(app, argv)
| 28 | * @param argv {Object} Config options hashmap |
| 29 | */ |
| 30 | export function initialize (app, argv) { |
| 31 | const oidc = fromServerConfig(argv) |
| 32 | app.locals.oidc = oidc |
| 33 | |
| 34 | // Store initialization function to be called after server starts listening |
| 35 | // (OIDC client registration needs the server to be up to fetch openid-configuration) |
| 36 | app.locals.initFunction = () => oidc.initialize() |
| 37 | |
| 38 | // Attach the OIDC API |
| 39 | app.use('/', middleware(oidc)) |
| 40 | |
| 41 | // Perform the actual authentication |
| 42 | app.use('/', async (req, res, next) => { |
| 43 | oidc.rs.authenticate({ tokenTypesSupported: argv.tokenTypesSupported })(req, res, (err) => { |
| 44 | // Error handling should be deferred to the ldp in case a user with a bad token is trying |
| 45 | // to access a public resource |
| 46 | if (err) { |
| 47 | req.authError = err |
| 48 | res.status(200) |
| 49 | } |
| 50 | next() |
| 51 | }) |
| 52 | }) |
| 53 | |
| 54 | // Expose session.userId |
| 55 | app.use('/', (req, res, next) => { |
| 56 | oidc.webIdFromClaims(req.claims) |
| 57 | .then(webId => { |
| 58 | if (webId) { |
| 59 | req.session.userId = webId |
| 60 | } |
| 61 | |
| 62 | next() |
| 63 | }) |
| 64 | .catch(err => { |
| 65 | const error = new Error('Could not verify Web ID from token claims') |
| 66 | error.statusCode = 401 |
| 67 | error.statusText = 'Invalid login' |
| 68 | error.cause = err |
| 69 | |
| 70 | console.error(err) |
| 71 | |
| 72 | next(error) |
| 73 | }) |
| 74 | }) |
| 75 | } |
| 76 | |
| 77 | /** |
| 78 | * Returns a router with OIDC Relying Party and Identity Provider middleware: |
nothing calls this directly
no test coverage detected