From 58e8b82ec648436b873b272e78079c7cd3072888 Mon Sep 17 00:00:00 2001 From: Amruth Pillai Date: Tue, 16 Jan 2024 12:03:18 +0100 Subject: [PATCH] Re-use `originFromDomain` utility function in Auth0 and Keycloak providers (#1337) Co-authored-by: pilcrow --- .auri/$8h6jkpso.md | 6 ++++++ packages/oauth/src/providers/auth0.ts | 13 +++++-------- packages/oauth/src/providers/keycloak.ts | 21 +++++++++++++++++---- packages/oauth/src/utils/request.ts | 7 +++++++ 4 files changed, 35 insertions(+), 12 deletions(-) create mode 100644 .auri/$8h6jkpso.md diff --git a/.auri/$8h6jkpso.md b/.auri/$8h6jkpso.md new file mode 100644 index 000000000..9ce153642 --- /dev/null +++ b/.auri/$8h6jkpso.md @@ -0,0 +1,6 @@ +--- +package: "@lucia-auth/oauth" +type: "patch" +--- + +Update Keycloak provider to accept domain argument with protocol \ No newline at end of file diff --git a/packages/oauth/src/providers/auth0.ts b/packages/oauth/src/providers/auth0.ts index 9f7665833..1db218870 100644 --- a/packages/oauth/src/providers/auth0.ts +++ b/packages/oauth/src/providers/auth0.ts @@ -4,7 +4,11 @@ import { validateOAuth2AuthorizationCode } from "../core/oauth2.js"; import { ProviderUserAuth } from "../core/provider.js"; -import { handleRequest, authorizationHeader } from "../utils/request.js"; +import { + handleRequest, + authorizationHeader, + originFromDomain +} from "../utils/request.js"; import type { Auth } from "lucia"; @@ -113,13 +117,6 @@ const getAuth0User = async (appDomain: string, accessToken: string) => { return auth0User; }; -const originFromDomain = (domain: string): string => { - if (domain.startsWith("https://") || domain.startsWith("http://")) { - return domain; - } - return "https://" + domain; -}; - export type Auth0Tokens = { accessToken: string; refreshToken: string; diff --git a/packages/oauth/src/providers/keycloak.ts b/packages/oauth/src/providers/keycloak.ts index d25011020..5dab5cd46 100644 --- a/packages/oauth/src/providers/keycloak.ts +++ b/packages/oauth/src/providers/keycloak.ts @@ -5,7 +5,11 @@ import { } from "../core/oauth2.js"; import { ProviderUserAuth } from "../core/provider.js"; import { decodeIdToken } from "../index.js"; -import { handleRequest, authorizationHeader } from "../utils/request.js"; +import { + handleRequest, + authorizationHeader, + originFromDomain +} from "../utils/request.js"; import type { Auth } from "lucia"; @@ -43,7 +47,10 @@ export class KeycloakAuth< > => { const scopeConfig = this.config.scope ?? []; return await createOAuth2AuthorizationUrlWithPKCE( - `https://${this.config.domain}/realms/${this.config.realm}/protocol/openid-connect/auth`, + new URL( + `/realms/${this.config.realm}/protocol/openid-connect/auth`, + originFromDomain(this.config.domain) + ), { clientId: this.config.clientId, scope: ["profile", "openid", ...scopeConfig], @@ -82,7 +89,10 @@ export class KeycloakAuth< const rawTokens = await validateOAuth2AuthorizationCode( code, - `https://${this.config.domain}/realms/${this.config.realm}/protocol/openid-connect/token`, + new URL( + `/realms/${this.config.realm}/protocol/openid-connect/token`, + originFromDomain(this.config.domain) + ), { clientId: this.config.clientId, redirectUri: this.config.redirectUri, @@ -127,7 +137,10 @@ const getKeycloakUser = async ( accessToken: string ): Promise => { const keycloakUserRequest = new Request( - `https://${domain}/realms/${realm}/protocol/openid-connect/userinfo`, + new URL( + `/realms/${realm}/protocol/openid-connect/userinfo`, + originFromDomain(domain) + ), { headers: { Authorization: authorizationHeader("bearer", accessToken) diff --git a/packages/oauth/src/utils/request.ts b/packages/oauth/src/utils/request.ts index 389adc5a9..9f152813c 100644 --- a/packages/oauth/src/utils/request.ts +++ b/packages/oauth/src/utils/request.ts @@ -36,3 +36,10 @@ export const authorizationHeader = ( } throw new TypeError("Invalid token type"); }; + +export const originFromDomain = (domain: string): string => { + if (domain.startsWith("https://") || domain.startsWith("http://")) { + return domain; + } + return "https://" + domain; +};