step 08: set Consent

kaliop · Oct 12, 2019 · ea19675 · ea19675
1 parent 90b50fa
commit ea19675
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 0 deletions.
diff --git a/app.js b/app.js
@@ -19,6 +19,7 @@ const {
   userToken,
   userInfo,
   checkUserConsent,
+  setUserConsent,
 } = require('./controllers/oidcProvider');
 
 const memoryStorage = require('./services/memoryStorage');
@@ -64,6 +65,7 @@ app.get('/user/authorize', userAuthorize);
 app.post('/user/token', userToken);
 app.get('/api/user', userInfo);
 app.get('/user/consent', checkUserConsent);
+app.post('/user/consent', setUserConsent);
 /**** END OIDC End points ****/
 
 // Setting app port

diff --git a/controllers/oidcProvider.js b/controllers/oidcProvider.js
@@ -168,6 +168,32 @@ const hasConsent = (client_id, scope, consent) => {
   return true;
 }
 
+const setUserConsent = (req, res) => {
+  const { redirect_uri, client_id, state, scope } = req.session.oidc_query;
+
+  const consentOK = (req.body.consent === 'YES');
+
+  // No Consent => redirect to the client without authentication
+  if (!consentOK) {
+    let redirectUri = `${redirect_uri}?error=consent_required`;
+    if (state) {
+      redirectUri += `&state=${state}`;
+    }
+    return res.redirect(redirectUri);
+  }
+
+  const consent = req.cookies.consent || {};
+  if (! consent[client_id]) {
+    consent[client_id] = {};
+  }
+  for (const item of scope.split(' ')) {
+    consent[client_id][item] = true;
+  }
+  res.cookie('consent', consent, {maxAge: 360000});
+
+  return loginRedirect(req, res);
+};
+
 const userInfo = (req, res) => {
   const memoryStorage = req.app.get('memoryStorage');
 
@@ -191,4 +217,5 @@ module.exports = {
   userToken,
   userInfo,
   checkUserConsent,
+  setUserConsent,
 }