| 25 | const SequenceActions = RestBindings.SequenceActions; |
| 26 | |
| 27 | export class MySequence implements SequenceHandler { |
| 28 | /** |
| 29 | * Optional invoker for registered middleware in a chain. |
| 30 | * To be injected via SequenceActions.INVOKE_MIDDLEWARE. |
| 31 | */ |
| 32 | @inject(SequenceActions.INVOKE_MIDDLEWARE, {optional: true}) |
| 33 | protected invokeMiddleware: InvokeMiddleware = () => false; |
| 34 | |
| 35 | constructor( |
| 36 | @inject(SequenceActions.FIND_ROUTE) protected findRoute: FindRoute, |
| 37 | @inject(SequenceActions.PARSE_PARAMS) |
| 38 | protected parseParams: ParseParams, |
| 39 | @inject(SequenceActions.INVOKE_METHOD) protected invoke: InvokeMethod, |
| 40 | @inject(SequenceActions.SEND) protected send: Send, |
| 41 | @inject(SequenceActions.REJECT) protected reject: Reject, |
| 42 | @inject(AuthenticationBindings.AUTH_ACTION) |
| 43 | protected authenticateRequest: AuthenticateFn, |
| 44 | ) {} |
| 45 | |
| 46 | async handle(context: RequestContext) { |
| 47 | try { |
| 48 | const {request, response} = context; |
| 49 | const finished = await this.invokeMiddleware(context); |
| 50 | if (finished) return; |
| 51 | |
| 52 | const route = this.findRoute(request); |
| 53 | |
| 54 | // usually authentication is done before proceeding to parse params |
| 55 | // but in our case we need the path params to know the provider name |
| 56 | const args = await this.parseParams(request, route); |
| 57 | |
| 58 | // if provider name is available in the request path params, set it in the query |
| 59 | if (route.pathParams?.provider) { |
| 60 | request.query['oauth2-provider-name'] = route.pathParams.provider; |
| 61 | } |
| 62 | |
| 63 | //call authentication action |
| 64 | await this.authenticateRequest(request); |
| 65 | |
| 66 | // Authentication successful, proceed to invoke controller |
| 67 | const result = await this.invoke(route, args); |
| 68 | this.send(response, result); |
| 69 | } catch (error) { |
| 70 | /** |
| 71 | * Authentication errors for login page are handled by the express app |
| 72 | */ |
| 73 | if ( |
| 74 | context.request.path === '/login' && |
| 75 | (error.status === 401 || error.name === 'UnauthorizedError') |
| 76 | ) { |
| 77 | /** |
| 78 | * The express app that routed the /signup call to LB App, will handle the error event. |
| 79 | */ |
| 80 | context.response.emit( |
| 81 | 'UnauthorizedError', |
| 82 | 'User Authentication Failed', |
| 83 | ); |
| 84 | return; |