OpenAuth_server/src/api/client/index.ts

import { Request, Response, Router } from "express"
import Stacker from "../middlewares/stacker";
import { GetClientAuthMiddleware, GetClientApiAuthMiddleware } from "../middlewares/client";
import { GetUserMiddleware } from "../middlewares/user";
import { createJWT } from "../../keys";
import Client from "../../models/client";
import RequestError, { HttpStatusCode } from "../../helper/request_error";
import config from "../../config";


const ClientRouter = Router();

/**
 * @api {get} /client/user
 * 
 * @apiDescription Can be used for simple authentication of user. It will redirect the user to the redirect URI with a very short lived jwt.
 * 
 * @apiParam {String} redirect_uri URL to redirect to on success
 * @apiParam {String} state A optional state, that will be included in the JWT and redirect_uri as parameter
 *
 * @apiName ClientUser 
 * @apiGroup client
 *
 * @apiPermission user_client Requires ClientID and Authenticated User
 */
ClientRouter.get("/user", Stacker(GetClientAuthMiddleware(false), GetUserMiddleware(false, false), async (req: Request, res: Response) => {
   let { redirect_uri, state } = req.query;

   if (redirect_uri !== req.client.redirect_url)
      throw new RequestError("Invalid redirect URI", HttpStatusCode.BAD_REQUEST);

   let jwt = await createJWT({
      client: req.client.client_id,
      uid: req.user.uid,
      username: req.user.username,
      state: state
   }, {
      expiresIn: 30,
      issuer: config.core.url,
      algorithm: "RS256",
      subject: req.user.uid,
      audience: req.client.client_id
   }); //after 30 seconds this token is invalid
   res.redirect(redirect_uri + "?jwt=" + jwt + (state ? `&state=${state}` : ""));
}));

ClientRouter.get("/account", Stacker(GetClientApiAuthMiddleware(), async (req: Request, res) => {
   res.json({
      user: {
         username: req.user.username,
         name: req.user.name,
      }
   })
}));

export default ClientRouter;