-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.ts
More file actions
102 lines (88 loc) · 4.21 KB
/
Copy pathindex.ts
File metadata and controls
102 lines (88 loc) · 4.21 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
import type { OAuth2Adapter, OAuth2UserInfo } from "adminforth";
import { createRemoteJWKSet, jwtVerify } from "jose";
const GOOGLE_ISSUERS = ["https://accounts.google.com", "accounts.google.com"];
const googleJWKS = createRemoteJWKSet(new URL("https://www.googleapis.com/oauth2/v3/certs"));
export default class AdminForthAdapterGoogleOauth2 implements OAuth2Adapter {
private clientID: string;
private clientSecret: string;
private useOpenIdConnect: boolean;
constructor(options: {
clientID: string;
clientSecret: string;
useOpenID?: boolean;
useOpenIdConnect?: boolean;
}) {
this.clientID = options.clientID;
this.clientSecret = options.clientSecret;
this.useOpenIdConnect = (!!options.useOpenIdConnect || !!options.useOpenID) ?? true;
}
getAuthUrl(): string {
const params = new URLSearchParams({
client_id: this.clientID,
response_type: 'code',
scope: 'openid email profile',
access_type: 'offline'
});
return `https://accounts.google.com/o/oauth2/v2/auth?${params.toString()}`;
}
async getTokenFromCode(code: string, redirect_uri: string): Promise<OAuth2UserInfo> {
const tokenResponse = await fetch('https://oauth2.googleapis.com/token', {
method: 'POST',
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
body: new URLSearchParams({
code,
client_id: this.clientID,
client_secret: this.clientSecret,
redirect_uri,
grant_type: 'authorization_code',
}),
});
const tokenData = await tokenResponse.json();
if (tokenData.error) {
console.error('Token error:', tokenData);
throw new Error(tokenData.error_description || tokenData.error);
}
if (this.useOpenIdConnect && tokenData.id_token) {
try {
const { payload } = await jwtVerify(tokenData.id_token, googleJWKS, {
issuer: GOOGLE_ISSUERS,
audience: this.clientID,
algorithms: ["RS256"],
});
if (typeof payload.email === 'string') {
return {
provider: this.constructor.name,
subject: payload.sub,
email: payload.email,
fullName: typeof payload.name === 'string' ? payload.name : undefined,
profilePictureUrl: typeof payload.picture === 'string' ? payload.picture : undefined
};
}
} catch (error) {
console.error("Error verifying token:", error);
throw error;
}
}
const userResponse = await fetch('https://www.googleapis.com/oauth2/v2/userinfo', {
headers: { Authorization: `Bearer ${tokenData.access_token}` },
});
const userData = await userResponse.json();
if (userData.error) {
throw new Error(userData.error_description || userData.error);
}
return {
provider: this.constructor.name,
subject: userData.id,
email: userData.email,
fullName: userData.name,
profilePictureUrl: userData.picture
};
}
getName(): string {
return 'Google';
}
getIcon(): string {
return `<?xml version="1.0" encoding="utf-8"?>
<svg viewBox="-3 0 262 262" xmlns="http://www.w3.org/2000/svg" preserveAspectRatio="xMidYMid"><path d="M255.878 133.451c0-10.734-.871-18.567-2.756-26.69H130.55v48.448h71.947c-1.45 12.04-9.283 30.172-26.69 42.356l-.244 1.622 38.755 30.023 2.685.268c24.659-22.774 38.875-56.282 38.875-96.027" fill="#4285F4"/><path d="M130.55 261.1c35.248 0 64.839-11.605 86.453-31.622l-41.196-31.913c-11.024 7.688-25.82 13.055-45.257 13.055-34.523 0-63.824-22.773-74.269-54.25l-1.531.13-40.298 31.187-.527 1.465C35.393 231.798 79.49 261.1 130.55 261.1" fill="#34A853"/><path d="M56.281 156.37c-2.756-8.123-4.351-16.827-4.351-25.82 0-8.994 1.595-17.697 4.206-25.82l-.073-1.73L15.26 71.312l-1.335.635C5.077 89.644 0 109.517 0 130.55s5.077 40.905 13.925 58.602l42.356-32.782" fill="#FBBC05"/><path d="M130.55 50.479c24.514 0 41.05 10.589 50.479 19.438l36.844-35.974C195.245 12.91 165.798 0 130.55 0 79.49 0 35.393 29.301 13.925 71.947l42.211 32.783c10.59-31.477 39.891-54.251 74.414-54.251" fill="#EB4335"/></svg>`;
}
}