openstapps/src/app/modules/auth/factories/auth.factory.ts

/*
 * Copyright (C) 2021 StApps
 * This program is free software: you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the Free
 * Software Foundation, version 3.
 *
 * This program is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
 * more details.
 *
 * You should have received a copy of the GNU General Public License along with
 * this program. If not, see <https://www.gnu.org/licenses/>.
 */

import {
  StorageBackend,
  Requestor,
  AuthorizationServiceConfiguration,
  AuthorizationServiceConfigurationJson,
} from '@openid/appauth';
import {Browser, IAuthConfig} from 'ionic-appauth';
import {PAIAAuthService} from '../paia/paia-auth.service';
import config from '../../../../../capacitor.config';
import {ConfigProvider} from '../../config/config.provider';
import {
  SCAuthorizationProvider,
  SCAuthorizationProviderType,
} from '@openstapps/core';
import {DefaultAuthService} from '../default-auth.service';
import {Capacitor} from '@capacitor/core';
import {authPaths} from '../auth-paths';
import {environment} from '../../../../environments/environment';

export const authFactory = (
  requestor: Requestor,
  browser: Browser,
  storage: StorageBackend,
  configProvider: ConfigProvider,
) => {
  const authService = new DefaultAuthService(browser, storage, requestor);
  const authConfig = configProvider.getAnyValue('auth') as {
    default: SCAuthorizationProvider;
  };

  authService.authConfig = getClientConfig('default', authConfig);

  authService.localConfiguration = new AuthorizationServiceConfiguration(
    getEndpointsConfig('default', authConfig),
  );

  return authService;
};

export const paiaAuthFactory = (
  requestor: Requestor,
  browser: Browser,
  storage: StorageBackend,
  configProvider: ConfigProvider,
) => {
  const authService = new PAIAAuthService(browser, storage, requestor);
  const authConfig = configProvider.getAnyValue('auth') as {
    paia: SCAuthorizationProvider;
  };

  authService.authConfig = getClientConfig('paia', authConfig);

  authService.localConfiguration = new AuthorizationServiceConfiguration(
    getEndpointsConfig('paia', authConfig),
  );

  return authService;
};

/**
 * Get configuration of an OAuth2 client
 */
function getClientConfig(
  providerType: SCAuthorizationProviderType,
  authConfig: {
    default?: SCAuthorizationProvider;
    paia?: SCAuthorizationProvider;
  },
): IAuthConfig {
  const providerConfig = authConfig[providerType] as SCAuthorizationProvider;
  return {
    end_session_redirect_url: '',
    pkce: true,
    scopes: providerConfig.client.scopes,
    server_host: providerConfig.client.url,
    client_id: providerConfig.client.clientId,
    redirect_url: getRedirectUrl(authPaths[providerType].redirect_path),
  };
}

/**
 * Get configuration about endpoints of an OAuth2 server
 */
function getEndpointsConfig(
  providerType: SCAuthorizationProviderType,
  authConfig: {
    default?: SCAuthorizationProvider;
    paia?: SCAuthorizationProvider;
  },
): AuthorizationServiceConfigurationJson {
  const providerConfig = authConfig[providerType] as SCAuthorizationProvider;
  return {
    authorization_endpoint: providerConfig.endpoints.authorization,
    end_session_endpoint: providerConfig.endpoints.endSession,
    revocation_endpoint: providerConfig.endpoints.revoke ?? '',
    token_endpoint: providerConfig.endpoints.token,
    userinfo_endpoint: providerConfig.endpoints.userinfo,
  };
}

/**
 * Return a URL of the app, depending on the platform where it is running
 */
function getRedirectUrl(routePath: string): string {
  const appSchema = Capacitor.isNativePlatform() ? config.appId : 'https';
  return `${appSchema}://${environment.app_host}/${routePath}`;
}