crdt-server/index.ts

import { Server, onAuthenticatePayload } from "@hocuspocus/server";
import { ApiResponse, Authorizer, ConfigType, ValidateJWTTokenInput, ValidateJWTTokenResponse } from '@authorizerdev/authorizer-js';

const authorizer = new Authorizer({
  clientID: process.env.AUTHORIZER_CLIENT_ID,
  authorizerURL: 'https://auth.discours.io',
  redirectURL: 'https://testing.discours.io'
} as ConfigType);


const server = await Server.configure({
  port: 4242,
  async onConnect({ connection }) {
    connection.requiresAuthentication = false;  // FIXME
  },
  async onAuthenticate(data: onAuthenticatePayload) {
    // Danger! This won’t be called for that connection attempt.

    if (data.requestHeaders) {
      const params: ValidateJWTTokenInput = {
        token_type: 'access_token',
        token: data.requestHeaders['authorization'] || '',
      }
      if (params.token) {
        // NOTE: ожидаем, что клиент отправит токен
        const response: ApiResponse<ValidateJWTTokenResponse> = await authorizer.validateJWTToken(params)
        if(response?.data?.is_valid) {
          const { sub: user, allowed_roles: roles } = response.data.claims
          console.debug(`user_id: ${user} roles: ${roles}`)
        } else {
          console.debug('no valid auth token presented')
        }
      }
    }

  },
}).listen();

server.listen();