feat(oauth): get redirect_uri from a request_uri (#210)

* chore: bump zenroom peer dependency from 4.31.2 to 4.45.1 * refactor(oauth): divide various tests and improve checks on output * feat(oauth): get redirect_uri from a request_uri this statement is needed to retrieve the redirect_uri, that was passed to the par api, in the authorize endpoint
dyne · Oct 25, 2024 · 3b0d9e9 · 3b0d9e9
1 parent 2bdf097
commit 3b0d9e9
Show file tree

Hide file tree

Showing 4 changed files with 244 additions and 127 deletions.
diff --git a/pkg/deps/package.json b/pkg/deps/package.json
@@ -6,7 +6,7 @@
 		"chevrotain": "^10.5.0"
 	},
 	"peerDependencies": {
-		"zenroom": "^4.31.2"
+		"zenroom": "^4.45.1"
 	},
 	"repository": "https://github.com/dyne/slangroom",
 	"license": "AGPL-3.0-only",

diff --git a/pkg/oauth/src/plugin.ts b/pkg/oauth/src/plugin.ts
@@ -424,4 +424,49 @@ export const changeAuthDetails = p.new(
 );
 
 
+/**
+ * @internal
+ */
+// Sentence that given a request_uri return the redirect_uri
+/**
+Given I send request_uri 'request_uri' and send server_data 'server' and get redirect_uri from request_uri and output into 'redirect_uri'
+Input:
+	server_data: MUST be a string dictionary with keys
+			jwk: JWK containing the public key of the authorization_server
+			url: url of the authorization_server
+			authentication_url: did resolver for client pk
+	request_uri: MUST be a string (output of a /par request)
+Output:
+	redirect_uri: string
+*/
+export const getRedirectUri = p.new(
+	['request_uri', 'server_data'],
+	'get redirect_uri from request_uri',
+	async (ctx) => {
+		const serverData = ctx.fetch('server_data') as { jwk: JWK, url: string, authenticationUrl: string };
+		const uri = ctx.fetch('request_uri') as string;
+
+		const options = {
+			accessTokenLifetime: 60 * 60, // 1 hour.
+			refreshTokenLifetime: 60 * 60 * 24 * 14, // 2 weeks.
+			allowExtendedTokenAttributes: true,
+			requireClientAuthentication: {}, // defaults to true for all grant types
+		};
+
+		const model = getInMemoryCache(serverData, options);
+		const rand_uri = uri.split(':').pop();
+		if (!rand_uri) {
+			return ctx.fail(new OauthError('Invalid request_uri'));
+		}
+		try {
+			const authData = await model.getAuthCodeFromUri(rand_uri);
+			return ctx.pass(authData['redirectUri']);
+		} catch(e) {
+			return ctx.fail(new OauthError(e.message));
+		}
+
+	}
+);
+
+
 export const oauth = p;