github.com/NBISweden/sda-cli@v0.1.2-0.20240506070033-4c8af88918df/testing/oidc/server.js (about) 1 const assert = require('assert'); 2 const camelCase = require('camelcase'); 3 const Provider = require('oidc-provider'); 4 5 const port = process.env.PORT || 3000; 6 // External port can legally be an empty string 7 const ext_port = process.env.EXTERNAL_PORT ?? process.env.PORT; 8 const host = process.env.HOST || "oidc" ; 9 10 const config = ['CLIENT_ID', 'CLIENT_REDIRECT_URI'].reduce((acc, v) => { 11 assert(process.env[v], `${v} config missing`); 12 acc[camelCase(v)] = process.env[v]; 13 return acc; 14 }, {}); 15 16 const oidcConfig = { 17 18 features: { 19 devInteractions: true, 20 discovery: true, 21 registration: false, 22 revocation: true, 23 sessionManagement: false, 24 deviceFlow: true 25 }, 26 extraParams: [ 27 'extra', 28 ], 29 tokenEndpointAuthMethods: [ 30 'none', 31 ], 32 ttl: { AccessToken: 157784630, 33 AuthorizationCode: 600, 34 ClientCredentials: 600, 35 DeviceCode: 120, 36 IdToken: 3600, 37 RefreshToken: 1209600 }, 38 oauthNativeApps: true, 39 pkce: { 40 forcedForNative: true, 41 supportedMethods: ['S256'] 42 }, 43 formats: { 44 default: 'opaque', 45 AccessToken: 'jwt', 46 RefreshToken: 'jwt' 47 }, 48 routes: { 49 authorization: process.env.AUTH_ROUTE || '/auth', 50 introspection: process.env.INTROSPECTION_ROUTE || '/token/introspection', 51 certificates: process.env.JWKS_ROUTE || '/jwks', 52 revocation: process.env.REVOCATION_ROUTE ||'/token/revocation', 53 token: process.env.TOKEN_ROUTE || '/token', 54 userinfo: process.env.USERINFO_ROUTE ||'/userinfo' 55 }, 56 scopes: [ 57 'openid', 58 'ga4gh_passport_v1', 59 'profile', 60 'email', 61 'offline_access' 62 ], 63 claims: { 64 acr: null, 65 sid: null, 66 ga4gh_passport_v1: ['ga4gh_passport_v1'], 67 auth_time: null, 68 ss: null, 69 openid: [ 'sub' ], 70 profile: ['name', 'email'] 71 }, 72 73 findById: async function findById(ctx, sub, token) { 74 return { 75 accountId: sub, 76 async claims(use, scope, claims, rejected) { 77 return { name: 'Dummy Tester', email:'dummy.tester@gs.uu.se', sub, ga4gh_passport_v1: ['eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIwIiwibmFtZSI6InRlc3QiLCJnYTRnaF92aXNhX3YxIjp7ImFzc2VydGVkIjoxLCJieSI6InN5c3RlbSIsInNvdXJjZSI6Imh0dHA6Ly93d3cudXUuc2UvZW4vIiwidHlwZSI6IkFmZmlsaWF0aW9uQW5kUm9sZSIsInZhbHVlIjoic3RhZmZAdXUuc2UifSwiYWRtaW4iOnRydWUsImp0aSI6InRlc3QiLCJpYXQiOjE1ODQ4OTc4NDIsImV4cCI6MTU4NDkwMTQ0Mn0.RkAULuJEaExt0zVu3_uE2BSdkHLAHRD8owqhrsrTfLI'] }; 78 }, 79 }; 80 }, 81 82 }; 83 84 const oidc = new Provider(`http://${host}${ext_port ? ':' : ''}${ext_port}`, oidcConfig); 85 86 const clients= [ 87 { 88 application_type: 'native', 89 client_id: 'sda-cli', 90 client_id: config.clientId, 91 redirect_uris: ['http://127.0.0.1'], 92 grant_types: ['urn:ietf:params:oauth:grant-type:device_code', 'refresh_token', 'authorization_code'], 93 token_endpoint_auth_method: 'none', 94 }, 95 ]; 96 97 let server; 98 (async () => { 99 await oidc.initialize({ clients }); 100 server = oidc.listen(port, () => { 101 console.log( 102 `mock-oidc-user-server listening on port ${port}, check http://${host}:${port}/.well-known/openid-configuration` 103 ); 104 }); 105 })().catch(err => { 106 if (server && server.listening) server.close(); 107 console.error(err); 108 process.exitCode = 1; 109 });