From 9b6422edd62dc31022c81f27581d24748a87edf4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matheus=20Lu=C3=ADs?= <matheus.bernardi@lnls.br>
Date: Fri, 13 Dec 2024 16:08:27 -0300
Subject: [PATCH] feat(packages/api): add auth router

include auth router for quick access to user session on client and other httpserver auth routes and utilities
---
 packages/api/src/root.ts        |  2 ++
 packages/api/src/router/auth.ts | 60 +++++++++++++++++++++++++++++++++
 2 files changed, 62 insertions(+)
 create mode 100644 packages/api/src/router/auth.ts

diff --git a/packages/api/src/root.ts b/packages/api/src/root.ts
index 561cc7f..d4fe450 100644
--- a/packages/api/src/root.ts
+++ b/packages/api/src/root.ts
@@ -1,3 +1,4 @@
+import { authRouter } from "./router/auth";
 import { consoleOutputRouter } from "./router/console-output";
 import { devicesRouter } from "./router/devices";
 import { environmentRouter } from "./router/environment";
@@ -19,6 +20,7 @@ export const appRouter = createTRPCRouter({
   consoleOutput: consoleOutputRouter,
   history: historyRouter,
   runEngine: runEngineRouter,
+  auth: authRouter,
 });
 
 // export type definition of API
diff --git a/packages/api/src/router/auth.ts b/packages/api/src/router/auth.ts
new file mode 100644
index 0000000..fe55dfd
--- /dev/null
+++ b/packages/api/src/router/auth.ts
@@ -0,0 +1,60 @@
+import { z } from "zod";
+import { env } from "../../env";
+import { protectedProcedure } from "../trpc";
+import { zodSnakeFetcher } from "../utils";
+
+const principalSchema = z.object({
+  uuid: z.string(),
+  type: z.enum(["user", "service"]),
+  identities: z.array(
+    z.object({
+      provider: z.string(),
+      id: z.string(),
+      latestLogin: z.string().optional().nullable(),
+    }),
+  ),
+  apiKeys: z.array(
+    z.object({
+      firstEight: z.string(),
+      expirationTime: z.string().optional().nullable(),
+      note: z.string().optional().nullable(),
+      scopes: z.array(z.string()),
+      latestActivity: z.string().optional().nullable(),
+    }),
+  ),
+  sessions: z.array(
+    z.object({
+      uuid: z.string(),
+      expirationTime: z.string(),
+      revoked: z.boolean(),
+    }),
+  ),
+  latestActivity: z.string().nullable(),
+  roles: z.array(z.string()).nullable(),
+  scopes: z.array(z.string()).nullable(),
+  apiKeyScopes: z.array(z.string()).nullable(),
+});
+
+export const authRouter = {
+  getSession: protectedProcedure.query(({ ctx }) => {
+    return ctx.session;
+  }),
+  whoAmI: protectedProcedure.query(async ({ ctx }) => {
+    const fetchURL = `${env.BLUESKY_HTTPSERVER_URL}/api/auth/whoami`;
+    const blueskyAccessToken = ctx.session.user.blueskyAccessToken;
+    try {
+      const res = await zodSnakeFetcher(principalSchema, {
+        url: fetchURL,
+        method: "GET",
+        authorization: `Bearer ${blueskyAccessToken}`,
+        body: undefined,
+      });
+      return res;
+    } catch (e) {
+      if (e instanceof Error) {
+        throw new Error(e.message);
+      }
+      throw new Error("Unknown error");
+    }
+  }),
+};