Created
August 2, 2020 12:15
-
-
Save anishsujanani/72c7779f8b25a5f32b7c2a10851f179b to your computer and use it in GitHub Desktop.
Custom OAuth - Auth serv - /auth
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // given a set of client details that have hit the /auth endpoint, | |
| // check if they are valid and if a code should be issued | |
| // this implementation checks for existance of client_id, referer, redirect_uri, | |
| // requires response_type == 'code', requries state parameter | |
| const validate_client = (client_details) => { | |
| var known_client = registered_clients[client_details.client_id]; | |
| if(known_client == null) | |
| return false; | |
| if (client_details.referer == known_client.referer) { | |
| if (client_details.redirect_uri == known_client.redirect_uri) { | |
| if (client_details.state && client_details.response_type == 'code') { | |
| return true; | |
| } | |
| } | |
| } | |
| }; | |
| // endpoint that the client will redirect the resource owner to | |
| // when the resource owner picks a scope and hits 'Authenticate Me' from the client page | |
| app.get('/auth', (req, res) => { | |
| // put all request details into one structure | |
| var client_details = req.query; | |
| client_details.referer = req.headers.referer; | |
| // validate the structure - if the client requesting for auth is integrated with this auth server | |
| // if allowed, perform the actual authentication with the resource-owner based on said client | |
| if(validate_client(client_details)) { | |
| res.render('authpage', { | |
| client_uri: client_details.referer, | |
| selected_scope: client_details.scope, | |
| client_redirect_uri: client_details.redirect_uri, | |
| state: client_details.state | |
| }); | |
| } | |
| else { | |
| res.send('WRONG CLIENT'); | |
| } | |
| }); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment