feat: Use Swagger native OIDC/OAuth2 for handling user login [DEV-2921]

.github/workflows/dispatch.yml

@@ -18,7 +18,6 @@ jobs:
   call-staging:
     name: "Staging"
     needs: [ call-lint, call-build ]
-    if: ${{ github.ref_name == 'develop' }}
     uses: ./.github/workflows/staging.yml
     secrets: inherit
 

example.env

@@ -1,3 +1,4 @@
+# General
 MAINNET_RPC_URL="https://rpc.cheqd.net:443"
 TESTNET_RPC_URL="https://rpc.cheqd.network:443"
 RESOLVER_URL="https://resolver.cheqd.net/1.0/identifiers/"
@@ -9,27 +10,23 @@ ENABLE_EXTERNAL_DB="false"
 EXTERNAL_DB_CONNECTION_URL="postgres://<user>:<password>@<host>:<port>/<database>"
 EXTERNAL_DB_ENCRYPTION_KEY="<db-encryption-key>"
 EXTERNAL_DB_CERT="<path/to/extenal-db-cert>"
-
-# OpenId
-LOGTO_DEFAULT_RESOURCE_URL='http://localhost:8787'
+DEFAULT_CUSTOMER_ID="default customer id"
 
 # LogTo
-LOGTO_ENDPOINT='http://localhost:3001'
-LOGTO_APP_ID='ldfsr...rq432'
-LOGTO_APP_SECRET='sdf...sdf'
+ENABLE_AUTHENTICATION="false"
+LOGTO_ENDPOINT="http://localhost:3001"
+LOGTO_APP_ID="ldfsr...rq432"
+LOGTO_APP_SECRET="sdf...sdf"
 LOGTO_M2M_APP_ID="aaaa...ddddd"
 LOGTO_M2M_APP_SECRET="aaaa...ddddd"
 LOGTO_MANAGEMENT_API="https://default.logto.app/api"
+LOGTO_DEFAULT_RESOURCE_URL="http://localhost:8787"
 LOGTO_DEFAULT_ROLE_ID="sdf...sdf"
 LOGTO_WEBHOOK_SECRET="sdf...sdf"
-COOKIE_SECRET='sdf...sdf'
-
-# Authentication
-ENABLE_AUTHENTICATION="false"
-DEFAULT_CUSTOMER_ID="default customer id"
+COOKIE_SECRET="sdf...sdf"
 
-# verida
-ENABLE_VERIDA_CONNECTOR="string,default:false"
+# Verida
+ENABLE_VERIDA_CONNECTOR="false"
 VERIDA_PRIVATE_KEY="akjvncanv....avoa"
 POLYGON_PRIVATE_KEY="alnvca...dvncioa"
 VERIDA_NETWORK="testnet"
@@ -38,4 +35,4 @@ VERIDA_NETWORK="testnet"
 ISSUER_PRIVATE_KEY_HEX="akjvncanv....avoa"
 ISSUER_PUBLIC_KEY_HEX="alnvca...dvncioa"
 ISSUER_DID="did:cheqd:testnet:afcnoa...adv"
-DEFAULT_FEE_PAYER_MNEMONIC="sketch mountain ....."
+DEFAULT_FEE_PAYER_MNEMONIC="sketch mountain ....."

src/app.ts

@@ -22,12 +22,19 @@ dotenv.config()
 // Define Swagger file
 import swaggerDocument from './static/swagger.json' assert { type: "json" }
 
-let swaggerOptions = {}
+let swaggerOptions = {};
+
 if (process.env.ENABLE_AUTHENTICATION === 'true') {
   swaggerOptions = {
-    customJs: '/static/custom-button.js',
+    oauth2RedirectUrl: process.env.APPLICATION_BASE_URL + '/logto/sign-in',
+    persistAuthorization: true,
+    oauth: {
+      clientId: process.env.LOGTO_APP_ID,
+      clientSecret: process.env.LOGTO_APP_SECRET,
+      scopes: "openid offline_access profile email custom_data identities",
+    }
   }
-}
+};
 
 class App {
   public express: express.Application

src/types/constants.ts

@@ -5,7 +5,8 @@ const {
 	LOGTO_ENDPOINT,
 	LOGTO_APP_ID, 
 	LOGTO_APP_SECRET, 
-	APPLICATION_BASE_URL} = process.env
+	APPLICATION_BASE_URL
+} = process.env
 
 
 export const HEADERS = {