icynet-auth-server/src/modules/ssr-front-end/oauth2-router/oauth2-router.controller.ts

import {
  Controller,
  Get,
  Next,
  NotFoundException,
  Post,
  Req,
  Res,
  UseGuards,
} from '@nestjs/common';
import { ApiBearerAuth, ApiExcludeEndpoint, ApiTags } from '@nestjs/swagger';
import { NextFunction, Request, Response } from 'express';
import { Scope } from 'src/decorators/scope.decorator';
import { CurrentUser } from 'src/decorators/user.decorator';
import { OAuth2Guard } from 'src/guards/oauth2.guard';
import { ConfigurationService } from 'src/modules/config/config.service';
import { User } from 'src/modules/objects/user/user.entity';
import { OAuth2Service } from '../../oauth2/oauth2.service';

@ApiTags('oauth2')
@Controller('oauth2')
export class OAuth2Controller {
  constructor(
    private _service: OAuth2Service,
    private _config: ConfigurationService,
  ) {}

  // These requests are just passed straight on to the provider controller

  @Get('authorize')
  public authorizeGetWrapper(
    @Req() req: Request,
    @Res() res: Response,
    @Next() next: NextFunction,
  ): void {
    return this._service.oauth.controller.authorization(req, res, next);
  }

  @ApiExcludeEndpoint()
  @Post('authorize')
  public authorizePostWrapper(
    @Req() req: Request,
    @Res() res: Response,
    @Next() next: NextFunction,
  ): void {
    return this._service.oauth.controller.authorization(req, res, next);
  }

  @Post('token')
  public tokenWrapper(
    @Req() req: Request,
    @Res() res: Response,
    @Next() next: NextFunction,
  ): void {
    return this._service.oauth.controller.token(req, res, next);
  }

  @ApiBearerAuth()
  @Post('introspect')
  public introspectWrapper(
    @Req() req: Request,
    @Res() res: Response,
    @Next() next: NextFunction,
  ): void {
    return this._service.oauth.controller.introspection(req, res, next);
  }

  // User information endpoint

  @ApiExcludeEndpoint()
  @Get('user')
  @UseGuards(OAuth2Guard)
  public async userInfo(
    @CurrentUser() user: User,
    @Scope() scope: string,
  ): Promise<Record<string, unknown>> {
    if (!user) {
      throw new NotFoundException('No such user');
    }

    const userData: Record<string, unknown> = {
      id: user.id,
      uuid: user.uuid,
      username: user.username,
      display_name: user.display_name,

      // Standard claims
      name: user.display_name,
      preferred_username: user.username,
      nickname: user.display_name,
    };

    if (scope.includes('email') || scope.includes('user:email')) {
      userData.email = user.email;
      userData.email_verified = true;
    }

    if (
      (scope.includes('image') || scope.includes('user:image')) &&
      user.picture
    ) {
      userData.image = `${this._config.get('app.base_url')}/uploads/${
        user.picture.file
      }`;
      userData.image_file = user.picture.file;
    }

    if (
      scope.includes('privileges') ||
      (scope.includes('user:privileges') && user.privileges?.length)
    ) {
      userData.privileges = user.privileges.map(({ name }) => name);
    }

    return userData;
  }
}
OAuth2 authorization view 2022-03-16 18:37:50 +00:00			`import {`
			`Controller,`
			`Get,`
			`Next,`
			`NotFoundException,`
			`Post,`
			`Req,`
			`Res,`
rearrange stuff 2022-08-27 08:59:26 +00:00			`UseGuards,`
OAuth2 authorization view 2022-03-16 18:37:50 +00:00			`} from '@nestjs/common';`
remove some anys 2022-09-18 07:22:57 +00:00			`import { ApiBearerAuth, ApiExcludeEndpoint, ApiTags } from '@nestjs/swagger';`
Initial service setup 2022-03-09 18:37:04 +00:00			`import { NextFunction, Request, Response } from 'express';`
rearrange stuff 2022-08-27 08:59:26 +00:00			`import { Scope } from 'src/decorators/scope.decorator';`
			`import { CurrentUser } from 'src/decorators/user.decorator';`
			`import { OAuth2Guard } from 'src/guards/oauth2.guard';`
OAuth2 authorization view 2022-03-16 18:37:50 +00:00			`import { ConfigurationService } from 'src/modules/config/config.service';`
rearrange stuff 2022-08-27 08:59:26 +00:00			`import { User } from 'src/modules/objects/user/user.entity';`
			`import { OAuth2Service } from '../../oauth2/oauth2.service';`
Initial service setup 2022-03-09 18:37:04 +00:00
totp deactivate, delete tokens on oauth deauth 2022-08-28 13:17:15 +00:00			`@ApiTags('oauth2')`
Initial service setup 2022-03-09 18:37:04 +00:00			`@Controller('oauth2')`
			`export class OAuth2Controller {`
OAuth2 authorization view 2022-03-16 18:37:50 +00:00			`constructor(`
			`private _service: OAuth2Service,`
			`private _config: ConfigurationService,`
			`) {}`
Initial service setup 2022-03-09 18:37:04 +00:00
			`// These requests are just passed straight on to the provider controller`

			`@Get('authorize')`
			`public authorizeGetWrapper(`
			`@Req() req: Request,`
			`@Res() res: Response,`
			`@Next() next: NextFunction,`
			`): void {`
			`return this._service.oauth.controller.authorization(req, res, next);`
			`}`

remove some anys 2022-09-18 07:22:57 +00:00			`@ApiExcludeEndpoint()`
Initial service setup 2022-03-09 18:37:04 +00:00			`@Post('authorize')`
			`public authorizePostWrapper(`
			`@Req() req: Request,`
			`@Res() res: Response,`
			`@Next() next: NextFunction,`
			`): void {`
			`return this._service.oauth.controller.authorization(req, res, next);`
			`}`

			`@Post('token')`
			`public tokenWrapper(`
			`@Req() req: Request,`
			`@Res() res: Response,`
			`@Next() next: NextFunction,`
			`): void {`
			`return this._service.oauth.controller.token(req, res, next);`
			`}`

totp deactivate, delete tokens on oauth deauth 2022-08-28 13:17:15 +00:00			`@ApiBearerAuth()`
Initial service setup 2022-03-09 18:37:04 +00:00			`@Post('introspect')`
			`public introspectWrapper(`
			`@Req() req: Request,`
			`@Res() res: Response,`
			`@Next() next: NextFunction,`
			`): void {`
			`return this._service.oauth.controller.introspection(req, res, next);`
			`}`
OAuth2 authorization view 2022-03-16 18:37:50 +00:00
			`// User information endpoint`

remove some anys 2022-09-18 07:22:57 +00:00			`@ApiExcludeEndpoint()`
OAuth2 authorization view 2022-03-16 18:37:50 +00:00			`@Get('user')`
rearrange stuff 2022-08-27 08:59:26 +00:00			`@UseGuards(OAuth2Guard)`
OAuth2 authorization view 2022-03-16 18:37:50 +00:00			`public async userInfo(`
rearrange stuff 2022-08-27 08:59:26 +00:00			`@CurrentUser() user: User,`
			`@Scope() scope: string,`
remove some anys 2022-09-18 07:22:57 +00:00			`): Promise<Record<string, unknown>> {`
OAuth2 authorization view 2022-03-16 18:37:50 +00:00			`if (!user) {`
			`throw new NotFoundException('No such user');`
			`}`

remove some anys 2022-09-18 07:22:57 +00:00			`const userData: Record<string, unknown> = {`
OAuth2 authorization view 2022-03-16 18:37:50 +00:00			`id: user.id,`
			`uuid: user.uuid,`
			`username: user.username,`
			`display_name: user.display_name,`
webpack frontend stuff, jwt start, settings start 2022-03-19 10:25:37 +00:00
			`// Standard claims`
			`name: user.display_name,`
			`preferred_username: user.username,`
			`nickname: user.display_name,`
OAuth2 authorization view 2022-03-16 18:37:50 +00:00			`};`

rearrange stuff 2022-08-27 08:59:26 +00:00			`if (scope.includes('email') \|\| scope.includes('user:email')) {`
OAuth2 authorization view 2022-03-16 18:37:50 +00:00			`userData.email = user.email;`
webpack frontend stuff, jwt start, settings start 2022-03-19 10:25:37 +00:00			`userData.email_verified = true;`
OAuth2 authorization view 2022-03-16 18:37:50 +00:00			`}`

			`if (`
rearrange stuff 2022-08-27 08:59:26 +00:00			`(scope.includes('image') \|\| scope.includes('user:image')) &&`
OAuth2 authorization view 2022-03-16 18:37:50 +00:00			`user.picture`
			`) {`
			userData.image = `${this._config.get('app.base_url')}/uploads/${
			`user.picture.file`
			}`;
			`userData.image_file = user.picture.file;`
			`}`

privilege 2022-04-15 19:00:02 +00:00			`if (`
rearrange stuff 2022-08-27 08:59:26 +00:00			`scope.includes('privileges') \|\|`
			`(scope.includes('user:privileges') && user.privileges?.length)`
privilege 2022-04-15 19:00:02 +00:00			`) {`
rearrange stuff 2022-08-27 08:59:26 +00:00			`userData.privileges = user.privileges.map(({ name }) => name);`
privilege 2022-04-15 19:00:02 +00:00			`}`

OAuth2 authorization view 2022-03-16 18:37:50 +00:00			`return userData;`
			`}`
Initial service setup 2022-03-09 18:37:04 +00:00			`}`