(oidc)
| 84 | * @return {Router} Express router |
| 85 | */ |
| 86 | export function middleware (oidc) { |
| 87 | const router = express.Router('/') |
| 88 | |
| 89 | // User-facing Authentication API |
| 90 | router.get(['/login', '/signin'], LoginRequest.get) |
| 91 | |
| 92 | router.post('/login/password', bodyParser, LoginRequest.loginPassword) |
| 93 | |
| 94 | router.post('/login/tls', bodyParser, LoginRequest.loginTls) |
| 95 | |
| 96 | router.get('/sharing', SharingRequest.get) |
| 97 | router.post('/sharing', bodyParser, SharingRequest.share) |
| 98 | |
| 99 | router.get('/account/password/reset', restrictToTopDomain, PasswordResetEmailRequest.get) |
| 100 | router.post('/account/password/reset', restrictToTopDomain, bodyParser, PasswordResetEmailRequest.post) |
| 101 | |
| 102 | router.get('/account/password/change', restrictToTopDomain, PasswordChangeRequest.get) |
| 103 | router.post('/account/password/change', restrictToTopDomain, bodyParser, PasswordChangeRequest.post) |
| 104 | |
| 105 | router.get('/.well-known/solid/logout/', (req, res) => res.redirect('/logout')) |
| 106 | |
| 107 | router.get('/goodbye', (req, res) => { res.render('auth/goodbye') }) |
| 108 | |
| 109 | // The relying party callback is called at the end of the OIDC signin process |
| 110 | router.get('/api/oidc/rp/:issuer_id', AuthCallbackRequest.get) |
| 111 | |
| 112 | // Static assets related to authentication |
| 113 | const authAssets = [ |
| 114 | ['/.well-known/solid/login/', '../static/popup-redirect.html', false], |
| 115 | ['/common/', 'solid-auth-client/dist-popup/popup.html'] |
| 116 | ] |
| 117 | authAssets.map(args => routeResolvedFile(router, ...args)) |
| 118 | |
| 119 | // Initialize the OIDC Identity Provider routes/api |
| 120 | // router.get('/.well-known/openid-configuration', discover.bind(provider)) |
| 121 | // router.get('/jwks', jwks.bind(provider)) |
| 122 | // router.post('/register', register.bind(provider)) |
| 123 | // router.get('/authorize', authorize.bind(provider)) |
| 124 | // router.post('/authorize', authorize.bind(provider)) |
| 125 | // router.post('/token', token.bind(provider)) |
| 126 | // router.get('/userinfo', userinfo.bind(provider)) |
| 127 | // router.get('/logout', logout.bind(provider)) |
| 128 | const oidcProviderApi = oidcOpExpress(oidc.provider) |
| 129 | router.use('/', oidcProviderApi) |
| 130 | |
| 131 | return router |
| 132 | } |
| 133 | |
| 134 | /** |
| 135 | * Sets the `WWW-Authenticate` response header for 401 error responses. |
no test coverage detected