var proxy = require('express-http-proxy'); var app = require('express')(); const OAuth2Strategy = require("passport-oauth2") const passport = require("passport"); var session = require('express-session') const superagent = require('superagent'); require('dotenv').config(); passport.use(new OAuth2Strategy({ authorizationURL: 'https://auth.edwardpeterson.dev/application/o/authorize/', tokenURL: 'https://auth.edwardpeterson.dev/application/o/token/', clientID: 'NwAsa84xs6q0mgWZj0eTawTpvkctMLz9ZZyjkO23', clientSecret: process.env.OAUTH_SECRET, callbackURL: process.env.OAUTH_CALLBACKURL }, function(accessToken, refreshToken, profile, cb) { getUserInfoFromAuth(accessToken).then((response) => { console.log(response); cb(null, response); }) } )); passport.serializeUser(function(user, done) { done(null, user); }); passport.deserializeUser(function(user, done) { done(null, user); }); app.use(session({ secret: 'definitely not keyboard cat', resave: false, saveUninitialized: true, // cookie: function(req) { // var match = req.url.match(/^\/([^/]+)/); // return { // path: match ? '/' + match[1] : '/', // httpOnly: true, // secure: req.secure || false, // maxAge: 60000 // } // } })) app.use(passport.initialize()); app.use(passport.session()); const isLoggedIn = () => { return (req, res, next) => { if(req.isAuthenticated()){ return next(); } return res.status(401).json({message: "Not authenticated"}); } } function getUserInfoFromAuth(accessToken ) { return superagent('https://auth.edwardpeterson.dev/application/o/userinfo/').set('Authorization', 'Bearer ' + accessToken).then(response => { return response.body; }).catch(error => { log.error('superagent error' + error); }) } app.get('/auth/login', passport.authenticate('oauth2')); app.get('/oauth', passport.authenticate('oauth2', { failureRedirect: '/notnpm' }), function(req, res) { // Successful authentication, redirect home. superagent.post(`http://${process.env.PROXY_URL}/api/tokens`) .send({"identity": req.user.email,secret:process.env.PASSWORD}) .set('accept', 'json') .end((err, authResponse) =>{ const jsonResponse = JSON.parse(authResponse.text) req.session.npmJWT = jsonResponse.token; res.redirect("/"); }) }); app.use((req, res, next) =>{ if(req.session.npmJWT) { req.headers.authorization = `Bearer ${req.session.npmJWT}` } next(); }) app.get('/', (req, res, next) =>{ if(req.session.npmJWT) { next(); } else { res.redirect("/auth/login") } }) app.get('/login', (req, res, next) => { req.session.destroy(error => { res.clearCookie('connect.sid'); res.redirect('/') // res.status(200).json({message: 'Logged out'}) }) }) app.use('/', isLoggedIn(), proxy(process.env.PROXY_URL)); app.listen(3000);