Extract SelectProviderRequest and auth callback code to Auth Manager

Author: dmitrizagidulin

bin/lib/init.js

@@ -30,13 +30,6 @@ module.exports = function (program) {
 
       // Prompt to the user
       inquirer.prompt(questions)
-        // .then((answers) => {
-        //   let store = new KVPFileStore()
-        //   return store.createCollection('clients')
-        //     .then(() => {
-        //       return answers
-        //     })
-        // })
         .then((answers) => {
           // setting email
           if (answers.useEmail) {

lib/api/authn/webid-oidc.js

@@ -4,29 +4,19 @@
  */
 
 const express = require('express')
-const debug = require('../../debug')
-const util = require('../../utils')
-const error = require('../../http-error')
 const bodyParser = require('body-parser').urlencoded({ extended: false })
 
-const SelectProviderRequest = require('../../requests/select-provider-request')
-
 const { LoginByPasswordRequest } = require('../../requests/login-request')
 
-const { LogoutRequest } = require('oidc-auth-manager').AuthHostAPI
+const {
+  AuthCallbackRequest,
+  LogoutRequest,
+  SelectProviderRequest
+} = require('oidc-auth-manager').handlers
 
 /**
  * Returns a router with OIDC Relying Party and Identity Provider middleware:
  *
- *   1. Adds a Relying Party (RP) callback handler on '/api/oidc/rp/:issuer_id'
- *   2. Sets up a static content handler for signin/signup apps
- *   3. Adds a set of Identity Provider (OP) endpoints on '/'
- *
- * Usage (in create-app.js):
- *
- *   ```
- *   app.use('/', oidcHandler.api(oidc))
- *   ```
  * @method middleware
  *
  * @param oidc {OidcManager}
@@ -37,30 +27,18 @@ function middleware (oidc) {
   const router = express.Router('/')
 
   // User-facing Authentication API
-  router.get('/api/auth/select-provider', (req, res) => {
-    let locals = req.app.locals
-    let serverUri = locals.host.serverUri
-    res.render('auth/select-provider', { serverUri })
-  })
-  router.post('/api/auth/select-provider', bodyParser, selectProvider)
+  router.get('/api/auth/select-provider', SelectProviderRequest.get)
+  router.post('/api/auth/select-provider', bodyParser, SelectProviderRequest.post)
 
   router.get(['/login', '/signin'], LoginByPasswordRequest.get)
   router.post(['/login', '/signin'], bodyParser, LoginByPasswordRequest.post)
 
   router.get('/logout', LogoutRequest.handle)
 
-  router.get('/goodbye', (req, res) => {
-    res.render('auth/goodbye')
-  })
+  router.get('/goodbye', (req, res) => { res.render('auth/goodbye') })
 
   // The relying party callback is called at the end of the OIDC signin process
-  router.get('/api/oidc/rp/:issuer_id', (req, res, next) => {
-    // Exchange authorization code for id token
-    authCodeFlowCallback(oidc, req)
-      // Redirect the user back to returnToUrl
-      .then(() => { resumeUserFlow(req, res) })
-      .catch(next)
-  })
+  router.get('/api/oidc/rp/:issuer_id', AuthCallbackRequest.get)
 
   // Initialize the OIDC Identity Provider routes/api
   // router.get('/.well-known/openid-configuration', discover.bind(provider))
@@ -77,84 +55,4 @@ function middleware (oidc) {
   return router
 }
 
-function selectProvider (req, res, next) {
-  return SelectProviderRequest.handle(req, res)
-    .catch(error => {
-      error.status = error.status || 400
-      next(error)
-    })
-}
-
-function authCodeFlowCallback (oidc, req) {
-  debug.oidc('in authCodeFlowCallback()')
-
-  if (!req.params || !req.params.issuer_id) {
-    return Promise.reject(error(400, 'Invalid auth response uri - missing issuer id'))
-  }
-
-  let issuer = getIssuerId(req)
-
-  return oidc.clients.clientForIssuer(issuer)
-    .then(client => {
-      return validateResponse(client, req)
-    })
-    .then(response => {
-      initSessionUserAuth(response, req)
-    })
-    .catch((err) => {
-      debug.oidc(err)
-      throw error(400, err)
-    })
-}
-
-function getIssuerId (req = {}) {
-  return req.params && decodeURIComponent(req.params.issuer_id)
-}
-
-function validateResponse (client, req) {
-  let url = util.fullUrlForReq(req)
-  return client.validateResponse(url, req.session)
-}
-
-function initSessionUserAuth (authResponse, req) {
-  let webId = extractWebId(authResponse)
-  req.session.accessToken = authResponse.params.access_token
-  req.session.refreshToken = authResponse.params.refresh_token
-  req.session.userId = webId
-  req.session.identified = true
-}
-
-function extractWebId (authResponse) {
-  return authResponse.decoded.payload.sub
-}
-
-/**
- * Redirects the user back to their original requested resource, at the end
- * of the OIDC authentication process.
- * @method resumeUserFlow
- */
-function resumeUserFlow (req, res) {
-  debug.oidc('In resumeUserFlow handler:')
-
-  if (req.session.returnToUrl) {
-    let returnToUrl = req.session.returnToUrl
-    // if (req.session.accessToken) {
-    //   returnToUrl += '?access_token=' + req.session.accessToken
-    // }
-    debug.oidc('  Redirecting to ' + returnToUrl)
-    delete req.session.returnToUrl
-    return res.redirect(302, returnToUrl)
-  }
-  res.send('Resume User Flow (failed)')
-}
-
-module.exports = {
-  middleware,
-  selectProvider,
-  extractWebId,
-  authCodeFlowCallback,
-  getIssuerId,
-  initSessionUserAuth,
-  resumeUserFlow,
-  validateResponse
-}
+module.exports.middleware = middleware

lib/debug.js

@@ -12,4 +12,3 @@ exports.subscription = debug('solid:subscription')
 exports.container = debug('solid:container')
 exports.accounts = debug('solid:accounts')
 exports.ldp = debug('solid:ldp')
-exports.oidc = debug('solid:oidc')