Skip to content
Snippets Groups Projects

Trying to implement openid

Merged Trying to implement openid
trying-to-implement-openid into main
Merged Thomas SAUVAGE requested to merge trying-to-implement-openid into main
Compare
and
Show latest version
2 files
+ 17
4
Compare changes
  • Side-by-side
  • Inline
Files
2
app/Controllers/auth/authSigmaUser.ts
+ 14
3
import Env from '@ioc:Adonis/Core/Env'
import { HttpContextContract } from '@ioc:Adonis/Core/HttpContext'
import ElementNotFoundException from 'App/Exceptions/ElementNotFoundException'
import AuthCodeVerifier from 'App/Models/AuthCodeVerifier'
import User from 'App/Models/User'
import { ClientMetadata, Issuer, generators } from 'openid-client'
@@ -27,15 +28,17 @@ export const loginSigmaUser = async ({ response }: HttpContextContract) => {
const issuer = await Issuer.discover(AUTH_URL)
const client = new issuer.Client(clientOptions)
// Generate and store a codeVerifier,
// Generate state and codeVerifier,
// used in the callback to verify the integrity of the request
const state = generators.state()
const codeVerifier = generators.codeVerifier()
// Store the codeVerifier in the DB
AuthCodeVerifier.create({ state, codeVerifier })
const codeChallenge = generators.codeChallenge(codeVerifier)
// Generate the url
const codeChallenge = generators.codeChallenge(codeVerifier)
const url = client.authorizationUrl({
scope: 'openid email profile groups', // What info we want about the user
code_challenge: codeChallenge,
@@ -55,7 +58,14 @@ export const callbackSigmaUser = async ({ response, request, auth }: HttpContext
if (!params.state) throw new Error("The response from the auth server doesn't have a state")
// Get the codeVerifier from the DB
const { codeVerifier } = await AuthCodeVerifier.findOrFail(params.state)
const { codeVerifier } = (await AuthCodeVerifier.find(params.state)) ?? {
codeVerifier: undefined,
}
if (!codeVerifier)
throw new ElementNotFoundException(
'Code verifier not found in the database, maybe the user took too long to register'
)
const tokenSet = await client.callback(CALLBACK_URL, params, {
code_verifier: codeVerifier,
@@ -85,5 +95,6 @@ export const callbackSigmaUser = async ({ response, request, auth }: HttpContext
// Generate token using Adonis JS default auth provider
const token = await auth.use('api').login(user)
// TODO: Redirect to the frontend with the token ?
return response.ok({ token, user })
}