-
Notifications
You must be signed in to change notification settings - Fork 1
/
auth.ts
39 lines (32 loc) · 1.19 KB
/
auth.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
import { NextFunction, Request, Response, Router } from "express"
import legacyAuth from "@moreillon/express_identification_middleware"
import oidcAuth from "@moreillon/express-oidc"
import { OIDC_JWKS_URI, IDENTIFICATION_URL } from "./config"
export const registerAuthMiddleware = (router: Router) => {
if (IDENTIFICATION_URL) {
console.log(`[Auth] Legacy auth enabled with URL: ${IDENTIFICATION_URL}`)
router.use(legacyAuth({ url: IDENTIFICATION_URL, lax: !!OIDC_JWKS_URI }))
}
if (OIDC_JWKS_URI) {
console.log(`[Auth] OIDC auth enabled with JWKS URI: ${OIDC_JWKS_URI}`)
const oidcMiddleware = oidcAuth({ jwksUri: OIDC_JWKS_URI })
if (IDENTIFICATION_URL) {
console.log(`[Auth] Both Legacy and OIDC auth are enabled`)
const wrappingMiddleware = (
req: Request,
res: Response,
next: NextFunction
) => {
// Do nothing if user already identified from previous middleware
if (res.locals.user) return next()
if (!OIDC_JWKS_URI) return next()
oidcMiddleware(req, res, next)
}
router.use(wrappingMiddleware)
}
// If just OIDC, register as usual
else {
router.use(oidcMiddleware)
}
}
}