UNPKG

8.21 kBJavaScriptView Raw
1'use strict';
2
3// Plugin for an authorization server. Implements REST endpoints to retrieve
4// access token endpoint details and to get an OAuth bearer access token with
5// expected scopes.
6
7var _ = require('underscore');
8var router = require('abacus-router');
9var webapp = require('abacus-webapp');
10var jwt = require('jsonwebtoken');
11
12var extend = _.extend;
13
14// Setup the debug log
15var debug = require('abacus-debug')('abacus-authserver-plugin');
16
17// Create an express router
18var routes = router();
19
20// Secure the routes or not
21var secured = function secured(req) {
22 return process.env.SECURED === 'true' && req.headers['x-forwarded-proto'] === 'https';
23};
24
25// Retrieve token point information
26routes.get('/v2/info', regeneratorRuntime.mark(function _callee(req) {
27 return regeneratorRuntime.wrap(function _callee$(_context) {
28 while (1) {
29 switch (_context.prev = _context.next) {
30 case 0:
31 return _context.abrupt('return', {
32 body: {
33 token_endpoint: [secured(req) ? 'https://' : 'http://', req.headers.host].join('')
34 }
35 });
36
37 case 1:
38 case 'end':
39 return _context.stop();
40 }
41 }
42 }, _callee, this);
43}));
44
45// Retrieve OAuth bearer access token
46routes.get('/oauth/token', regeneratorRuntime.mark(function _callee2(req) {
47 var token, signed;
48 return regeneratorRuntime.wrap(function _callee2$(_context2) {
49 while (1) {
50 switch (_context2.prev = _context2.next) {
51 case 0:
52 debug('Get OAuth bearer access token');
53
54 // Default OAuth bearer access token
55 token = {
56 jti: 'fa1b29fe-76a9-4c2d-903e-dddd0563a9e3',
57 sub: 'test-token',
58 client_id: 'test-token',
59 cid: 'test-token',
60 azp: 'test-token',
61 grant_type: 'client_credentials',
62 iss: req.url,
63 zid: 'authserver-plugin',
64 aud: ['abacus', 'account', 'provisioning']
65 };
66
67 // Sign OAuth bearer access token with expected scopes
68
69 signed = jwt.sign(extend(token, {
70 authorities: req.query.scope.split(' '),
71 scope: req.query.scope.split(' ')
72 }), process.env.JWTKEY || 'encode', {
73 algorithm: process.env.JWTALGO,
74 expiresIn: 43200
75 });
76 return _context2.abrupt('return', {
77 body: {
78 access_token: signed,
79 token_type: 'bearer',
80 scope: req.query.scope,
81 expires_in: 43200
82 }
83 });
84
85 case 4:
86 case 'end':
87 return _context2.stop();
88 }
89 }
90 }, _callee2, this);
91}));
92
93// Create an authorization server plugin application
94var authserver = function authserver() {
95 var app = webapp();
96 app.use(routes);
97 return app;
98};
99
100// Command line interface, create the app and listen
101var runCLI = function runCLI() {
102 return authserver().listen();
103};
104
105// Export our public functions
106module.exports = authserver;
107module.exports.runCLI = runCLI;
108//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJzb3VyY2VzIjpbIi4uL3NyYy9pbmRleC5qcyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7Ozs7O0FBTUEsSUFBTSxJQUFJLFFBQVEsWUFBUixDQUFKO0FBQ04sSUFBTSxTQUFTLFFBQVEsZUFBUixDQUFUO0FBQ04sSUFBTSxTQUFTLFFBQVEsZUFBUixDQUFUO0FBQ04sSUFBTSxNQUFNLFFBQVEsY0FBUixDQUFOOztBQUVOLElBQU0sU0FBUyxFQUFFLE1BQUY7OztBQUdmLElBQU0sUUFBUSxRQUFRLGNBQVIsRUFBd0IsMEJBQXhCLENBQVI7OztBQUdOLElBQU0sU0FBUyxRQUFUOzs7QUFHTixJQUFNLFVBQVUsU0FBVixPQUFVLENBQUMsR0FBRDtTQUFTLFFBQVEsR0FBUixDQUFZLE9BQVosS0FBd0IsTUFBeEIsSUFDdkIsSUFBSSxPQUFKLENBQVksbUJBQVosTUFBcUMsT0FBckM7Q0FEYzs7O0FBSWhCLE9BQU8sR0FBUCxDQUFXLFVBQVgsMEJBQXVCLGlCQUFXLEdBQVg7Ozs7OzJDQUVkO0FBQ0wsa0JBQU07QUFDSiw4QkFBZ0IsQ0FDZCxRQUFRLEdBQVIsSUFBZSxVQUFmLEdBQTRCLFNBQTVCLEVBQ0EsSUFBSSxPQUFKLENBQVksSUFBWixDQUZjLENBR2QsSUFIYyxDQUdULEVBSFMsQ0FBaEI7YUFERjs7Ozs7Ozs7O0NBSG1CLENBQXZCOzs7QUFhQSxPQUFPLEdBQVAsQ0FBVyxjQUFYLDBCQUEyQixrQkFBVyxHQUFYO01BSW5CLE9BaUJBOzs7OztBQXBCTixnQkFBTSwrQkFBTjs7O0FBR00sa0JBQVE7QUFDWixpQkFBSyxzQ0FBTDtBQUNBLGlCQUFLLFlBQUw7QUFDQSx1QkFBVyxZQUFYO0FBQ0EsaUJBQUssWUFBTDtBQUNBLGlCQUFLLFlBQUw7QUFDQSx3QkFBWSxvQkFBWjtBQUNBLGlCQUFLLElBQUksR0FBSjtBQUNMLGlCQUFLLG1CQUFMO0FBQ0EsaUJBQUssQ0FDSCxRQURHLEVBRUgsU0FGRyxFQUdILGNBSEcsQ0FBTDs7Ozs7QUFRSSxtQkFBUyxJQUFJLElBQUosQ0FBUyxPQUFPLEtBQVAsRUFBYztBQUNwQyx5QkFBYSxJQUFJLEtBQUosQ0FBVSxLQUFWLENBQWdCLEtBQWhCLENBQXNCLEdBQXRCLENBQWI7QUFDQSxtQkFBTyxJQUFJLEtBQUosQ0FBVSxLQUFWLENBQWdCLEtBQWhCLENBQXNCLEdBQXRCLENBQVA7V0FGc0IsQ0FBVCxFQUdYLFFBQVEsR0FBUixDQUFZLE1BQVosSUFBc0IsUUFBdEIsRUFBZ0M7QUFDbEMsdUJBQVcsUUFBUSxHQUFSLENBQVksT0FBWjtBQUNYLHVCQUFXLEtBQVg7V0FMYTs0Q0FRUjtBQUNMLGtCQUFNO0FBQ0osNEJBQWMsTUFBZDtBQUNBLDBCQUFZLFFBQVo7QUFDQSxxQkFBTyxJQUFJLEtBQUosQ0FBVSxLQUFWO0FBQ1AsMEJBQVksS0FBWjthQUpGOzs7Ozs7Ozs7Q0E5QnVCLENBQTNCOzs7QUF3Q0EsSUFBTSxhQUFhLFNBQWIsVUFBYSxHQUFNO0FBQ3ZCLE1BQU0sTUFBTSxRQUFOLENBRGlCO0FBRXZCLE1BQUksR0FBSixDQUFRLE1BQVIsRUFGdUI7QUFHdkIsU0FBTyxHQUFQLENBSHVCO0NBQU47OztBQU9uQixJQUFNLFNBQVMsU0FBVCxNQUFTO1NBQU0sYUFBYSxNQUFiO0NBQU47OztBQUdmLE9BQU8sT0FBUCxHQUFpQixVQUFqQjtBQUNBLE9BQU8sT0FBUCxDQUFlLE1BQWYsR0FBd0IsTUFBeEIiLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VzQ29udGVudCI6WyIndXNlIHN0cmljdCc7XG5cbi8vIFBsdWdpbiBmb3IgYW4gYXV0aG9yaXphdGlvbiBzZXJ2ZXIuIEltcGxlbWVudHMgUkVTVCBlbmRwb2ludHMgdG8gcmV0cmlldmVcbi8vIGFjY2VzcyB0b2tlbiBlbmRwb2ludCBkZXRhaWxzIGFuZCB0byBnZXQgYW4gT0F1dGggYmVhcmVyIGFjY2VzcyB0b2tlbiB3aXRoXG4vLyBleHBlY3RlZCBzY29wZXMuXG5cbmNvbnN0IF8gPSByZXF1aXJlKCd1bmRlcnNjb3JlJyk7XG5jb25zdCByb3V0ZXIgPSByZXF1aXJlKCdhYmFjdXMtcm91dGVyJyk7XG5jb25zdCB3ZWJhcHAgPSByZXF1aXJlKCdhYmFjdXMtd2ViYXBwJyk7XG5jb25zdCBqd3QgPSByZXF1aXJlKCdqc29ud2VidG9rZW4nKTtcblxuY29uc3QgZXh0ZW5kID0gXy5leHRlbmQ7XG5cbi8vIFNldHVwIHRoZSBkZWJ1ZyBsb2dcbmNvbnN0IGRlYnVnID0gcmVxdWlyZSgnYWJhY3VzLWRlYnVnJykoJ2FiYWN1cy1hdXRoc2VydmVyLXBsdWdpbicpO1xuXG4vLyBDcmVhdGUgYW4gZXhwcmVzcyByb3V0ZXJcbmNvbnN0IHJvdXRlcyA9IHJvdXRlcigpO1xuXG4vLyBTZWN1cmUgdGhlIHJvdXRlcyBvciBub3RcbmNvbnN0IHNlY3VyZWQgPSAocmVxKSA9PiBwcm9jZXNzLmVudi5TRUNVUkVEID09PSAndHJ1ZScgJiZcbiAgcmVxLmhlYWRlcnNbJ3gtZm9yd2FyZGVkLXByb3RvJ10gPT09ICdodHRwcyc7XG5cbi8vIFJldHJpZXZlIHRva2VuIHBvaW50IGluZm9ybWF0aW9uXG5yb3V0ZXMuZ2V0KCcvdjIvaW5mbycsIGZ1bmN0aW9uICoocmVxKSB7XG4gIC8vIHJldHVybiB0b2tlbiBlbmRwb2ludCBVUkwgdG8gZ2V0IGEgT0F1dGggYmVhcmVyIGFjY2VzcyB0b2tlblxuICByZXR1cm4ge1xuICAgIGJvZHk6IHtcbiAgICAgIHRva2VuX2VuZHBvaW50OiBbXG4gICAgICAgIHNlY3VyZWQocmVxKSA/ICdodHRwczovLycgOiAnaHR0cDovLycsXG4gICAgICAgIHJlcS5oZWFkZXJzLmhvc3RcbiAgICAgIF0uam9pbignJylcbiAgICB9XG4gIH07XG59KTtcblxuLy8gUmV0cmlldmUgT0F1dGggYmVhcmVyIGFjY2VzcyB0b2tlblxucm91dGVzLmdldCgnL29hdXRoL3Rva2VuJywgZnVuY3Rpb24gKihyZXEpIHtcbiAgZGVidWcoJ0dldCBPQXV0aCBiZWFyZXIgYWNjZXNzIHRva2VuJyk7XG5cbiAgLy8gRGVmYXVsdCBPQXV0aCBiZWFyZXIgYWNjZXNzIHRva2VuXG4gIGNvbnN0IHRva2VuID0ge1xuICAgIGp0aTogJ2ZhMWIyOWZlLTc2YTktNGMyZC05MDNlLWRkZGQwNTYzYTllMycsXG4gICAgc3ViOiAndGVzdC10b2tlbicsXG4gICAgY2xpZW50X2lkOiAndGVzdC10b2tlbicsXG4gICAgY2lkOiAndGVzdC10b2tlbicsXG4gICAgYXpwOiAndGVzdC10b2tlbicsXG4gICAgZ3JhbnRfdHlwZTogJ2NsaWVudF9jcmVkZW50aWFscycsXG4gICAgaXNzOiByZXEudXJsLFxuICAgIHppZDogJ2F1dGhzZXJ2ZXItcGx1Z2luJyxcbiAgICBhdWQ6IFtcbiAgICAgICdhYmFjdXMnLFxuICAgICAgJ2FjY291bnQnLFxuICAgICAgJ3Byb3Zpc2lvbmluZydcbiAgICBdXG4gIH07XG5cbiAgLy8gU2lnbiBPQXV0aCBiZWFyZXIgYWNjZXNzIHRva2VuIHdpdGggZXhwZWN0ZWQgc2NvcGVzXG4gIGNvbnN0IHNpZ25lZCA9IGp3dC5zaWduKGV4dGVuZCh0b2tlbiwge1xuICAgIGF1dGhvcml0aWVzOiByZXEucXVlcnkuc2NvcGUuc3BsaXQoJyAnKSxcbiAgICBzY29wZTogcmVxLnF1ZXJ5LnNjb3BlLnNwbGl0KCcgJylcbiAgfSksIHByb2Nlc3MuZW52LkpXVEtFWSB8fCAnZW5jb2RlJywge1xuICAgIGFsZ29yaXRobTogcHJvY2Vzcy5lbnYuSldUQUxHTyxcbiAgICBleHBpcmVzSW46IDQzMjAwXG4gIH0pO1xuXG4gIHJldHVybiB7XG4gICAgYm9keToge1xuICAgICAgYWNjZXNzX3Rva2VuOiBzaWduZWQsXG4gICAgICB0b2tlbl90eXBlOiAnYmVhcmVyJyxcbiAgICAgIHNjb3BlOiByZXEucXVlcnkuc2NvcGUsXG4gICAgICBleHBpcmVzX2luOiA0MzIwMFxuICAgIH1cbiAgfTtcbn0pO1xuXG4vLyBDcmVhdGUgYW4gYXV0aG9yaXphdGlvbiBzZXJ2ZXIgcGx1Z2luIGFwcGxpY2F0aW9uXG5jb25zdCBhdXRoc2VydmVyID0gKCkgPT4ge1xuICBjb25zdCBhcHAgPSB3ZWJhcHAoKTtcbiAgYXBwLnVzZShyb3V0ZXMpO1xuICByZXR1cm4gYXBwO1xufTtcblxuLy8gQ29tbWFuZCBsaW5lIGludGVyZmFjZSwgY3JlYXRlIHRoZSBhcHAgYW5kIGxpc3RlblxuY29uc3QgcnVuQ0xJID0gKCkgPT4gYXV0aHNlcnZlcigpLmxpc3RlbigpO1xuXG4vLyBFeHBvcnQgb3VyIHB1YmxpYyBmdW5jdGlvbnNcbm1vZHVsZS5leHBvcnRzID0gYXV0aHNlcnZlcjtcbm1vZHVsZS5leHBvcnRzLnJ1bkNMSSA9IHJ1bkNMSTtcbiJdfQ==
\No newline at end of file