-
-
Notifications
You must be signed in to change notification settings - Fork 312
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
14 changed files
with
184 additions
and
28 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
import { Injectable } from '@nestjs/common'; | ||
import { AuthGuard } from '@nestjs/passport'; | ||
|
||
@Injectable() | ||
export class OIDCGuard extends AuthGuard('openidconnect') {} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
17 changes: 17 additions & 0 deletions
17
apps/nestjs-backend/src/features/auth/social/controller.adapter.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
import type { Response } from 'express'; | ||
import type { IOauth2State } from '../../../cache/types'; | ||
|
||
export class ControllerAdapter { | ||
// eslint-disable-next-line @typescript-eslint/no-empty-function | ||
async authenticate() {} | ||
|
||
async callback(req: Express.Request, res: Response) { | ||
const user = req.user!; | ||
// set cookie, passport login | ||
await new Promise<void>((resolve, reject) => { | ||
req.login(user, (err) => (err ? reject(err) : resolve())); | ||
}); | ||
const redirectUri = (req.authInfo as { state: IOauth2State })?.state?.redirectUri; | ||
return res.redirect(redirectUri || '/'); | ||
} | ||
} |
16 changes: 6 additions & 10 deletions
16
apps/nestjs-backend/src/features/auth/social/github/github.controller.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,27 +1,23 @@ | ||
import { Controller, Get, Req, Res, UseGuards } from '@nestjs/common'; | ||
import { Response } from 'express'; | ||
import type { IOauth2State } from '../../../../cache/types'; | ||
import { Public } from '../../decorators/public.decorator'; | ||
import { GithubGuard } from '../../guard/github.guard'; | ||
import { ControllerAdapter } from '../controller.adapter'; | ||
|
||
@Controller('api/auth') | ||
export class GithubController { | ||
export class GithubController extends ControllerAdapter { | ||
@Get('/github') | ||
@Public() | ||
@UseGuards(GithubGuard) | ||
// eslint-disable-next-line @typescript-eslint/no-empty-function | ||
async githubAuthenticate() {} | ||
async githubAuthenticate() { | ||
return super.authenticate(); | ||
} | ||
|
||
@Get('/github/callback') | ||
@Public() | ||
@UseGuards(GithubGuard) | ||
async githubCallback(@Req() req: Express.Request, @Res({ passthrough: true }) res: Response) { | ||
const user = req.user!; | ||
// set cookie, passport login | ||
await new Promise<void>((resolve, reject) => { | ||
req.login(user, (err) => (err ? reject(err) : resolve())); | ||
}); | ||
const redirectUri = (req.authInfo as { state: IOauth2State })?.state?.redirectUri; | ||
return res.redirect(redirectUri || '/'); | ||
return super.callback(req, res); | ||
} | ||
} |
16 changes: 6 additions & 10 deletions
16
apps/nestjs-backend/src/features/auth/social/google/google.controller.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,27 +1,23 @@ | ||
import { Controller, Get, Req, Res, UseGuards } from '@nestjs/common'; | ||
import { Response } from 'express'; | ||
import type { IOauth2State } from '../../../../cache/types'; | ||
import { Public } from '../../decorators/public.decorator'; | ||
import { GoogleGuard } from '../../guard/google.guard'; | ||
import { ControllerAdapter } from '../controller.adapter'; | ||
|
||
@Controller('api/auth') | ||
export class GoogleController { | ||
export class GoogleController extends ControllerAdapter { | ||
@Get('/google') | ||
@Public() | ||
@UseGuards(GoogleGuard) | ||
// eslint-disable-next-line @typescript-eslint/no-empty-function | ||
async googleAuthenticate() {} | ||
async googleAuthenticate() { | ||
return super.authenticate(); | ||
} | ||
|
||
@Get('/google/callback') | ||
@Public() | ||
@UseGuards(GoogleGuard) | ||
async googleCallback(@Req() req: Express.Request, @Res({ passthrough: true }) res: Response) { | ||
const user = req.user!; | ||
// set cookie, passport login | ||
await new Promise<void>((resolve, reject) => { | ||
req.login(user, (err) => (err ? reject(err) : resolve())); | ||
}); | ||
const redirectUri = (req.authInfo as { state: IOauth2State })?.state?.redirectUri; | ||
return res.redirect(redirectUri || '/'); | ||
return super.callback(req, res); | ||
} | ||
} |
23 changes: 23 additions & 0 deletions
23
apps/nestjs-backend/src/features/auth/social/oidc/oidc.controller.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
import { Controller, Get, Req, Res, UseGuards } from '@nestjs/common'; | ||
import { Response } from 'express'; | ||
import { Public } from '../../decorators/public.decorator'; | ||
import { OIDCGuard } from '../../guard/oidc.guard'; | ||
import { ControllerAdapter } from '../controller.adapter'; | ||
|
||
@Controller('api/auth') | ||
export class OIDCController extends ControllerAdapter { | ||
@Get('/oidc') | ||
@Public() | ||
@UseGuards(OIDCGuard) | ||
// eslint-disable-next-line @typescript-eslint/no-empty-function | ||
async githubAuthenticate() { | ||
return super.authenticate(); | ||
} | ||
|
||
@Get('/oidc/callback') | ||
@Public() | ||
@UseGuards(OIDCGuard) | ||
async githubCallback(@Req() req: Express.Request, @Res({ passthrough: true }) res: Response) { | ||
return super.callback(req, res); | ||
} | ||
} |
13 changes: 13 additions & 0 deletions
13
apps/nestjs-backend/src/features/auth/social/oidc/oidc.module.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
import { Module } from '@nestjs/common'; | ||
import { UserModule } from '../../../user/user.module'; | ||
import { OauthStoreService } from '../../oauth/oauth.store'; | ||
import { OIDCStrategy } from '../../strategies/oidc.strategy'; | ||
import { OIDCController } from './oidc.controller'; | ||
|
||
@Module({ | ||
imports: [UserModule], | ||
providers: [OIDCStrategy, OauthStoreService], | ||
exports: [], | ||
controllers: [OIDCController], | ||
}) | ||
export class OIDCModule {} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
48 changes: 48 additions & 0 deletions
48
apps/nestjs-backend/src/features/auth/strategies/oidc.strategy.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
import { Injectable, UnauthorizedException } from '@nestjs/common'; | ||
import { ConfigType } from '@nestjs/config'; | ||
import { PassportStrategy } from '@nestjs/passport'; | ||
import type { Profile } from 'passport-openidconnect'; | ||
import { Strategy } from 'passport-openidconnect'; | ||
import { AuthConfig } from '../../../configs/auth.config'; | ||
import type { authConfig } from '../../../configs/auth.config'; | ||
import { UserService } from '../../user/user.service'; | ||
import { OauthStoreService } from '../oauth/oauth.store'; | ||
import { pickUserMe } from '../utils'; | ||
|
||
@Injectable() | ||
export class OIDCStrategy extends PassportStrategy(Strategy, 'openidconnect') { | ||
constructor( | ||
@AuthConfig() readonly config: ConfigType<typeof authConfig>, | ||
private usersService: UserService, | ||
oauthStoreService: OauthStoreService | ||
) { | ||
const { other, ...rest } = config.oidc; | ||
console.log('OIDCStrategy', other); | ||
super({ | ||
...rest, | ||
state: true, | ||
store: oauthStoreService, | ||
...other, | ||
}); | ||
} | ||
|
||
async validate(_issuer: string, profile: Profile) { | ||
const { id, emails, displayName, photos } = profile; | ||
const email = emails?.[0].value; | ||
if (!email) { | ||
throw new UnauthorizedException('No email provided from Google'); | ||
} | ||
const user = await this.usersService.findOrCreateUser({ | ||
name: displayName, | ||
email, | ||
provider: 'oidc', | ||
providerId: id, | ||
type: 'oauth', | ||
avatarUrl: photos?.[0].value, | ||
}); | ||
if (!user) { | ||
throw new UnauthorizedException('Failed to create user from Google profile'); | ||
} | ||
return pickUserMe(user); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.