Press n or j to go to the next uncovered block, b, p or k for the previous block.
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 | 1x 1x 1x 1x 1x 1x 2x 2x 1x 1x 4x 4x 4x 4x 2x 2x 8x 7x 7x 6x 6x 6x 6x 8x 8x 8x 7x 7x 7x 1x 1x 1x 1x 6x 6x 8x 1x 1x 1x 7x 1x 1x 1x | 'use strict'
const { URL } = require('whatwg-url')
const validUrl = require('valid-url')
const fetch = require('node-fetch')
const li = require('li')
const rdf = require('rdflib')
module.exports = {
discoverProviderFor,
parseProviderLink,
preferredProviderFor,
providerExists,
validateProviderUri
}
/**
* @param uri {string} Provider URI or Web ID URI
*
* @returns {Promise<string>}
*/
function preferredProviderFor (uri) {
// First, determine if the uri is an OIDC provider
return providerExists(uri)
.then(providerUri => {
if (providerUri) {
return providerUri // the given uri's origin hosts an OIDC provider
}
// Given uri is not a provider (for example, a static Web ID profile URI)
// Discover its preferred provider
return discoverProviderFor(uri)
})
}
/**
* @param uri {string} Provider URI or Web ID URI
*
* @returns {Promise<string|null>} Returns the Provider URI origin if an OIDC
* provider exists at the given uri, or `null` if none exists
*/
function providerExists (uri) {
const providerOrigin = (new URL(uri)).origin
const providerConfigUri = providerOrigin + '/.well-known/openid-configuration'
return fetch(providerConfigUri, { method: 'HEAD' })
.then(result => {
if (result.ok) {
return providerOrigin
}
return null
})
}
/**
*
* @param webId {string} Web ID URI
*
* @returns {Promise<string>} Resolves with the preferred provider uri for the
* given Web ID, extracted from Link rel header or profile body. If no
* provider URI was found, reject with an error.
*/
function discoverProviderFor (webId) {
return discoverFromProfile(webId)
.then(providerFromProfile => providerFromProfile || discoverFromHeaders(webId))
.then(providerUri => {
validateProviderUri(providerUri, webId) // Throw an error if empty or invalid
return providerUri
})
}
/**
* @param webId {string}
*
* @returns {Promise<string|null>}
*/
function discoverFromHeaders (webId) {
return fetch(webId, { method: 'OPTIONS' })
.then(response => {
Eif (response.ok) {
return parseProviderLink(response.headers)
}
return null
})
}
function discoverFromProfile (webId) {
const store = rdf.graph()
const fetcher = rdf.fetcher(store)
return fetcher.load(webId, { force: true })
.then(response => {
const providerTerm = rdf.namedNode('http://www.w3.org/ns/solid/terms#oidcIssuer')
const providerUri = store.anyValue(rdf.namedNode(webId), providerTerm)
return providerUri
}, err => {
const error = new Error(`Could not reach Web ID ${webId} to discover provider`)
error.cause = err
error.statusCode = 400
throw error
})
}
/**
* Returns the contents of the OIDC issuer Link rel header.
*
* @see https://openid.net/specs/openid-connect-discovery-1_0.html#IssuerDiscovery
*
* @param headers {Headers} Response headers from an OPTIONS call
*
* @return {string}
*/
function parseProviderLink (headers) {
const links = li.parse(headers.get('link')) || {}
return links['http://openid.net/specs/connect/1.0/issuer']
}
/**
* Validates a preferred provider uri (makes sure it's a well-formed URI).
*
* @param provider {string} Identity provider URI
*
* @throws {Error} If the URI is invalid
*/
function validateProviderUri (provider, webId) {
if (!provider) {
const error = new Error(`OIDC issuer not advertised for ${webId}.
See https://github.com/solid/webid-oidc-spec#authorized-oidc-issuer-discovery`)
error.statusCode = 400
throw error
}
if (!validUrl.isUri(provider)) {
const error = new Error(`OIDC issuer for ${webId} is not a valid URI: ${provider}`)
error.statusCode = 400
throw error
}
}
|