1 | "use strict";
|
2 | Object.defineProperty(exports, "__esModule", { value: true });
|
3 | const tslib_1 = require("tslib");
|
4 | const common_1 = require("@nestjs/common");
|
5 | const __1 = require("..");
|
6 | const logging_1 = require("../gcloud/logging");
|
7 | const auth_configurer_1 = require("./auth.configurer");
|
8 | const auth_guard_1 = require("./auth.guard");
|
9 | const auth_listener_1 = require("./auth.listener");
|
10 | let AuthController = class AuthController {
|
11 | constructor(authConfigurer, inviteUserService, configuration, authListener) {
|
12 | this.authConfigurer = authConfigurer;
|
13 | this.inviteUserService = inviteUserService;
|
14 | this.configuration = configuration;
|
15 | this.authListener = authListener;
|
16 | this.logger = logging_1.createLogger('auth-controller');
|
17 | }
|
18 | signIn(req, res, next) {
|
19 | this.authConfigurer.authenticateLocal()(req, res, (result) => {
|
20 | if (result) {
|
21 | if (result instanceof common_1.HttpException) {
|
22 | return res.status(result.getStatus()).send(result.getResponse());
|
23 | }
|
24 | next(result);
|
25 | }
|
26 | else {
|
27 | this.authListener.onLogin(req);
|
28 | res.send({
|
29 | result: 'success',
|
30 | });
|
31 | }
|
32 | });
|
33 | }
|
34 | signInFake(req, res, next) {
|
35 | this.authConfigurer.authenticateFake()(req, res, (result) => {
|
36 | if (result) {
|
37 | if (result instanceof common_1.HttpException) {
|
38 | return res.status(result.getStatus()).send(result.getResponse());
|
39 | }
|
40 | next(result);
|
41 | }
|
42 | else {
|
43 | this.authListener.onLogin(req);
|
44 | res.send({
|
45 | result: 'success',
|
46 | });
|
47 | }
|
48 | });
|
49 | }
|
50 | async activate(req, res, next, context) {
|
51 | await this.inviteUserService.activateAccount(context, req.body.code, req.body.name, req.body.password);
|
52 | res.send({
|
53 | result: 'Activated successfully',
|
54 | });
|
55 | }
|
56 | async reInviteUser(req, res, next, context) {
|
57 | if (!req.body.userId) {
|
58 | throw new Error('User id not supplied');
|
59 | }
|
60 | this.logger.info('Re invite requested for ' + req.body.userId);
|
61 | const userInviteResponse = await this.inviteUserService.reInviteForUserId(context, req.body.userId);
|
62 | if (userInviteResponse) {
|
63 | res.send({
|
64 | result: 'Re Invited user successfully',
|
65 | });
|
66 | }
|
67 | else {
|
68 | res.status(common_1.HttpStatus.INTERNAL_SERVER_ERROR).send('Error while re inviting user');
|
69 | }
|
70 | }
|
71 | signOutLocal(req, res, next) {
|
72 | this.logger.debug('Logging out local user');
|
73 | req.logout();
|
74 | if (req.xhr) {
|
75 | res.status(204).send();
|
76 | }
|
77 | else {
|
78 | const redirectUrl = '/';
|
79 | this.logger.debug(`Redirecting to ${redirectUrl} for non-xhr request`);
|
80 | res.redirect(redirectUrl);
|
81 | }
|
82 | }
|
83 | signOut(req, res, next) {
|
84 | this.logger.warn('This endpoint is deprecated and will be removed in future releases - please use GET /auth/signout/local instead');
|
85 | req.logout();
|
86 | res.redirect('/');
|
87 | }
|
88 | signInGoogle(req, res, next) {
|
89 | this.authConfigurer.beginAuthenticateGoogle()(req, res, next);
|
90 | }
|
91 | completeSignInGoogle(req, res) {
|
92 | this.authConfigurer.completeAuthenticateGoogle()(req, res, (err) => {
|
93 | if (req.user) {
|
94 | this.authListener.onLogin(req);
|
95 | res.redirect(`/`);
|
96 | }
|
97 | else {
|
98 | this.logger.warn('Login with google failed', err);
|
99 | res.redirect(`/signin?error=${encodeURIComponent('Login with google failed.')}`);
|
100 | }
|
101 | });
|
102 | }
|
103 | signInSaml(req, res, next) {
|
104 | this.logger.info('Redirecting to SAML Identity Provider');
|
105 | this.authConfigurer.beginAuthenticateSaml()(req, res, next);
|
106 | }
|
107 | completeSignInSaml(req, res) {
|
108 | this.logger.info('Received ACS callback from SAML Identity Provider');
|
109 | this.authConfigurer.completeAuthenticateSaml()(req, res, (err) => {
|
110 | if (req.user) {
|
111 | this.logger.info('user: %o', req.user);
|
112 | this.authListener.onLogin(req);
|
113 | res.redirect('/');
|
114 | }
|
115 | else {
|
116 | this.logger.warn('Login with SAML failed', err);
|
117 | res.redirect(`/signin?error=${encodeURIComponent('Login with SAML failed.')}`);
|
118 | }
|
119 | });
|
120 | }
|
121 | signInAuth0(req, res, next) {
|
122 | this.authConfigurer.beginAuthenticateAuth0()(req, res, next);
|
123 | }
|
124 | signOutAuth0(req, res) {
|
125 | const redirectUrl = this.authConfigurer.getSignoutUrlAuth0();
|
126 | this.logger.info('Redirecting to ', redirectUrl);
|
127 | res.redirect(redirectUrl);
|
128 | }
|
129 | completeSignInAuth0(req, res) {
|
130 | this.authConfigurer.completeAuthenticateAuth0()(req, res, (err) => {
|
131 | if (req.user) {
|
132 | this.authListener.onLogin(req);
|
133 | res.redirect(`/`);
|
134 | }
|
135 | else {
|
136 | this.logger.warn('Login with auth0 failed', err);
|
137 | res.redirect(`/signin?error=${encodeURIComponent('Login with auth0 failed.')}`);
|
138 | }
|
139 | });
|
140 | }
|
141 | signInOidc(req, res, next) {
|
142 | this.authConfigurer.beginAuthenticateOidc()(req, res, next);
|
143 | }
|
144 | completeSignInOidc(req, res) {
|
145 | this.authConfigurer.completeAuthenticateOidc()(req, res, (err) => {
|
146 | if (req.user) {
|
147 | this.authListener.onLogin(req);
|
148 | res.redirect(`/`);
|
149 | }
|
150 | else {
|
151 | this.logger.warn('Login with oidc failed', err);
|
152 | res.redirect(`/signin?error=${encodeURIComponent('Login with oidc failed.')}`);
|
153 | }
|
154 | });
|
155 | }
|
156 | };
|
157 | tslib_1.__decorate([
|
158 | auth_guard_1.AllowAnonymous(),
|
159 | common_1.Post('signin/local'),
|
160 | tslib_1.__param(0, common_1.Req()), tslib_1.__param(1, common_1.Res()), tslib_1.__param(2, common_1.Next()),
|
161 | tslib_1.__metadata("design:type", Function),
|
162 | tslib_1.__metadata("design:paramtypes", [Object, Object, Function]),
|
163 | tslib_1.__metadata("design:returntype", void 0)
|
164 | ], AuthController.prototype, "signIn", null);
|
165 | tslib_1.__decorate([
|
166 | auth_guard_1.AllowAnonymous(),
|
167 | common_1.Post('signin/fake'),
|
168 | tslib_1.__param(0, common_1.Req()), tslib_1.__param(1, common_1.Res()), tslib_1.__param(2, common_1.Next()),
|
169 | tslib_1.__metadata("design:type", Function),
|
170 | tslib_1.__metadata("design:paramtypes", [Object, Object, Function]),
|
171 | tslib_1.__metadata("design:returntype", void 0)
|
172 | ], AuthController.prototype, "signInFake", null);
|
173 | tslib_1.__decorate([
|
174 | auth_guard_1.AllowAnonymous(),
|
175 | common_1.Post('activate'),
|
176 | tslib_1.__param(0, common_1.Req()),
|
177 | tslib_1.__param(1, common_1.Res()),
|
178 | tslib_1.__param(2, common_1.Next()),
|
179 | tslib_1.__param(3, __1.Ctxt()),
|
180 | tslib_1.__metadata("design:type", Function),
|
181 | tslib_1.__metadata("design:paramtypes", [Object, Object, Function, Object]),
|
182 | tslib_1.__metadata("design:returntype", Promise)
|
183 | ], AuthController.prototype, "activate", null);
|
184 | tslib_1.__decorate([
|
185 | auth_guard_1.Roles('admin'),
|
186 | common_1.Post('re-invite'),
|
187 | tslib_1.__param(0, common_1.Req()),
|
188 | tslib_1.__param(1, common_1.Res()),
|
189 | tslib_1.__param(2, common_1.Next()),
|
190 | tslib_1.__param(3, __1.Ctxt()),
|
191 | tslib_1.__metadata("design:type", Function),
|
192 | tslib_1.__metadata("design:paramtypes", [Object, Object, Function, Object]),
|
193 | tslib_1.__metadata("design:returntype", Promise)
|
194 | ], AuthController.prototype, "reInviteUser", null);
|
195 | tslib_1.__decorate([
|
196 | auth_guard_1.AllowAnonymous(),
|
197 | common_1.Get('signout/local'),
|
198 | tslib_1.__param(0, common_1.Req()), tslib_1.__param(1, common_1.Res()), tslib_1.__param(2, common_1.Next()),
|
199 | tslib_1.__metadata("design:type", Function),
|
200 | tslib_1.__metadata("design:paramtypes", [Object, Object, Function]),
|
201 | tslib_1.__metadata("design:returntype", void 0)
|
202 | ], AuthController.prototype, "signOutLocal", null);
|
203 | tslib_1.__decorate([
|
204 | common_1.Post('signout/local'),
|
205 | tslib_1.__param(0, common_1.Req()), tslib_1.__param(1, common_1.Res()), tslib_1.__param(2, common_1.Next()),
|
206 | tslib_1.__metadata("design:type", Function),
|
207 | tslib_1.__metadata("design:paramtypes", [Object, Object, Function]),
|
208 | tslib_1.__metadata("design:returntype", void 0)
|
209 | ], AuthController.prototype, "signOut", null);
|
210 | tslib_1.__decorate([
|
211 | auth_guard_1.AllowAnonymous(),
|
212 | common_1.Get('signin/google'),
|
213 | tslib_1.__param(0, common_1.Req()), tslib_1.__param(1, common_1.Res()), tslib_1.__param(2, common_1.Next()),
|
214 | tslib_1.__metadata("design:type", Function),
|
215 | tslib_1.__metadata("design:paramtypes", [Object, Object, Function]),
|
216 | tslib_1.__metadata("design:returntype", void 0)
|
217 | ], AuthController.prototype, "signInGoogle", null);
|
218 | tslib_1.__decorate([
|
219 | auth_guard_1.AllowAnonymous(),
|
220 | common_1.Get('signin/google/callback'),
|
221 | tslib_1.__param(0, common_1.Req()), tslib_1.__param(1, common_1.Res()),
|
222 | tslib_1.__metadata("design:type", Function),
|
223 | tslib_1.__metadata("design:paramtypes", [Object, Object]),
|
224 | tslib_1.__metadata("design:returntype", void 0)
|
225 | ], AuthController.prototype, "completeSignInGoogle", null);
|
226 | tslib_1.__decorate([
|
227 | auth_guard_1.AllowAnonymous(),
|
228 | common_1.Get('signin/saml'),
|
229 | tslib_1.__param(0, common_1.Req()), tslib_1.__param(1, common_1.Res()), tslib_1.__param(2, common_1.Next()),
|
230 | tslib_1.__metadata("design:type", Function),
|
231 | tslib_1.__metadata("design:paramtypes", [Object, Object, Function]),
|
232 | tslib_1.__metadata("design:returntype", void 0)
|
233 | ], AuthController.prototype, "signInSaml", null);
|
234 | tslib_1.__decorate([
|
235 | auth_guard_1.AllowAnonymous(),
|
236 | common_1.Post('signin/saml/acs'),
|
237 | tslib_1.__param(0, common_1.Req()), tslib_1.__param(1, common_1.Res()),
|
238 | tslib_1.__metadata("design:type", Function),
|
239 | tslib_1.__metadata("design:paramtypes", [Object, Object]),
|
240 | tslib_1.__metadata("design:returntype", void 0)
|
241 | ], AuthController.prototype, "completeSignInSaml", null);
|
242 | tslib_1.__decorate([
|
243 | auth_guard_1.AllowAnonymous(),
|
244 | common_1.Get('signin/auth0'),
|
245 | tslib_1.__param(0, common_1.Req()), tslib_1.__param(1, common_1.Res()), tslib_1.__param(2, common_1.Next()),
|
246 | tslib_1.__metadata("design:type", Function),
|
247 | tslib_1.__metadata("design:paramtypes", [Object, Object, Function]),
|
248 | tslib_1.__metadata("design:returntype", void 0)
|
249 | ], AuthController.prototype, "signInAuth0", null);
|
250 | tslib_1.__decorate([
|
251 | auth_guard_1.AllowAnonymous(),
|
252 | common_1.Get('signout/auth0'),
|
253 | tslib_1.__param(0, common_1.Req()), tslib_1.__param(1, common_1.Res()),
|
254 | tslib_1.__metadata("design:type", Function),
|
255 | tslib_1.__metadata("design:paramtypes", [Object, Object]),
|
256 | tslib_1.__metadata("design:returntype", void 0)
|
257 | ], AuthController.prototype, "signOutAuth0", null);
|
258 | tslib_1.__decorate([
|
259 | auth_guard_1.AllowAnonymous(),
|
260 | common_1.Get('signin/auth0/callback'),
|
261 | tslib_1.__param(0, common_1.Req()), tslib_1.__param(1, common_1.Res()),
|
262 | tslib_1.__metadata("design:type", Function),
|
263 | tslib_1.__metadata("design:paramtypes", [Object, Object]),
|
264 | tslib_1.__metadata("design:returntype", void 0)
|
265 | ], AuthController.prototype, "completeSignInAuth0", null);
|
266 | tslib_1.__decorate([
|
267 | auth_guard_1.AllowAnonymous(),
|
268 | common_1.Get('signin/oidc'),
|
269 | tslib_1.__param(0, common_1.Req()), tslib_1.__param(1, common_1.Res()), tslib_1.__param(2, common_1.Next()),
|
270 | tslib_1.__metadata("design:type", Function),
|
271 | tslib_1.__metadata("design:paramtypes", [Object, Object, Function]),
|
272 | tslib_1.__metadata("design:returntype", void 0)
|
273 | ], AuthController.prototype, "signInOidc", null);
|
274 | tslib_1.__decorate([
|
275 | auth_guard_1.AllowAnonymous(),
|
276 | common_1.Get('signin/oidc/callback'),
|
277 | tslib_1.__param(0, common_1.Req()), tslib_1.__param(1, common_1.Res()),
|
278 | tslib_1.__metadata("design:type", Function),
|
279 | tslib_1.__metadata("design:paramtypes", [Object, Object]),
|
280 | tslib_1.__metadata("design:returntype", void 0)
|
281 | ], AuthController.prototype, "completeSignInOidc", null);
|
282 | AuthController = tslib_1.__decorate([
|
283 | common_1.Controller('auth'),
|
284 | tslib_1.__param(2, common_1.Inject('Configuration')),
|
285 | tslib_1.__param(3, common_1.Inject(auth_listener_1.AUTH_LISTENER)),
|
286 | tslib_1.__metadata("design:paramtypes", [auth_configurer_1.AuthConfigurer,
|
287 | __1.InviteUserService, Object, Object])
|
288 | ], AuthController);
|
289 | exports.AuthController = AuthController;
|
290 |
|
\ | No newline at end of file |