Merge feat-add-az-bearer-support

tsedio · Jan 25, 2020 · c9d308f · c9d308f
2 parents 481a691 + 5b7270e
commit c9d308f
Show file tree

Hide file tree

Showing 11 changed files with 384 additions and 222 deletions.
diff --git a/examples/passport-azure-ad/packages/server/package.json b/examples/passport-azure-ad/packages/server/package.json
@@ -23,10 +23,8 @@
     "@tsed/di": "5.39.3",
     "@tsed/swagger": "5.39.3",
     "@tsed/testing": "5.39.3",
+    "@tsed/passport": "5.39.3",
     "@types/compression": "0.0.36",
-    "@types/dotenv": "^6.1.1",
-    "@types/method-override": "0.0.31",
-    "@types/swagger-schema-official": "2.0.20",
     "body-parser": "1.19.0",
     "compression": "1.7.4",
     "concurrently": "5.0.0",
@@ -42,6 +40,9 @@
     "ts-log-debug": "^5.1.0"
   },
   "devDependencies": {
+    "@types/dotenv": "^6.1.1",
+    "@types/method-override": "0.0.31",
+    "@types/swagger-schema-official": "2.0.20",
     "@types/body-parser": "^1.17.0",
     "@types/chai": "4.2.5",
     "@types/chai-as-promised": "^7.1.0",
@@ -71,4 +72,4 @@
     "tslint": "5.20.1",
     "typescript": "3.5.3"
   }
-}
+}
diff --git a/examples/passport-azure-ad/packages/server/src/Server.ts b/examples/passport-azure-ad/packages/server/src/Server.ts
@@ -1,12 +1,12 @@
 import {$log, GlobalAcceptMimesMiddleware, ServerLoader, ServerSettings} from "@tsed/common";
 import "@tsed/swagger";
-import * as Session from "express-session";
-import * as CookieParser from "cookie-parser";
 import * as BodyParser from "body-parser";
 import * as compress from "compression";
+import * as CookieParser from "cookie-parser";
+import * as dotenv from "dotenv";
+import * as Session from "express-session";
 // import * as cors from "cors";
 import * as methodOverride from "method-override";
-import * as dotenv from "dotenv";
 import * as path from "path";
 
 dotenv.config();
@@ -68,7 +68,7 @@ $log.info(`Scopes to use: ${scopes}`);
     path: "/api-docs"
   },
   passport: {},
-  azureBearerOptions: {
+  "azure-bearer": {
     identityMetadata: `https://login.microsoftonline.com/${tenantId}/v2.0/.well-known/openid-configuration`,
     clientID: clientId,
     validateIssuer: true,
@@ -94,6 +94,15 @@ export class Server extends ServerLoader {
   }
 
   $afterRoutesInit(): void {
+    this.expressApp.get("/", (req, res) => {
+      if (!res.headersSent) {
+        // prevent index.html caching
+        res.set({
+          "Cache-Control": "no-cache, no-store, must-revalidate",
+          "Pragma": "no-cache"
+        });
+      }
+    });
     this.expressApp.get(`*`, (req, res) => {
       res.sendFile(path.join(clientDir, "index.html"));
     });

diff --git a/examples/passport-azure-ad/packages/server/src/decorators/OAuthBearer.ts b/examples/passport-azure-ad/packages/server/src/decorators/OAuthBearer.ts
@@ -1,15 +1,11 @@
-import {AuthOptions, UseAuth, UseBefore} from "@tsed/common";
 import {applyDecorators} from "@tsed/core";
+import {Authenticate} from "@tsed/passport";
 import {Operation, Responses, Security} from "@tsed/swagger";
-import * as Passport from "passport";
-import {OAuthBearerOptions} from "../protocols/BearerStrategy";
 import {OAuthHead} from "./OAuthHead";
 
 export function OAuthBearer(options: any = {}): Function {
   return applyDecorators(
-    AuthOptions(OAuthBearerOptions as any, options), // Add this to store all options and retrieve it in verify function
-    UseAuth(Passport.authenticate("oauth-bearer", {session: false, ...options}) as any),
-
+    Authenticate("azure-bearer", {session: false, ...options}),
     // Metadata for swagger
     Security("oauth", ...(options.scopes || [])),
     Operation({

diff --git a/examples/passport-azure-ad/packages/server/src/protocols/BearerProtocol.ts b/examples/passport-azure-ad/packages/server/src/protocols/BearerProtocol.ts
@@ -0,0 +1,35 @@
+import {Req} from "@tsed/common";
+import {OnVerify, PassportMiddleware, Protocol} from "@tsed/passport";
+import {BearerStrategy, ITokenPayload} from "passport-azure-ad";
+import {AuthService} from "../services/auth/AuthService";
+
+@Protocol({
+  name: "azure-bearer",
+  useStrategy: BearerStrategy
+})
+export class BearerProtocol implements OnVerify {
+  constructor(private authService: AuthService) {
+  }
+
+  $onVerify(@Req() req: Req, token: ITokenPayload) {
+    // Verify is the right place to check given token and return UserInfo
+    const {authService} = this;
+    const {options = {}} = req.ctx.endpoint.get(PassportMiddleware) || {}; // retrieve options configured for the endpoint
+    // check precondition and authenticate user by their token and given options
+    try {
+      const user = authService.verify(token, options);
+
+      if (!user) {
+        authService.add(token);
+        req.ctx.logger.info({event: "BearerStrategy - token: ", token});
+        return token;
+      }
+
+      req.ctx.logger.info({event: "BearerStrategy - user: ", token});
+      return [user, token];
+    } catch (error) {
+      req.ctx.logger.error({event: "BearerStrategy", token, error});
+      throw error;
+    }
+  }
+}
diff --git a/examples/passport-azure-ad/packages/server/src/protocols/BearerStrategy.ts b/examples/passport-azure-ad/packages/server/src/protocols/BearerStrategy.ts