feat: extend config to describe auth providers

2026-01-08 14:32:50 +00:00 · 2021-12-23 13:09:10 +01:00
parent 322c001e70
commit 7553620a5d
4 changed files with 169 additions and 0 deletions
--- a/src/config/app.ts
+++ b/src/config/app.ts
@@ -17,6 +17,7 @@ import {Polygon} from 'geojson';
 import {SCTranslations} from '../general/i18n';
 import {SCMap} from '../general/map';
 import {SCLanguageSetting, SCSetting, SCUserGroupSetting} from '../things/setting';
+import {SCFeatureConfiguration} from './feature';

 /**
 * An app configuration menu item
--- a/src/config/authorization.ts
+++ b/src/config/authorization.ts
@@ -0,0 +1,106 @@
+/*
+ * Copyright (C) 2021 StApps
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import {SCUserConfiguration} from './user';
+
+/**
+ * Supported authorization provider types
+ *
+ * @see https://datatracker.ietf.org/doc/html/rfc6749#section-1.3.1
+ * @see https://github.com/gbv/paia
+ */
+export type SCAuthorizationProviderType = 'default' | 'paia' ;
+
+/**
+ * An authorization provider complete configuration
+ */
+export interface SCAuthorizationProvider {
+  /**
+   * An authorization provider client configuration
+   */
+  client: SCAuthorizationProviderClient;
+
+  /**
+   * An authorization provider endpoints configuration
+   */
+  endpoints: SCAuthorizationProviderEndpoints;
+}
+
+/**
+ * An authorization provider client configuration
+ */
+export interface SCAuthorizationProviderClient {
+  /**
+   * Client ID
+   */
+  clientId: string;
+
+  /**
+   * Authorization provider requires PKCE
+   */
+  pkce: boolean;
+
+  /**
+   * Redirct URL for after finishing authentication
+   */
+  redirect: string;
+
+  /**
+   * Scopes to request
+   */
+  scopes: string;
+
+  /**
+   * Main url to reach authorization provider
+   */
+  url: string;
+}
+
+/**
+ * An authorization provider endpoints configuration
+ */
+export interface SCAuthorizationProviderEndpoints {
+  /**
+   * URL to start authentication flow
+   */
+  authorization: string;
+
+  /**
+   * An authorization provider endpoints configuration
+   */
+  endSession?: string;
+
+  /**
+   * Mapping of how to create SCUser from userinfo endpoint response (using JSONPath syntax)
+   *
+   * @see https://www.npmjs.com/package/jsonpath
+   */
+  mapping: { [key in keyof SCUserConfiguration]: string; };
+
+  /**
+   * URL to revoke a token
+   */
+  revoke?: string;
+
+  /**
+   * URL to get access Token
+   */
+  token: string;
+
+  /**
+   * URL to general user info endpoint
+   */
+  userinfo: string;
+}
--- a/src/config/file.ts
+++ b/src/config/file.ts
@@ -14,6 +14,7 @@
 */
 import {SCLicensePlate} from '../general/namespaces';
 import {SCAppConfiguration} from './app';
+import {SCAuthorizationProvider, SCAuthorizationProviderType} from './authorization';
 import {SCBackendConfiguration, SCBackendInternalConfiguration} from './backend';

 /**
@@ -27,6 +28,11 @@ export interface SCConfigFile {
   */
  app: SCAppConfiguration;

+  /**
+   * Configuration for the supported authorization providers
+   */
+  auth: { [key in SCAuthorizationProviderType]: SCAuthorizationProvider; };
+
  /**
   * Configuration for the backend that is visible to clients
   */
--- a/src/config/user.ts
+++ b/src/config/user.ts
@@ -0,0 +1,56 @@
+/*
+ * Copyright (C) 2021 StApps
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation, version 3.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import {SCAcademicPriceGroup} from '../things/abstract/thing-that-can-be-offered';
+
+/**
+ * A user configuration
+ */
+export interface SCUserConfiguration {
+  /**
+   * User's e-mail
+   */
+  email?: string;
+
+  /**
+   * User's family name
+   */
+  familyName?: string;
+
+  /**
+   * User's given name
+   */
+  givenName?: string;
+
+  /**
+   * ID given to the user
+   */
+  id: string;
+
+  /**
+   * The complete name of the user combining all the parts of the name into one
+   */
+  name: string;
+
+  /**
+   * Role assigned to the user
+   */
+  role: keyof SCAcademicPriceGroup;
+
+  /**
+   * Student ID given to the user
+   */
+  studentId?: string;
+}