From b8a3f851cdb111e291611eb1c8f95abcd325fd8b Mon Sep 17 00:00:00 2001 From: Patrik Oldsberg Date: Thu, 3 Sep 2020 09:25:44 +0200 Subject: [PATCH] auth-backend: cleanup types and move them closer to home --- .../src/lib/EnvironmentHandler.ts | 9 +- .../src/lib/PassportStrategyHelper.ts | 40 ++++- .../src/lib/flow/authFlowHelpers.test.ts | 2 +- .../src/lib/flow/authFlowHelpers.ts | 2 +- plugins/auth-backend/src/lib/flow/types.ts | 31 ++++ .../src/lib/oauth/OAuthProvider.test.ts | 2 +- .../src/lib/oauth/OAuthProvider.ts | 2 +- plugins/auth-backend/src/lib/oauth/helpers.ts | 4 +- plugins/auth-backend/src/lib/oauth/index.ts | 8 + plugins/auth-backend/src/lib/oauth/types.ts | 112 +++++++++++++ .../src/providers/auth0/provider.ts | 16 +- .../auth-backend/src/providers/factories.ts | 7 +- .../src/providers/github/provider.ts | 18 +- .../src/providers/gitlab/provider.ts | 18 +- .../src/providers/google/provider.ts | 14 +- .../src/providers/microsoft/provider.ts | 18 +- .../src/providers/oauth2/provider.ts | 16 +- .../src/providers/okta/provider.ts | 18 +- .../src/providers/saml/provider.ts | 2 +- plugins/auth-backend/src/providers/types.ts | 157 ------------------ 20 files changed, 258 insertions(+), 238 deletions(-) create mode 100644 plugins/auth-backend/src/lib/flow/types.ts create mode 100644 plugins/auth-backend/src/lib/oauth/types.ts diff --git a/plugins/auth-backend/src/lib/EnvironmentHandler.ts b/plugins/auth-backend/src/lib/EnvironmentHandler.ts index 53e56a7420..dd9c972cb2 100644 --- a/plugins/auth-backend/src/lib/EnvironmentHandler.ts +++ b/plugins/auth-backend/src/lib/EnvironmentHandler.ts @@ -15,16 +15,17 @@ */ import express from 'express'; -import { - AuthProviderRouteHandlers, - EnvironmentIdentifierFn, -} from '../providers/types'; +import { AuthProviderRouteHandlers } from '../providers/types'; import { InputError } from '@backstage/backend-common'; export type EnvironmentHandlers = { [key: string]: AuthProviderRouteHandlers; }; +export type EnvironmentIdentifierFn = ( + req: express.Request, +) => string | undefined; + export class EnvironmentHandler implements AuthProviderRouteHandlers { constructor( private readonly providerId: string, diff --git a/plugins/auth-backend/src/lib/PassportStrategyHelper.ts b/plugins/auth-backend/src/lib/PassportStrategyHelper.ts index 9a169f9696..3b8d0801e9 100644 --- a/plugins/auth-backend/src/lib/PassportStrategyHelper.ts +++ b/plugins/auth-backend/src/lib/PassportStrategyHelper.ts @@ -17,12 +17,13 @@ import express from 'express'; import passport from 'passport'; import jwtDecoder from 'jwt-decode'; -import { - RedirectInfo, - RefreshTokenResponse, - ProfileInfo, - ProviderStrategy, -} from '../providers/types'; +import { ProfileInfo } from '../providers/types'; + +export type PassportDoneCallback = ( + err?: Error, + response?: Res, + privateInfo?: Private, +) => void; export const makeProfileInfo = ( profile: passport.Profile, @@ -63,6 +64,17 @@ export const makeProfileInfo = ( }; }; +export type RedirectInfo = { + /** + * URL to redirect to + */ + url: string; + /** + * Status code to use for the redirect + */ + status?: number; +}; + export const executeRedirectStrategy = async ( req: express.Request, providerStrategy: passport.Strategy, @@ -106,6 +118,18 @@ export const executeFrameHandlerStrategy = async ( ); }; +type RefreshTokenResponse = { + /** + * An access token issued for the signed in user. + */ + accessToken: string; + /** + * Optionally, the server can issue a new Refresh Token for the user + */ + refreshToken?: string; + params: any; +}; + export const executeRefreshTokenStrategy = async ( providerStrategy: passport.Strategy, refreshToken: string, @@ -156,6 +180,10 @@ export const executeRefreshTokenStrategy = async ( }); }; +type ProviderStrategy = { + userProfile(accessToken: string, callback: Function): void; +}; + export const executeFetchUserProfileStrategy = async ( providerStrategy: passport.Strategy, accessToken: string, diff --git a/plugins/auth-backend/src/lib/flow/authFlowHelpers.test.ts b/plugins/auth-backend/src/lib/flow/authFlowHelpers.test.ts index 10e99c0fe1..b525e98e12 100644 --- a/plugins/auth-backend/src/lib/flow/authFlowHelpers.test.ts +++ b/plugins/auth-backend/src/lib/flow/authFlowHelpers.test.ts @@ -16,7 +16,7 @@ import express from 'express'; import { ensuresXRequestedWith, postMessageResponse } from './authFlowHelpers'; -import { WebMessageResponse } from '../../providers/types'; +import { WebMessageResponse } from './types'; describe('OAuthProvider Utils', () => { describe('postMessageResponse', () => { diff --git a/plugins/auth-backend/src/lib/flow/authFlowHelpers.ts b/plugins/auth-backend/src/lib/flow/authFlowHelpers.ts index 500a6cec8e..63d7c28b50 100644 --- a/plugins/auth-backend/src/lib/flow/authFlowHelpers.ts +++ b/plugins/auth-backend/src/lib/flow/authFlowHelpers.ts @@ -16,7 +16,7 @@ import express from 'express'; import crypto from 'crypto'; -import { WebMessageResponse } from '../../providers/types'; +import { WebMessageResponse } from './types'; export const postMessageResponse = ( res: express.Response, diff --git a/plugins/auth-backend/src/lib/flow/types.ts b/plugins/auth-backend/src/lib/flow/types.ts new file mode 100644 index 0000000000..98bb551c2c --- /dev/null +++ b/plugins/auth-backend/src/lib/flow/types.ts @@ -0,0 +1,31 @@ +/* + * Copyright 2020 Spotify AB + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { AuthResponse } from '../../providers/types'; + +/** + * Payload sent as a post message after the auth request is complete. + * If successful then has a valid payload with Auth information else contains an error. + */ +export type WebMessageResponse = + | { + type: 'authorization_response'; + response: AuthResponse; + } + | { + type: 'authorization_response'; + error: Error; + }; diff --git a/plugins/auth-backend/src/lib/oauth/OAuthProvider.test.ts b/plugins/auth-backend/src/lib/oauth/OAuthProvider.test.ts index 124ace1013..ce78733211 100644 --- a/plugins/auth-backend/src/lib/oauth/OAuthProvider.test.ts +++ b/plugins/auth-backend/src/lib/oauth/OAuthProvider.test.ts @@ -20,8 +20,8 @@ import { TEN_MINUTES_MS, OAuthProvider, } from './OAuthProvider'; -import { OAuthProviderHandlers } from '../../providers/types'; import { encodeState } from './helpers'; +import { OAuthProviderHandlers } from './types'; const mockResponseData = { providerInfo: { diff --git a/plugins/auth-backend/src/lib/oauth/OAuthProvider.ts b/plugins/auth-backend/src/lib/oauth/OAuthProvider.ts index 95948ff7cc..1fe62845a0 100644 --- a/plugins/auth-backend/src/lib/oauth/OAuthProvider.ts +++ b/plugins/auth-backend/src/lib/oauth/OAuthProvider.ts @@ -19,7 +19,6 @@ import crypto from 'crypto'; import { URL } from 'url'; import { AuthProviderRouteHandlers, - OAuthProviderHandlers, BackstageIdentity, AuthProviderConfig, } from '../../providers/types'; @@ -27,6 +26,7 @@ import { InputError } from '@backstage/backend-common'; import { TokenIssuer } from '../../identity'; import { verifyNonce, encodeState } from './helpers'; import { postMessageResponse, ensuresXRequestedWith } from '../flow'; +import { OAuthProviderHandlers } from './types'; export const THOUSAND_DAYS_MS = 1000 * 24 * 60 * 60 * 1000; export const TEN_MINUTES_MS = 600 * 1000; diff --git a/plugins/auth-backend/src/lib/oauth/helpers.ts b/plugins/auth-backend/src/lib/oauth/helpers.ts index 34f12b8d22..9f250a0285 100644 --- a/plugins/auth-backend/src/lib/oauth/helpers.ts +++ b/plugins/auth-backend/src/lib/oauth/helpers.ts @@ -15,9 +15,9 @@ */ import express from 'express'; -import { OAuthState } from '../../providers/types'; +import { OAuthState } from './types'; -const readState = (stateString: string): OAuthState => { +export const readState = (stateString: string): OAuthState => { const state = Object.fromEntries( new URLSearchParams(decodeURIComponent(stateString)), ); diff --git a/plugins/auth-backend/src/lib/oauth/index.ts b/plugins/auth-backend/src/lib/oauth/index.ts index 4c120799e7..eac43141a4 100644 --- a/plugins/auth-backend/src/lib/oauth/index.ts +++ b/plugins/auth-backend/src/lib/oauth/index.ts @@ -14,4 +14,12 @@ * limitations under the License. */ +export { OAuthEnvironmentHandler } from './OAuthEnvironmentHandler'; export { OAuthProvider } from './OAuthProvider'; +export type { + OAuthProviderHandlers, + OAuthProviderInfo, + OAuthProviderOptions, + OAuthResponse, + OAuthState, +} from './types'; diff --git a/plugins/auth-backend/src/lib/oauth/types.ts b/plugins/auth-backend/src/lib/oauth/types.ts new file mode 100644 index 0000000000..ecc665831f --- /dev/null +++ b/plugins/auth-backend/src/lib/oauth/types.ts @@ -0,0 +1,112 @@ +/* + * Copyright 2020 Spotify AB + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import express from 'express'; +import { AuthResponse } from '../../providers/types'; +import { RedirectInfo } from '../PassportStrategyHelper'; + +/** + * Common options for passport.js-based OAuth providers + */ +export type OAuthProviderOptions = { + /** + * Client ID of the auth provider. + */ + clientId: string; + /** + * Client Secret of the auth provider. + */ + clientSecret: string; + /** + * Callback URL to be passed to the auth provider to redirect to after the user signs in. + */ + callbackUrl: string; +}; + +export type OAuthResponse = AuthResponse; + +export type OAuthProviderInfo = { + /** + * An access token issued for the signed in user. + */ + accessToken: string; + /** + * (Optional) Id token issued for the signed in user. + */ + idToken?: string; + /** + * Expiry of the access token in seconds. + */ + expiresInSeconds?: number; + /** + * Scopes granted for the access token. + */ + scope: string; + /** + * A refresh token issued for the signed in user + */ + refreshToken?: string; +}; + +export type OAuthState = { + /* A type for the serialized value in the `state` parameter of the OAuth authorization flow + */ + nonce: string; + env: string; +}; + +/** + * Any OAuth provider needs to implement this interface which has provider specific + * handlers for different methods to perform authentication, get access tokens, + * refresh tokens and perform sign out. + */ +export interface OAuthProviderHandlers { + /** + * This method initiates a sign in request with an auth provider. + * @param {express.Request} req + * @param options + */ + start( + req: express.Request, + options: Record, + ): Promise; + + /** + * Handles the redirect from the auth provider when the user has signed in. + * @param {express.Request} req + */ + handler( + req: express.Request, + ): Promise<{ + response: AuthResponse; + refreshToken?: string; + }>; + + /** + * (Optional) Given a refresh token and scope fetches a new access token from the auth provider. + * @param {string} refreshToken + * @param {string} scope + */ + refresh?( + refreshToken: string, + scope: string, + ): Promise>; + + /** + * (Optional) Sign out of the auth provider. + */ + logout?(): Promise; +} diff --git a/plugins/auth-backend/src/providers/auth0/provider.ts b/plugins/auth-backend/src/providers/auth0/provider.ts index f785d1e147..ff55846302 100644 --- a/plugins/auth-backend/src/providers/auth0/provider.ts +++ b/plugins/auth-backend/src/providers/auth0/provider.ts @@ -19,22 +19,22 @@ import passport from 'passport'; import Auth0Strategy from './strategy'; import { Logger } from 'winston'; import { TokenIssuer } from '../../identity'; -import { OAuthProvider } from '../../lib/oauth'; +import { + OAuthProvider, + OAuthProviderOptions, + OAuthProviderHandlers, + OAuthResponse, +} from '../../lib/oauth'; import { executeFetchUserProfileStrategy, executeFrameHandlerStrategy, executeRedirectStrategy, executeRefreshTokenStrategy, makeProfileInfo, -} from '../../lib/PassportStrategyHelper'; -import { - AuthProviderConfig, - OAuthProviderHandlers, - OAuthResponse, PassportDoneCallback, RedirectInfo, - OAuthProviderOptions, -} from '../types'; +} from '../../lib/PassportStrategyHelper'; +import { AuthProviderConfig } from '../types'; import { Config } from '@backstage/config'; type PrivateInfo = { diff --git a/plugins/auth-backend/src/providers/factories.ts b/plugins/auth-backend/src/providers/factories.ts index 26989d8759..2b67510991 100644 --- a/plugins/auth-backend/src/providers/factories.ts +++ b/plugins/auth-backend/src/providers/factories.ts @@ -25,15 +25,12 @@ import { createOktaProvider } from './okta'; import { createSamlProvider } from './saml'; import { createAuth0Provider } from './auth0'; import { createMicrosoftProvider } from './microsoft'; -import { - AuthProviderConfig, - AuthProviderFactory, - EnvironmentIdentifierFn, -} from './types'; +import { AuthProviderConfig, AuthProviderFactory } from './types'; import { Config } from '@backstage/config'; import { EnvironmentHandlers, EnvironmentHandler, + EnvironmentIdentifierFn, } from '../lib/EnvironmentHandler'; const factories: { [providerId: string]: AuthProviderFactory } = { diff --git a/plugins/auth-backend/src/providers/github/provider.ts b/plugins/auth-backend/src/providers/github/provider.ts index 8e9bf1aa4a..22fb908ef9 100644 --- a/plugins/auth-backend/src/providers/github/provider.ts +++ b/plugins/auth-backend/src/providers/github/provider.ts @@ -20,16 +20,16 @@ import { executeFrameHandlerStrategy, executeRedirectStrategy, makeProfileInfo, -} from '../../lib/PassportStrategyHelper'; -import { - OAuthProviderHandlers, - AuthProviderConfig, - RedirectInfo, - OAuthProviderOptions, - OAuthResponse, PassportDoneCallback, -} from '../types'; -import { OAuthProvider } from '../../lib/oauth'; + RedirectInfo, +} from '../../lib/PassportStrategyHelper'; +import { AuthProviderConfig } from '../types'; +import { + OAuthProvider, + OAuthProviderOptions, + OAuthProviderHandlers, + OAuthResponse, +} from '../../lib/oauth'; import { Logger } from 'winston'; import { TokenIssuer } from '../../identity'; import passport from 'passport'; diff --git a/plugins/auth-backend/src/providers/gitlab/provider.ts b/plugins/auth-backend/src/providers/gitlab/provider.ts index 2100bc753e..a3bd6deef3 100644 --- a/plugins/auth-backend/src/providers/gitlab/provider.ts +++ b/plugins/auth-backend/src/providers/gitlab/provider.ts @@ -20,16 +20,16 @@ import { executeFrameHandlerStrategy, executeRedirectStrategy, makeProfileInfo, -} from '../../lib/PassportStrategyHelper'; -import { - OAuthProviderHandlers, - AuthProviderConfig, - RedirectInfo, - OAuthProviderOptions, - OAuthResponse, PassportDoneCallback, -} from '../types'; -import { OAuthProvider } from '../../lib/oauth'; + RedirectInfo, +} from '../../lib/PassportStrategyHelper'; +import { AuthProviderConfig } from '../types'; +import { + OAuthProvider, + OAuthProviderOptions, + OAuthProviderHandlers, + OAuthResponse, +} from '../../lib/oauth'; import { Logger } from 'winston'; import { TokenIssuer } from '../../identity'; import passport from 'passport'; diff --git a/plugins/auth-backend/src/providers/google/provider.ts b/plugins/auth-backend/src/providers/google/provider.ts index 366f9cd96c..0301062474 100644 --- a/plugins/auth-backend/src/providers/google/provider.ts +++ b/plugins/auth-backend/src/providers/google/provider.ts @@ -22,16 +22,16 @@ import { executeRefreshTokenStrategy, makeProfileInfo, executeFetchUserProfileStrategy, -} from '../../lib/PassportStrategyHelper'; -import { - OAuthProviderHandlers, + PassportDoneCallback, RedirectInfo, - AuthProviderConfig, +} from '../../lib/PassportStrategyHelper'; +import { AuthProviderConfig } from '../types'; +import { + OAuthProvider, + OAuthProviderHandlers, OAuthProviderOptions, OAuthResponse, - PassportDoneCallback, -} from '../types'; -import { OAuthProvider } from '../../lib/oauth'; +} from '../../lib/oauth'; import passport from 'passport'; import { Logger } from 'winston'; import { TokenIssuer } from '../../identity'; diff --git a/plugins/auth-backend/src/providers/microsoft/provider.ts b/plugins/auth-backend/src/providers/microsoft/provider.ts index fb96d2236f..5eec047b69 100644 --- a/plugins/auth-backend/src/providers/microsoft/provider.ts +++ b/plugins/auth-backend/src/providers/microsoft/provider.ts @@ -24,18 +24,18 @@ import { executeRefreshTokenStrategy, makeProfileInfo, executeFetchUserProfileStrategy, + PassportDoneCallback, + RedirectInfo, } from '../../lib/PassportStrategyHelper'; -import { - OAuthProviderHandlers, - RedirectInfo, - AuthProviderConfig, - OAuthProviderOptions, - OAuthResponse, - PassportDoneCallback, -} from '../types'; +import { AuthProviderConfig } from '../types'; -import { OAuthProvider } from '../../lib/oauth'; +import { + OAuthProvider, + OAuthProviderOptions, + OAuthProviderHandlers, + OAuthResponse, +} from '../../lib/oauth'; import { Logger } from 'winston'; import { TokenIssuer } from '../../identity'; import { Config } from '@backstage/config'; diff --git a/plugins/auth-backend/src/providers/oauth2/provider.ts b/plugins/auth-backend/src/providers/oauth2/provider.ts index c08e18960c..a1a3cc7d97 100644 --- a/plugins/auth-backend/src/providers/oauth2/provider.ts +++ b/plugins/auth-backend/src/providers/oauth2/provider.ts @@ -19,22 +19,22 @@ import passport from 'passport'; import { Strategy as OAuth2Strategy } from 'passport-oauth2'; import { Logger } from 'winston'; import { TokenIssuer } from '../../identity'; -import { OAuthProvider } from '../../lib/oauth'; +import { + OAuthProvider, + OAuthProviderOptions, + OAuthProviderHandlers, + OAuthResponse, +} from '../../lib/oauth'; import { executeFetchUserProfileStrategy, executeFrameHandlerStrategy, executeRedirectStrategy, executeRefreshTokenStrategy, makeProfileInfo, -} from '../../lib/PassportStrategyHelper'; -import { - AuthProviderConfig, - OAuthProviderOptions, - OAuthProviderHandlers, - OAuthResponse, PassportDoneCallback, RedirectInfo, -} from '../types'; +} from '../../lib/PassportStrategyHelper'; +import { AuthProviderConfig } from '../types'; import { Config } from '@backstage/config'; type PrivateInfo = { diff --git a/plugins/auth-backend/src/providers/okta/provider.ts b/plugins/auth-backend/src/providers/okta/provider.ts index a6ccc25d21..e46e396aa5 100644 --- a/plugins/auth-backend/src/providers/okta/provider.ts +++ b/plugins/auth-backend/src/providers/okta/provider.ts @@ -14,7 +14,12 @@ * limitations under the License. */ import express from 'express'; -import { OAuthProvider } from '../../lib/oauth'; +import { + OAuthProvider, + OAuthProviderOptions, + OAuthProviderHandlers, + OAuthResponse, +} from '../../lib/oauth'; import { Strategy as OktaStrategy } from 'passport-okta-oauth'; import passport from 'passport'; import { @@ -23,15 +28,10 @@ import { executeRefreshTokenStrategy, makeProfileInfo, executeFetchUserProfileStrategy, -} from '../../lib/PassportStrategyHelper'; -import { - OAuthProviderHandlers, - RedirectInfo, - AuthProviderConfig, - OAuthProviderOptions, - OAuthResponse, PassportDoneCallback, -} from '../types'; + RedirectInfo, +} from '../../lib/PassportStrategyHelper'; +import { AuthProviderConfig } from '../types'; import { Logger } from 'winston'; import { StateStore } from 'passport-oauth2'; import { TokenIssuer } from '../../identity'; diff --git a/plugins/auth-backend/src/providers/saml/provider.ts b/plugins/auth-backend/src/providers/saml/provider.ts index d98bcc9579..d6ea0520fc 100644 --- a/plugins/auth-backend/src/providers/saml/provider.ts +++ b/plugins/auth-backend/src/providers/saml/provider.ts @@ -23,11 +23,11 @@ import { import { executeFrameHandlerStrategy, executeRedirectStrategy, + PassportDoneCallback, } from '../../lib/PassportStrategyHelper'; import { AuthProviderConfig, AuthProviderRouteHandlers, - PassportDoneCallback, ProfileInfo, } from '../types'; import { postMessageResponse } from '../../lib/flow'; diff --git a/plugins/auth-backend/src/providers/types.ts b/plugins/auth-backend/src/providers/types.ts index b3b7e518cc..c7b70adbdc 100644 --- a/plugins/auth-backend/src/providers/types.ts +++ b/plugins/auth-backend/src/providers/types.ts @@ -19,21 +19,6 @@ import { Logger } from 'winston'; import { TokenIssuer } from '../identity'; import { Config } from '@backstage/config'; -export type OAuthProviderOptions = { - /** - * Client ID of the auth provider. - */ - clientId: string; - /** - * Client Secret of the auth provider. - */ - clientSecret: string; - /** - * Callback URL to be passed to the auth provider to redirect to after the user signs in. - */ - callbackUrl: string; -}; - export type AuthProviderConfig = { /** * The protocol://domain[:port] where the app is hosted. This is used to construct the @@ -47,49 +32,6 @@ export type AuthProviderConfig = { appUrl: string; }; -/** - * Any OAuth provider needs to implement this interface which has provider specific - * handlers for different methods to perform authentication, get access tokens, - * refresh tokens and perform sign out. - */ -export interface OAuthProviderHandlers { - /** - * This method initiates a sign in request with an auth provider. - * @param {express.Request} req - * @param options - */ - start( - req: express.Request, - options: Record, - ): Promise; - - /** - * Handles the redirect from the auth provider when the user has signed in. - * @param {express.Request} req - */ - handler( - req: express.Request, - ): Promise<{ - response: AuthResponse; - refreshToken?: string; - }>; - - /** - * (Optional) Given a refresh token and scope fetches a new access token from the auth provider. - * @param {string} refreshToken - * @param {string} scope - */ - refresh?( - refreshToken: string, - scope: string, - ): Promise>; - - /** - * (Optional) Sign out of the auth provider. - */ - logout?(): Promise; -} - /** * Any Auth provider needs to implement this interface which handles the routes in the * auth backend. Any auth API requests from the frontend reaches these methods. @@ -180,8 +122,6 @@ export type AuthResponse = { backstageIdentity?: BackstageIdentity; }; -export type OAuthResponse = AuthResponse; - export type BackstageIdentity = { /** * The backstage user ID. @@ -194,67 +134,6 @@ export type BackstageIdentity = { idToken?: string; }; -export type OAuthProviderInfo = { - /** - * An access token issued for the signed in user. - */ - accessToken: string; - /** - * (Optional) Id token issued for the signed in user. - */ - idToken?: string; - /** - * Expiry of the access token in seconds. - */ - expiresInSeconds?: number; - /** - * Scopes granted for the access token. - */ - scope: string; - /** - * A refresh token issued for the signed in user - */ - refreshToken?: string; -}; - -export type OAuthPrivateInfo = { - /** - * A refresh token issued for the signed in user. - */ - refreshToken: string; -}; - -/** - * Payload sent as a post message after the auth request is complete. - * If successful then has a valid payload with Auth information else contains an error. - */ -export type WebMessageResponse = - | { - type: 'authorization_response'; - response: AuthResponse; - } - | { - type: 'authorization_response'; - error: Error; - }; - -export type PassportDoneCallback = ( - err?: Error, - response?: Res, - privateInfo?: Private, -) => void; - -export type RedirectInfo = { - /** - * URL to redirect to - */ - url: string; - /** - * Status code to use for the redirect - */ - status?: number; -}; - /** * Used to display login information to user, i.e. sidebar popup. * @@ -276,39 +155,3 @@ export type ProfileInfo = { */ picture?: string; }; - -export type RefreshTokenResponse = { - /** - * An access token issued for the signed in user. - */ - accessToken: string; - /** - * Optionally, the server can issue a new Refresh Token for the user - */ - refreshToken?: string; - params: any; -}; - -export type ProviderStrategy = { - userProfile(accessToken: string, callback: Function): void; -}; - -export type SAMLProviderConfig = { - entryPoint: string; - issuer: string; -}; - -export type SAMLEnvironmentProviderConfig = { - [key: string]: SAMLProviderConfig; -}; - -export type OAuthState = { - /* A type for the serialized value in the `state` parameter of the OAuth authorization flow - */ - nonce: string; - env: string; -}; - -export type EnvironmentIdentifierFn = ( - req: express.Request, -) => string | undefined;