diff --git a/index.mjs b/index.mjs index 6a28112..7a5370f 100644 --- a/index.mjs +++ b/index.mjs @@ -3,8 +3,8 @@ import { Server } from '@hocuspocus/server'; const authorizer = new Authorizer({ clientID: process.env.AUTHORIZER_CLIENT_ID || '', - authorizerURL: 'https://auth.discours.io', - redirectURL: 'https://testing.discours.io', + authorizerURL: process.env.AUTHORIZER_URL || 'https://auth.discours.io', + redirectURL: process.env.REDIRECT_URL || 'https://testing.discours.io', }); const server = Server.configure({ @@ -13,30 +13,40 @@ const server = Server.configure({ connection.requiresAuthentication = true; }, onAuthenticate(data) { - if (data.requestHeaders) { - const params = { - token_type: 'access_token', - token: data.requestHeaders['authorization'] || '', - }; - if (params.token) { - authorizer.validateJWTToken(params) - .then(response => { - - if (response?.data?.is_valid) { - const { sub: user, allowed_roles: roles } = response.data.claims; - console.debug(`user_id: ${user} roles: ${roles}`); - return { - id: user, - roles, - }; - } - }).catch((e) => { - console.error(e) - console.error('no valid auth token presented'); - throw new Error('Not authorized!'); - }) - } + if (!data.requestHeaders) { + console.error('Request headers not found'); + return null; } + + const params = { + token_type: 'access_token', + token: data.requestHeaders['authorization'] || '', + }; + + if (!params.token) { + console.error('Authorization token not found'); + return null; + } + + return authorizer.validateJWTToken(params) + .then(response => { + if (!response?.data?.is_valid) { + console.error('Invalid authorization token'); + return null; + } + + const { sub: user, allowed_roles: roles } = response.data.claims; + console.debug(`user_id: ${user} roles: ${roles}`); + return { + id: user, + roles: Array.isArray(roles) ? roles : [roles], + }; + }) + .catch(e => { + console.error('Error validating authorization token:', e.message); + console.error(e.stack); + return null; + }); }, });