fix oidc router typing

MTES-MCT · Jul 28, 2023 · 05f9456 · 05f9456
1 parent 22ac158
commit 05f9456
Showing 1 changed file with 39 additions and 28 deletions.
diff --git a/back/src/routers/oidc-router.ts b/back/src/routers/oidc-router.ts
@@ -2,7 +2,12 @@ import prisma from "../prisma";
 import { Router, Request, Response } from "express";
 import { oidc, exchange } from "../oauth/oidc";
 import ensureLoggedIn from "../common/middlewares/ensureLoggedIn";
-import { OAuth2, AuthorizationError, MiddlewareRequest } from "oauth2orize";
+import {
+  OAuth2,
+  AuthorizationError,
+  MiddlewareRequest,
+  ValidateDoneFunction
+} from "oauth2orize";
 import passport from "passport";
 import { getUid } from "../utils";
 export const oidcRouter = Router();
@@ -19,34 +24,40 @@ export const oidcRouter = Router();
 oidcRouter.get(
   "/oidc/authorize",
   ensureLoggedIn,
-  oidc.authorization(async (clientId, redirectUri, done) => {
-    const client = await prisma.application.findUnique({
-      where: { id: clientId }
-    });
-    // check state ?
-    if (!client) {
-      const err = new AuthorizationError(
-        "Invalid client id",
-        "unauthorized_client"
-      );
-      return done(err);
+  oidc.authorization(
+    async (
+      clientId: string,
+      redirectUri: string,
+      done: ValidateDoneFunction
+    ) => {
+      const client = await prisma.application.findUnique({
+        where: { id: clientId }
+      });
+      // check state ?
+      if (!client) {
+        const err = new AuthorizationError(
+          "Invalid client id",
+          "unauthorized_client"
+        );
+        return done(err);
+      }
+      if (!client.redirectUris.includes(redirectUri)) {
+        const err = new AuthorizationError(
+          "Invalid redirect uri",
+          "unauthorized_client"
+        );
+        return done(err);
+      }
+      if (!client.openIdEnabled) {
+        const err = new AuthorizationError(
+          "OpenId Connect is not enabled on this application",
+          "unauthorized_client"
+        );
+        return done(err);
+      }
+      return done(null, client, redirectUri);
     }
-    if (!client.redirectUris.includes(redirectUri)) {
-      const err = new AuthorizationError(
-        "Invalid redirect uri",
-        "unauthorized_client"
-      );
-      return done(err);
-    }
-    if (!client.openIdEnabled) {
-      const err = new AuthorizationError(
-        "OpenId Connect is not enabled on this application",
-        "unauthorized_client"
-      );
-      return done(err);
-    }
-    return done(null, client, redirectUri);
-  }),
+  ),
   (req: Request & { oauth2: OAuth2 }, res: Response) => {
     const payload = {
       transactionID: req.oauth2.transactionID,