feat: add env-property for default issuer

chore: change admin-handling
Merge branch 'dependabot-docker-node-18' into 'main'
2022-04-26 09:55:56 +02:00 · 2022-04-25 21:26:01 +02:00 · 2022-04-21 06:04:31 +00:00 · 2022-04-21 06:00:42 +00:00
2 changed files with 15 additions and 12 deletions
@@ -1,4 +1,4 @@
-FROM node:17
+FROM node:18
 ENV AUDIENCE "https://shiny.unbound.se"
 ENV ORIGIN_HOST "auth0mock"
 ENV ORIGIN "https://auth0mock:3333"
@@ -11,10 +11,10 @@ const bodyParser = require('body-parser')
 const favicon = require('serve-favicon')
 const cert = require('./cert')

-let issuer = 'localhost:3333'
+let issuer = process.env.ISSUER || 'localhost:3333'
 let jwksOrigin = `https://${issuer}/`
 const audience = process.env.AUDIENCE || 'https://generic-audience'
-const adminRole = process.env.ADMIN_ROLE || 'admin'
+const adminCustomClaim = process.env.ADMIN_CUSTOM_CLAIM || 'https://unbound.se/admin'

 const debug = Debug('app')

@@ -54,7 +54,12 @@ app.post('/oauth/token', (req, res) => {
    keyid: thumbprint
  })

-  let idToken = jwt.sign(Buffer.from(JSON.stringify({
+  const token = session.customClaims.reduce((acc, claim) => {
+    return {
+      ...acc,
+      ...claim
+    }
+  }, {
    iss: jwksOrigin,
    aud: session.clientId,
    nonce: session.nonce,
@@ -63,9 +68,9 @@ app.post('/oauth/token', (req, res) => {
    exp: date + 7200,
    azp: session.clientId,
    name: 'Example Person',
-    picture: 'https://cdn.playbuzz.com/cdn/5458360f-32ea-460e-a707-1a2d26760558/70bda687-cb84-4756-8a44-8cf735ed87b3.jpg',
-    'https://unbound.se/roles': session.roles
-  })), privateKey, {
+    picture: 'https://cdn.playbuzz.com/cdn/5458360f-32ea-460e-a707-1a2d26760558/70bda687-cb84-4756-8a44-8cf735ed87b3.jpg'
+  })
+  let idToken = jwt.sign(Buffer.from(JSON.stringify(token)), privateKey, {
    algorithm: 'RS256',
    keyid: thumbprint
  })
@@ -104,10 +109,8 @@ app.post('/code', (req, res) => {
  const code = req.body.codeChallenge
  challenges[req.body.codeChallenge] = code
  const state = req.body.state
-  let roles = []
-  if (req.body.admin === 'true') {
-    roles = [adminRole]
-  }
+  const claim = {}
+  claim[adminCustomClaim] = req.body.admin === 'true'
  sessions[code] = {
    email: req.body.email,
    password: req.body.password,
@@ -115,7 +118,7 @@ app.post('/code', (req, res) => {
    nonce: req.body.nonce,
    clientId: req.body.clientId,
    codeChallenge: req.body.codeChallenge,
-    roles: roles
+    customClaims: [claim]
  }
  res.redirect(`${req.body.redirect}?domain=${issuer}&code=${code}&state=${encodeURIComponent(state)}`)
 })
Author	SHA1	Message	Date
argoyle	b009965908	feat: add env-property for default issuer	2022-04-26 09:55:56 +02:00
argoyle	cc1b28f81f	chore: change admin-handling	2022-04-25 21:26:01 +02:00
argoyle	99a55a45e3	Merge branch 'dependabot-docker-node-18' into 'main' Chore(deps): bump node from 17 to 18 See merge request unboundsoftware/auth0mock!34	2022-04-21 06:04:31 +00:00
argoyle	7b6ff1fa0e	Chore(deps): bump node from 17 to 18 Bumps node from 17 to 18.	2022-04-21 06:00:42 +00:00