diff --git a/src/oidc_auth.ts b/src/oidc_auth.ts new file mode 100644 index 0000000000..4a178dda0d --- /dev/null +++ b/src/oidc_auth.ts @@ -0,0 +1,20 @@ +import { Authenticator } from './auth'; +import { User } from './config_types'; + +export class OpenIDConnectAuth implements Authenticator { + public isAuthProvider(user: User): boolean { + if (!user.authProvider) { + return false; + } + return user.authProvider.name === 'oidc'; + } + + public getToken(user: User): string | null { + if (!user.authProvider.config || !user.authProvider.config['id-token']) { + return null; + } + // TODO: Handle expiration and refresh here... + // TODO: Extract the 'Bearer ' to config.ts? + return `Bearer ${user.authProvider.config['id-token']}`; + } +} diff --git a/src/oidc_auth_test.ts b/src/oidc_auth_test.ts new file mode 100644 index 0000000000..c3dd342b6b --- /dev/null +++ b/src/oidc_auth_test.ts @@ -0,0 +1,59 @@ +import { expect } from 'chai'; + +import { User } from './config_types'; +import { OpenIDConnectAuth } from './oidc_auth'; + +describe('OIDCAuth', () => { + const auth = new OpenIDConnectAuth(); + it('should be true for oidc user', () => { + const user = { + authProvider: { + name: 'oidc', + }, + } as User; + + expect(auth.isAuthProvider(user)).to.equal(true); + }); + + it('should be false for other user', () => { + const user = { + authProvider: { + name: 'azure', + }, + } as User; + + expect(auth.isAuthProvider(user)).to.equal(false); + }); + + it('should be false for null user.authProvider', () => { + const user = {} as User; + + expect(auth.isAuthProvider(user)).to.equal(false); + }); + + it('get a token if present', () => { + const token = 'some token'; + const user = { + authProvider: { + name: 'oidc', + config: { + 'id-token': token, + }, + }, + } as User; + + expect(auth.getToken(user)).to.equal(`Bearer ${token}`); + }); + + it('get null if token missing', () => { + const user = { + authProvider: { + name: 'oidc', + config: { + }, + }, + } as User; + + expect(auth.getToken(user)).to.equal(null); + }); +});