Last active
August 2, 2020 13:20
-
-
Save anishsujanani/e2a61dd6000171caae63d81a1ade0904 to your computer and use it in GitHub Desktop.
Custom OAuth serv- consent - with RBAC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| app.post('/consent', (req, res) => { | |
| var token = null; | |
| // implement a new scope here | |
| // that when requested, sends back all details about the user | |
| // eg. the roles that the user has across applications and any custom attributes | |
| // this may be used across internal applications and services and even for SSO | |
| if (req.body.selected_scope == 'getallrolesandperms') { | |
| token = { | |
| authorized: true, | |
| username: 'username_from_auth_server_session', // req.session.username | |
| scope: req.body.selected_scope, | |
| roles: { | |
| app1: 'admin', | |
| app2: 'admin user', | |
| app3: 'user' | |
| }, | |
| special_attributes: { | |
| dog_person: true, | |
| cat_person: false | |
| } | |
| } | |
| } | |
| else { | |
| token = {authorized: true, username: 'username_here_from_auth_server_session', scope: req.body.selected_scope}; | |
| } | |
| var code = crypto.randomBytes(5).toString('hex'); | |
| code_token_cache[code] = token; | |
| res.redirect(req.body.redirect_uri + `?state=${req.body.state}&code=${code}`); | |
| }); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment