-
Notifications
You must be signed in to change notification settings - Fork 353
/
auth.js
59 lines (50 loc) · 1.72 KB
/
auth.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
import { fromNow } from 'taskcluster-client-web';
import { WebAuth } from 'auth0-js';
import { loginCallbackUrl } from './url';
export const webAuth = new WebAuth({
clientID: 'q8fZZFfGEmSB2c5uSI8hOkKdDGXnlo5z',
domain: 'auth.mozilla.auth0.com',
responseType: 'id_token token',
audience: 'login.taskcluster.net',
redirectUri: `${window.location.protocol}//${window.location.host}${loginCallbackUrl}`,
scope: 'taskcluster-credentials openid profile email',
});
export const userSessionFromAuthResult = (authResult) => {
const expiresAt = JSON.stringify((authResult.expiresIn * 1000) + Date.now());
const userSession = {
idToken: authResult.idToken,
accessToken: authResult.accessToken,
fullName: authResult.idTokenPayload.nickname,
picture: authResult.idTokenPayload.picture,
oidcSubject: authResult.idTokenPayload.sub,
url: authResult.url,
// expiresAt is used by the django backend to expire the user session
expiresAt,
// per https://wiki.mozilla.org/Security/Guidelines/OpenID_connect#Session_handling
renewAfter: fromNow('15 minutes'),
};
return userSession;
};
// Wrapper around webAuth's renewAuth
export const renew = () => (
new Promise((resolve, reject) => {
webAuth.renewAuth({}, (error, authResult) => {
if (error) {
return reject(error);
}
return resolve(authResult);
});
})
);
// Wrapper around webAuth's parseHash
export const parseHash = options => (
new Promise((resolve, reject) => {
webAuth.parseHash(options, (error, authResult) => {
if (error) {
return reject(error);
}
return resolve(authResult);
});
})
);
export const loggedOutUser = { isStaff: false, username: '', email: '', isLoggedIn: false };