/* * Copyright (C) 2021 StApps * This program is free software: you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the Free * Software Foundation, version 3. * * This program is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for * more details. * * You should have received a copy of the GNU General Public License along with * this program. If not, see . */ import { StorageBackend, Requestor, AuthorizationServiceConfiguration, AuthorizationServiceConfigurationJson, } from '@openid/appauth'; import {Browser, IAuthConfig} from 'ionic-appauth'; import {PAIAAuthService} from '../paia/paia-auth.service'; import config from '../../../../../capacitor.config'; import {ConfigProvider} from '../../config/config.provider'; import { SCAuthorizationProvider, SCAuthorizationProviderType, } from '@openstapps/core'; import {DefaultAuthService} from '../default-auth.service'; import {Capacitor} from '@capacitor/core'; import {authPaths} from '../auth-paths'; import {environment} from '../../../../environments/environment'; export const authFactory = ( requestor: Requestor, browser: Browser, storage: StorageBackend, configProvider: ConfigProvider, ) => { const authService = new DefaultAuthService(browser, storage, requestor); const authConfig = configProvider.getAnyValue('auth') as { default: SCAuthorizationProvider; }; authService.authConfig = getClientConfig('default', authConfig); authService.localConfiguration = new AuthorizationServiceConfiguration( getEndpointsConfig('default', authConfig), ); return authService; }; export const paiaAuthFactory = ( requestor: Requestor, browser: Browser, storage: StorageBackend, configProvider: ConfigProvider, ) => { const authService = new PAIAAuthService(browser, storage, requestor); const authConfig = configProvider.getAnyValue('auth') as { paia: SCAuthorizationProvider; }; authService.authConfig = getClientConfig('paia', authConfig); authService.localConfiguration = new AuthorizationServiceConfiguration( getEndpointsConfig('paia', authConfig), ); return authService; }; /** * Get configuration of an OAuth2 client */ function getClientConfig( providerType: SCAuthorizationProviderType, authConfig: { default?: SCAuthorizationProvider; paia?: SCAuthorizationProvider; }, ): IAuthConfig { const providerConfig = authConfig[providerType] as SCAuthorizationProvider; return { end_session_redirect_url: '', pkce: true, scopes: providerConfig.client.scopes, server_host: providerConfig.client.url, client_id: providerConfig.client.clientId, redirect_url: getRedirectUrl(authPaths[providerType].redirect_path), }; } /** * Get configuration about endpoints of an OAuth2 server */ function getEndpointsConfig( providerType: SCAuthorizationProviderType, authConfig: { default?: SCAuthorizationProvider; paia?: SCAuthorizationProvider; }, ): AuthorizationServiceConfigurationJson { const providerConfig = authConfig[providerType] as SCAuthorizationProvider; return { authorization_endpoint: providerConfig.endpoints.authorization, end_session_endpoint: providerConfig.endpoints.endSession, revocation_endpoint: providerConfig.endpoints.revoke ?? '', token_endpoint: providerConfig.endpoints.token, userinfo_endpoint: providerConfig.endpoints.userinfo, }; } /** * Return a URL of the app, depending on the platform where it is running */ function getRedirectUrl(routePath: string): string { const appSchema = Capacitor.isNativePlatform() ? config.appId : 'https'; return `${appSchema}://${environment.app_host}/${routePath}`; }