authorizer-wip

2024-02-05 14:39:28 +03:00
parent 50414a3ebd
commit 0c484f71dc
7 changed files with 114 additions and 59 deletions
--- a/index.ts
+++ b/index.ts
@@ -0,0 +1,39 @@
+import { Server, onAuthenticatePayload } from "@hocuspocus/server";
+import { ApiResponse, Authorizer, ConfigType, ValidateJWTTokenInput, ValidateJWTTokenResponse } from '@authorizerdev/authorizer-js';
+
+const authorizer = new Authorizer({
+  clientID: process.env.AUTHORIZER_CLIENT_ID,
+  authorizerURL: 'https://auth.discours.io',
+  redirectURL: 'https://testing.discours.io'
+} as ConfigType);
+
+
+const server = await Server.configure({
+  port: 4242,
+  async onConnect({ connection }) {
+    connection.requiresAuthentication = false;  // FIXME
+  },
+  async onAuthenticate(data: onAuthenticatePayload) {
+    // Danger! This won’t be called for that connection attempt.
+
+    if (data.requestHeaders) {
+      const params: ValidateJWTTokenInput = {
+        token_type: 'access_token',
+        token: data.requestHeaders['authorization'] || '',
+      }
+      if (params.token) {
+        // NOTE: ожидаем, что клиент отправит токен
+        const response: ApiResponse<ValidateJWTTokenResponse> = await authorizer.validateJWTToken(params)
+        if(response?.data?.is_valid) {
+          const { sub: user, allowed_roles: roles } = response.data.claims
+          console.debug(`user_id: ${user} roles: ${roles}`)
+        } else {
+          console.debug('no valid auth token presented')
+        }
+      }
+    }
+
+  },
+}).listen();
+
+server.listen();