This repository has been archived on 2024-06-14. You can view files and clone it, but cannot push or open issues or pull requests.
icynet-auth-server/src/modules/static-front-end/oauth2-router/oauth2-router.controller.ts

117 lines
2.9 KiB
TypeScript
Raw Normal View History

2022-03-16 18:37:50 +00:00
import {
Controller,
Get,
Next,
NotFoundException,
Post,
Req,
Res,
2022-08-27 08:59:26 +00:00
UseGuards,
2022-03-16 18:37:50 +00:00
} from '@nestjs/common';
import { ApiBearerAuth, ApiTags } from '@nestjs/swagger';
2022-03-09 18:37:04 +00:00
import { NextFunction, Request, Response } from 'express';
2022-08-27 08:59:26 +00:00
import { Scope } from 'src/decorators/scope.decorator';
import { CurrentUser } from 'src/decorators/user.decorator';
import { OAuth2Guard } from 'src/guards/oauth2.guard';
2022-03-16 18:37:50 +00:00
import { ConfigurationService } from 'src/modules/config/config.service';
2022-08-27 08:59:26 +00:00
import { User } from 'src/modules/objects/user/user.entity';
import { OAuth2Service } from '../../oauth2/oauth2.service';
2022-03-09 18:37:04 +00:00
@ApiTags('oauth2')
2022-03-09 18:37:04 +00:00
@Controller('oauth2')
export class OAuth2Controller {
2022-03-16 18:37:50 +00:00
constructor(
private _service: OAuth2Service,
private _config: ConfigurationService,
) {}
2022-03-09 18:37:04 +00:00
// These requests are just passed straight on to the provider controller
@Get('authorize')
public authorizeGetWrapper(
@Req() req: Request,
@Res() res: Response,
@Next() next: NextFunction,
): void {
return this._service.oauth.controller.authorization(req, res, next);
}
@Post('authorize')
public authorizePostWrapper(
@Req() req: Request,
@Res() res: Response,
@Next() next: NextFunction,
): void {
return this._service.oauth.controller.authorization(req, res, next);
}
@Post('token')
public tokenWrapper(
@Req() req: Request,
@Res() res: Response,
@Next() next: NextFunction,
): void {
return this._service.oauth.controller.token(req, res, next);
}
@ApiBearerAuth()
2022-03-09 18:37:04 +00:00
@Post('introspect')
public introspectWrapper(
@Req() req: Request,
@Res() res: Response,
@Next() next: NextFunction,
): void {
return this._service.oauth.controller.introspection(req, res, next);
}
2022-03-16 18:37:50 +00:00
// User information endpoint
@ApiBearerAuth()
2022-03-16 18:37:50 +00:00
@Get('user')
2022-08-27 08:59:26 +00:00
@UseGuards(OAuth2Guard)
2022-03-16 18:37:50 +00:00
public async userInfo(
2022-08-27 08:59:26 +00:00
@CurrentUser() user: User,
@Scope() scope: string,
2022-03-16 18:37:50 +00:00
): Promise<Record<string, any>> {
if (!user) {
throw new NotFoundException('No such user');
}
const userData: Record<string, any> = {
id: user.id,
uuid: user.uuid,
username: user.username,
display_name: user.display_name,
// Standard claims
name: user.display_name,
preferred_username: user.username,
nickname: user.display_name,
2022-03-16 18:37:50 +00:00
};
2022-08-27 08:59:26 +00:00
if (scope.includes('email') || scope.includes('user:email')) {
2022-03-16 18:37:50 +00:00
userData.email = user.email;
userData.email_verified = true;
2022-03-16 18:37:50 +00:00
}
if (
2022-08-27 08:59:26 +00:00
(scope.includes('image') || scope.includes('user:image')) &&
2022-03-16 18:37:50 +00:00
user.picture
) {
userData.image = `${this._config.get('app.base_url')}/uploads/${
user.picture.file
}`;
userData.image_file = user.picture.file;
}
2022-04-15 19:00:02 +00:00
if (
2022-08-27 08:59:26 +00:00
scope.includes('privileges') ||
(scope.includes('user:privileges') && user.privileges?.length)
2022-04-15 19:00:02 +00:00
) {
2022-08-27 08:59:26 +00:00
userData.privileges = user.privileges.map(({ name }) => name);
2022-04-15 19:00:02 +00:00
}
2022-03-16 18:37:50 +00:00
return userData;
}
2022-03-09 18:37:04 +00:00
}