Skip to content

Commit 4f4d7ed

Browse files
brendandburnsbrendandburns
committed
Changes for new OIDC client API
1 parent fbc8c92 commit 4f4d7ed

File tree

1 file changed

+32
-6
lines changed

1 file changed

+32
-6
lines changed

src/oidc_auth.ts

Lines changed: 32 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
import https = require('https');
2-
import { Client, ClientMetadata, Issuer } from 'openid-client';
2+
import * as oidc from 'openid-client';
3+
import { ClientMetadata } from 'openid-client';
34
import request = require('request');
45
import { base64url } from 'rfc4648';
56
import { TextDecoder } from 'util';
@@ -13,6 +14,29 @@ interface JwtObj {
1314
signature: string;
1415
}
1516

17+
interface Token {
18+
id_token: string;
19+
refresh_token: string;
20+
expires_at: number;
21+
}
22+
23+
interface Client {
24+
refresh(token: string): Promise<Token>;
25+
}
26+
27+
class OidcClient implements Client {
28+
public constructor(readonly config: oidc.Configuration) {}
29+
30+
public async refresh(token: string): Promise<Token> {
31+
const newToken = await oidc.refreshTokenGrant(this.config, token);
32+
return {
33+
id_token: newToken.id_token,
34+
refresh_token: newToken.refresh_token,
35+
expires_at: newToken.expiresIn(),
36+
} as Token;
37+
}
38+
}
39+
1640
export class OpenIDConnectAuth implements Authenticator {
1741
public static decodeJWT(token: string): JwtObj | null {
1842
const parts = token.split('.');
@@ -97,22 +121,24 @@ export class OpenIDConnectAuth implements Authenticator {
97121
const newToken = await client.refresh(user.authProvider.config['refresh-token']);
98122
user.authProvider.config['id-token'] = newToken.id_token;
99123
user.authProvider.config['refresh-token'] = newToken.refresh_token;
100-
this.currentTokenExpiration = newToken.expires_at || 0;
124+
this.currentTokenExpiration = newToken.expires_at;
101125
}
102126
return user.authProvider.config['id-token'];
103127
}
104128

105129
private async getClient(user: User): Promise<Client> {
106-
const oidcIssuer = await Issuer.discover(user.authProvider.config['idp-issuer-url']);
107130
const metadata: ClientMetadata = {
108131
client_id: user.authProvider.config['client-id'],
109132
client_secret: user.authProvider.config['client-secret'],
110133
};
111-
112134
if (!user.authProvider.config['client-secret']) {
113135
metadata.token_endpoint_auth_method = 'none';
114136
}
115-
116-
return new oidcIssuer.Client(metadata);
137+
const configuration = await oidc.discovery(
138+
user.authProvider.config['idp-issuer-url'],
139+
user.authProvider.config['client-id'],
140+
metadata
141+
);
142+
return new OidcClient(configuration);
117143
}
118144
}

0 commit comments

Comments
 (0)