EvalueTonSavoir/server/auth/modules/passport-providers/oauth.js

var OAuth2Strategy = require('passport-oauth2')
var authUserAssoc = require('../../../models/authUserAssociation')
var users = require('../../../models/users')
var {hasNestedValue} = require('../../../utils')


class PassportOAuth {
    constructor(passportjs,auth_id){
        this.passportjs = passportjs
        this.auth_id = auth_id
    }

    updateUser(userinfos){

    }

    register(app, passport,endpoint, name, provider) {
        const cb_url =`${process.env['BACKEND_URL']}${endpoint}/${name}/callback`
        passport.use(name, new OAuth2Strategy({
            authorizationURL: provider.OAUTH_AUTHORIZATION_URL,
            tokenURL: provider.OAUTH_TOKEN_URL,
            clientID: provider.OAUTH_CLIENT_ID,
            clientSecret: provider.OAUTH_CLIENT_SECRET,
            callbackURL: cb_url,
            passReqToCallback: true
        },
        async function(req, accessToken, refreshToken, params, profile, done) {
            try {
                const userInfoResponse = await fetch(provider.OAUTH_USERINFO_URL, {
                    headers: { 'Authorization': `Bearer ${accessToken}` }
                });
                const userInfo = await userInfoResponse.json();

                let received_user = {
                    email: userInfo.email,
                    name: userInfo.name,
                    roles: []
                };
                if(hasNestedValue(userInfo,provider.OIDC_ROLE_TEACHER_VALUE)) received_user.roles.push('teacher')
                if(hasNestedValue(userInfo,provider.OIDC_ROLE_STUDENT_VALUE)) received_user.roles.push('student')

                const user_association = await authUserAssoc.find_user_association(userInfo.sub)

                if(user_linked){
                    let user = await users.getById(user_association.user_id)
                    user.name = received_user.name
                    user.email = received_user.email
                    user.roles = received_user.roles
                    users.editUser(user)
                    this.passportjs.authenticate(user)
                } 
                else {
                    let user_id = await users.getId(userInfo.email)
                    if(!user_id){
                        await users.register(received_user.email,"");
                        users.editUser
                    }
                }

                // Store the tokens in the session
                req.session.oauth2Tokens = {
                    accessToken: accessToken,
                    refreshToken: refreshToken,
                    expiresIn: params.expires_in
                };

                return done(null, user);
            } catch (error) {
                console.error(`Erreur dans la strategie OAuth2 '${name}' : ${error}`);
                return done(error);
            }
        }));

        app.get(`${endpoint}/${name}`, (req, res, next) => {
            passport.authenticate(name, {
                scope: 'openid profile email offline_access'+ ` ${provider.OAUTH_ADD_SCOPE}`,
                prompt: 'consent'
            })(req, res, next);
        });

        app.get(`${endpoint}/${name}/callback`, 
            (req, res, next) => {
                passport.authenticate(name, { failureRedirect: '/login' })(req, res, next);
            },
            (req, res) => {
                if (req.user) {
                    res.json(req.user)

                    //const redirectUrl = `http://your-frontend-url.com/oauth/callback?user=${encodeURIComponent(req.user)}`;
                    //res.redirect(redirectUrl);
                    console.info(`L'utilisateur '${req.user.name}' vient de se connecter`)
                } else {
                    res.status(401).json({ error: "L'authentification a échoué" });
                }
            }
        );
    }
}

module.exports = PassportOAuth;
Adds base for OAuth - Still errors 2024-09-24 17:24:32 -04:00			`var OAuth2Strategy = require('passport-oauth2')`
link oauths Co-authored-by: roesnerb <roesnerb@users.noreply.github.com> Co-authored-by: MathieuSevignyLavallee <MathieuSevignyLavallee@users.noreply.github.com> 2024-10-01 00:14:55 -04:00			`var authUserAssoc = require('../../../models/authUserAssociation')`
			`var users = require('../../../models/users')`
			`var {hasNestedValue} = require('../../../utils')`

Adds base for OAuth - Still errors 2024-09-24 17:24:32 -04:00
fixes 500 error 2024-09-27 23:02:53 -04:00			`class PassportOAuth {`
link oauths Co-authored-by: roesnerb <roesnerb@users.noreply.github.com> Co-authored-by: MathieuSevignyLavallee <MathieuSevignyLavallee@users.noreply.github.com> 2024-10-01 00:14:55 -04:00			`constructor(passportjs,auth_id){`
			`this.passportjs = passportjs`
			`this.auth_id = auth_id`
			`}`

			`updateUser(userinfos){`

			`}`

Incorporate auth config 2024-09-28 17:08:11 -04:00			`register(app, passport,endpoint, name, provider) {`
continued oidc 2024-09-29 18:39:24 -04:00			const cb_url =`${process.env['BACKEND_URL']}${endpoint}/${name}/callback`
Adds base for OAuth - Still errors 2024-09-24 17:24:32 -04:00			`passport.use(name, new OAuth2Strategy({`
Incorporate auth config 2024-09-28 17:08:11 -04:00			`authorizationURL: provider.OAUTH_AUTHORIZATION_URL,`
			`tokenURL: provider.OAUTH_TOKEN_URL,`
			`clientID: provider.OAUTH_CLIENT_ID,`
			`clientSecret: provider.OAUTH_CLIENT_SECRET,`
continued oidc 2024-09-29 18:39:24 -04:00			`callbackURL: cb_url,`
fixes 500 error 2024-09-27 23:02:53 -04:00			`passReqToCallback: true`
			`},`
			`async function(req, accessToken, refreshToken, params, profile, done) {`
Adds base for OAuth - Still errors 2024-09-24 17:24:32 -04:00			`try {`
Incorporate auth config 2024-09-28 17:08:11 -04:00			`const userInfoResponse = await fetch(provider.OAUTH_USERINFO_URL, {`
fixes 500 error 2024-09-27 23:02:53 -04:00			headers: { 'Authorization': `Bearer ${accessToken}` }
			`});`
			`const userInfo = await userInfoResponse.json();`

link oauths Co-authored-by: roesnerb <roesnerb@users.noreply.github.com> Co-authored-by: MathieuSevignyLavallee <MathieuSevignyLavallee@users.noreply.github.com> 2024-10-01 00:14:55 -04:00			`let received_user = {`
fixes 500 error 2024-09-27 23:02:53 -04:00			`email: userInfo.email,`
			`name: userInfo.name,`
link oauths Co-authored-by: roesnerb <roesnerb@users.noreply.github.com> Co-authored-by: MathieuSevignyLavallee <MathieuSevignyLavallee@users.noreply.github.com> 2024-10-01 00:14:55 -04:00			`roles: []`
fixes 500 error 2024-09-27 23:02:53 -04:00			`};`
link oauths Co-authored-by: roesnerb <roesnerb@users.noreply.github.com> Co-authored-by: MathieuSevignyLavallee <MathieuSevignyLavallee@users.noreply.github.com> 2024-10-01 00:14:55 -04:00			`if(hasNestedValue(userInfo,provider.OIDC_ROLE_TEACHER_VALUE)) received_user.roles.push('teacher')`
			`if(hasNestedValue(userInfo,provider.OIDC_ROLE_STUDENT_VALUE)) received_user.roles.push('student')`

			`const user_association = await authUserAssoc.find_user_association(userInfo.sub)`

			`if(user_linked){`
			`let user = await users.getById(user_association.user_id)`
			`user.name = received_user.name`
			`user.email = received_user.email`
			`user.roles = received_user.roles`
			`users.editUser(user)`
			`this.passportjs.authenticate(user)`
			`}`
			`else {`
			`let user_id = await users.getId(userInfo.email)`
			`if(!user_id){`
			`await users.register(received_user.email,"");`
			`users.editUser`
			`}`
			`}`
fixes 500 error 2024-09-27 23:02:53 -04:00
			`// Store the tokens in the session`
			`req.session.oauth2Tokens = {`
			`accessToken: accessToken,`
			`refreshToken: refreshToken,`
			`expiresIn: params.expires_in`
			`};`
Adds base for OAuth - Still errors 2024-09-24 17:24:32 -04:00
fixes 500 error 2024-09-27 23:02:53 -04:00			`return done(null, user);`
Adds base for OAuth - Still errors 2024-09-24 17:24:32 -04:00			`} catch (error) {`
Incorporate auth config 2024-09-28 17:08:11 -04:00			console.error(`Erreur dans la strategie OAuth2 '${name}' : ${error}`);
Adds base for OAuth - Still errors 2024-09-24 17:24:32 -04:00			`return done(error);`
			`}`
fixes 500 error 2024-09-27 23:02:53 -04:00			`}));`

Incorporate auth config 2024-09-28 17:08:11 -04:00			app.get(`${endpoint}/${name}`, (req, res, next) => {
fixes 500 error 2024-09-27 23:02:53 -04:00			`passport.authenticate(name, {`
Incorporate auth config 2024-09-28 17:08:11 -04:00			scope: 'openid profile email offline_access'+ ` ${provider.OAUTH_ADD_SCOPE}`,
fixes 500 error 2024-09-27 23:02:53 -04:00			`prompt: 'consent'`
			`})(req, res, next);`
			`});`
Adds base for OAuth - Still errors 2024-09-24 17:24:32 -04:00
Incorporate auth config 2024-09-28 17:08:11 -04:00			app.get(`${endpoint}/${name}/callback`,
fixes 500 error 2024-09-27 23:02:53 -04:00			`(req, res, next) => {`
			`passport.authenticate(name, { failureRedirect: '/login' })(req, res, next);`
			`},`
			`(req, res) => {`
			`if (req.user) {`
			`res.json(req.user)`
link oauths Co-authored-by: roesnerb <roesnerb@users.noreply.github.com> Co-authored-by: MathieuSevignyLavallee <MathieuSevignyLavallee@users.noreply.github.com> 2024-10-01 00:14:55 -04:00
Chaos management 2024-09-30 23:05:00 -04:00			//const redirectUrl = `http://your-frontend-url.com/oauth/callback?user=${encodeURIComponent(req.user)}`;
			`//res.redirect(redirectUrl);`
Incorporate auth config 2024-09-28 17:08:11 -04:00			console.info(`L'utilisateur '${req.user.name}' vient de se connecter`)
fixes 500 error 2024-09-27 23:02:53 -04:00			`} else {`
Incorporate auth config 2024-09-28 17:08:11 -04:00			`res.status(401).json({ error: "L'authentification a échoué" });`
fixes 500 error 2024-09-27 23:02:53 -04:00			`}`
Adds base for OAuth - Still errors 2024-09-24 17:24:32 -04:00			`}`
			`);`
			`}`
			`}`
fixes 500 error 2024-09-27 23:02:53 -04:00
continued oidc 2024-09-29 18:39:24 -04:00			`module.exports = PassportOAuth;`