 'http';
import { app } from '../src/app';
const port = app.get("port");
const appUrl = `http://${app.get("host")}:${port}`;
const port = app.get('port');
const appUrl = `http://${app.get('host')}:${port}`;
describe("Feathers application tests", () => {
let server: Server;
describe('Feathers application tests', () => {
let server: Server;
before(async () => {
server = await app.listen(port);
});
before(async () => {
server = await app.listen(port);
});
after(async () => {
await app.teardown();
});
after(async () => {
await app.teardown();
});
it("starts and shows the index page", async () => {
const { data } = await axios.get<string>(appUrl);
it('starts and shows the index page', async () => {
const { data } = await axios.get<string>(appUrl);
assert.ok(data.indexOf('<html lang="en">') !== -1);
});
assert.ok(data.indexOf('<html lang="en">') !== -1);
});
it("shows a 404 JSON error", async () => {
try {
await axios.get(`${appUrl}/path/to/nowhere`, {
responseType: "json",
});
assert.fail("should never get here");
} catch (error: any) {
const { response } = error;
assert.strictEqual(response?.status, 404);
assert.strictEqual(response?.data?.code, 404);
assert.strictEqual(response?.data?.name, "NotFound");
}
});
it('shows a 404 JSON error', async () => {
try {
await axios.get(`${appUrl}/path/to/nowhere`, {
responseType: 'json',
});
assert.fail('should never get here');
} catch (error: any) {
const { response } = error;
assert.strictEqual(response?.status, 404);
assert.strictEqual(response?.data?.code, 404);
assert.strictEqual(response?.data?.name, 'NotFound');
}
});
});

View File

@ -1,11 +1,11 @@
// For more information about this file see https://dove.feathersjs.com/guides/cli/service.test.html
import assert from "assert";
import { app } from "../../../src/app";
import assert from 'assert';
import { app } from '../../../src/app';
describe("aliases service", () => {
it("registered the service", () => {
const service = app.service("aliases");
describe('aliases service', () => {
it('registered the service', () => {
const service = app.service('aliases');
assert.ok(service, "Registered the service");
});
assert.ok(service, 'Registered the service');
});
});

View File

@ -1,11 +1,11 @@
// For more information about this file see https://dove.feathersjs.com/guides/cli/service.test.html
import assert from "assert";
import { app } from "../../../src/app";
import assert from 'assert';
import { app } from '../../../src/app';
describe("auth-oidc service", () => {
it("registered the service", () => {
const service = app.service("auth-oidc");
describe('auth-oidc service', () => {
it('registered the service', () => {
const service = app.service('auth-oidc');
assert.ok(service, "Registered the service");
});
assert.ok(service, 'Registered the service');
});
});

View File

@ -1,11 +1,11 @@
// For more information about this file see https://dove.feathersjs.com/guides/cli/service.test.html
import assert from "assert";
import { app } from "../../../../src/app";
import assert from 'assert';
import { app } from '../../../../src/app';
describe("auth-oidc/callback service", () => {
it("registered the service", () => {
const service = app.service("auth-oidc/callback");
describe('auth-oidc/callback service', () => {
it('registered the service', () => {
const service = app.service('auth-oidc/callback');
assert.ok(service, "Registered the service");
});
assert.ok(service, 'Registered the service');
});
});

View File

@ -1,29 +1,29 @@
// For more information about this file see https://dove.feathersjs.com/guides/cli/validators.html
import { Ajv, addFormats } from "@feathersjs/schema";
import type { FormatsPluginOptions } from "@feathersjs/schema";
import { Ajv, addFormats } from '@feathersjs/schema';
import type { FormatsPluginOptions } from '@feathersjs/schema';
const formats: FormatsPluginOptions = [
"date-time",
"time",
"date",
"email",
"hostname",
"ipv4",
"ipv6",
"uri",
"uri-reference",
"uuid",
"uri-template",
"json-pointer",
"relative-json-pointer",
"regex",
'date-time',
'time',
'date',
'email',
'hostname',
'ipv4',
'ipv6',
'uri',
'uri-reference',
'uuid',
'uri-template',
'json-pointer',
'relative-json-pointer',
'regex',
];
export const dataValidator: Ajv = addFormats(new Ajv({}), formats);
export const queryValidator: Ajv = addFormats(
new Ajv({
coerceTypes: true,
}),
formats,
new Ajv({
coerceTypes: true,
}),
formats
);