From 7553620a5d330ebfb66461afeab700e36bd37165 Mon Sep 17 00:00:00 2001 From: Rainer Killinger Date: Thu, 23 Dec 2021 13:09:10 +0100 Subject: [PATCH] feat: extend config to describe auth providers --- src/config/app.ts | 1 + src/config/authorization.ts | 106 ++++++++++++++++++++++++++++++++++++ src/config/file.ts | 6 ++ src/config/user.ts | 56 +++++++++++++++++++ 4 files changed, 169 insertions(+) create mode 100644 src/config/authorization.ts create mode 100644 src/config/user.ts diff --git a/src/config/app.ts b/src/config/app.ts index 4ff90223..96c0d33b 100644 --- a/src/config/app.ts +++ b/src/config/app.ts @@ -17,6 +17,7 @@ import {Polygon} from 'geojson'; import {SCTranslations} from '../general/i18n'; import {SCMap} from '../general/map'; import {SCLanguageSetting, SCSetting, SCUserGroupSetting} from '../things/setting'; +import {SCFeatureConfiguration} from './feature'; /** * An app configuration menu item diff --git a/src/config/authorization.ts b/src/config/authorization.ts new file mode 100644 index 00000000..eed92f99 --- /dev/null +++ b/src/config/authorization.ts @@ -0,0 +1,106 @@ +/* + * Copyright (C) 2021 StApps + * This program is free software: you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation, version 3. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program. If not, see . + */ + +import {SCUserConfiguration} from './user'; + +/** + * Supported authorization provider types + * + * @see https://datatracker.ietf.org/doc/html/rfc6749#section-1.3.1 + * @see https://github.com/gbv/paia + */ +export type SCAuthorizationProviderType = 'default' | 'paia' ; + +/** + * An authorization provider complete configuration + */ +export interface SCAuthorizationProvider { + /** + * An authorization provider client configuration + */ + client: SCAuthorizationProviderClient; + + /** + * An authorization provider endpoints configuration + */ + endpoints: SCAuthorizationProviderEndpoints; +} + +/** + * An authorization provider client configuration + */ +export interface SCAuthorizationProviderClient { + /** + * Client ID + */ + clientId: string; + + /** + * Authorization provider requires PKCE + */ + pkce: boolean; + + /** + * Redirct URL for after finishing authentication + */ + redirect: string; + + /** + * Scopes to request + */ + scopes: string; + + /** + * Main url to reach authorization provider + */ + url: string; +} + +/** + * An authorization provider endpoints configuration + */ +export interface SCAuthorizationProviderEndpoints { + /** + * URL to start authentication flow + */ + authorization: string; + + /** + * An authorization provider endpoints configuration + */ + endSession?: string; + + /** + * Mapping of how to create SCUser from userinfo endpoint response (using JSONPath syntax) + * + * @see https://www.npmjs.com/package/jsonpath + */ + mapping: { [key in keyof SCUserConfiguration]: string; }; + + /** + * URL to revoke a token + */ + revoke?: string; + + /** + * URL to get access Token + */ + token: string; + + /** + * URL to general user info endpoint + */ + userinfo: string; +} diff --git a/src/config/file.ts b/src/config/file.ts index 16c4bfd7..42ae86f8 100644 --- a/src/config/file.ts +++ b/src/config/file.ts @@ -14,6 +14,7 @@ */ import {SCLicensePlate} from '../general/namespaces'; import {SCAppConfiguration} from './app'; +import {SCAuthorizationProvider, SCAuthorizationProviderType} from './authorization'; import {SCBackendConfiguration, SCBackendInternalConfiguration} from './backend'; /** @@ -27,6 +28,11 @@ export interface SCConfigFile { */ app: SCAppConfiguration; + /** + * Configuration for the supported authorization providers + */ + auth: { [key in SCAuthorizationProviderType]: SCAuthorizationProvider; }; + /** * Configuration for the backend that is visible to clients */ diff --git a/src/config/user.ts b/src/config/user.ts new file mode 100644 index 00000000..971c6f9b --- /dev/null +++ b/src/config/user.ts @@ -0,0 +1,56 @@ +/* + * Copyright (C) 2021 StApps + * This program is free software: you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation, version 3. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program. If not, see . + */ + +import {SCAcademicPriceGroup} from '../things/abstract/thing-that-can-be-offered'; + +/** + * A user configuration + */ +export interface SCUserConfiguration { + /** + * User's e-mail + */ + email?: string; + + /** + * User's family name + */ + familyName?: string; + + /** + * User's given name + */ + givenName?: string; + + /** + * ID given to the user + */ + id: string; + + /** + * The complete name of the user combining all the parts of the name into one + */ + name: string; + + /** + * Role assigned to the user + */ + role: keyof SCAcademicPriceGroup; + + /** + * Student ID given to the user + */ + studentId?: string; +}