step 2 : userAuthorize - redirect to loginCallback

kaliop · Oct 12, 2019 · 63c1966 · 63c1966
1 parent eba88c6
commit 63c1966
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 1 deletion.
diff --git a/app.js b/app.js
@@ -14,6 +14,7 @@ const {
 
 const {
   userAuthorize,
+  loginRedirect,
 } = require('./controllers/oidcProvider');
 
 const app = express();
@@ -47,6 +48,7 @@ app.get('/logout', localLogout);
 
 /**** OIDC End points ****/
 app.get('/user/authorize', userAuthorize);
+app.get('/user/loginRedirect', loginRedirect);
 
 /**** END OIDC End points ****/
 

diff --git a/controllers/localAuthController.js b/controllers/localAuthController.js
@@ -6,6 +6,11 @@ const localLogin = async (req, res, next) => {
     // Store the user in session so it is available for future requests
     req.session.user = user;
 
+    // Redirect to client's loginCallback if we are in oidc context:
+    if (req.session.oidc_query) {
+      return res.redirect('/user/loginRedirect');
+    }
+
     return res.redirect('/');
   } catch (error) {
     return next(error);

diff --git a/controllers/oidcProvider.js b/controllers/oidcProvider.js
@@ -1,4 +1,6 @@
-const config = require('../config');
+const
+  crypto = require('crypto'),
+  config = require('../config');
 
 // local helper
 const findClient = client_id => config.clients.find(item => item.client_id === client_id);
@@ -34,10 +36,43 @@ const userAuthorize = (req, res) => {
   // store input request parameters into session to be used after authentification
   req.session.oidc_query = req.query;
 
+  // if user is already authenticated, redirect directly to client's redirect_uri
+  if (req.session.user) {
+    return loginRedirect(req, res);
+  }
+
   // redirect to  login form
   return res.redirect('/login');
 };
 
+const loginRedirect = (req, res) => {
+  if (!req.session.user) {
+    console.error('missing user');
+    return res.setStatus(500);
+  }
+
+  if (!req.session.oidc_query) {
+    console.error('missing oidc query data');
+    return res.setStatus(500);
+  }
+
+  try {
+    const code = crypto.randomBytes(20).toString('hex');
+
+    let redirectUri = `${req.session.oidc_query.redirect_uri}?code=${code}`;
+    if (req.session.oidc_query.state) {
+      redirectUri += `&state=${req.session.oidc_query.state}`;
+    }
+
+    return res.redirect(redirectUri);
+
+  } catch (error) {
+    console.error(error);
+    return res.sendStatus(500);
+  }
+}
+
 module.exports = {
   userAuthorize,
+  loginRedirect,
 }