hrms-bangkok/hrms-api-sso
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

fixing check token sso

Browse source
This commit is contained in:
Warunee Tamkoo 2024-12-20 10:54:40 +07:00
parent a623eee564
commit 28bd3a0a9e
1 changed files with 66 additions and 55 deletions
Download patch file Download diff file Expand all files Collapse all files

121
sso.js
View file

@ -85,65 +85,76 @@ app.post("/api/v1/sso/kcauth", async (req, res) => {
const cookies = req.cookies;
const tokenSSO = cookies[cookieName];
const oldssotoken = cookies['oldssotoken'];
let decodedToken = "";
if (useBMA) {
decodedToken = jwt.decode(tokenSSO);
if (tokenSSO !== oldssotoken) {
let decodedToken = "";
if (useBMA) {
decodedToken = jwt.decode(tokenSSO);
} else {
decodedToken = jwt.verify(tokenSSO, publicKeyLanding);
}
let d = JSON.parse(JSON.stringify(decodedToken));
// console.log("==== username from cookies ====", d);
const username = d.username;
// create body for admin token
let body = {
client_id: clientId,
client_secret: clientSecret,
grant_type: "client_credentials",
};
const postData = querystring.stringify(body);
// get admin token
const response = await axios.post(urlKeycloakToken, postData, {
headers: {
"Content-Type": "application/x-www-form-urlencoded",
},
});
// console.log("==== admin token ====");
const adminToken = response.data.access_token;
// console.log(adminToken);
// create body for user token
let body2 = {
client_id: clientId,
client_secret: clientSecret,
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange",
subject_token: adminToken,
requested_token_type: "urn:ietf:params:oauth:token-type:refresh_token",
audience: clientId,
requested_subject: username,
};
const postData2 = querystring.stringify(body2);
// console.log("==== postData2 ====");
// console.log(body2);
// get admin token
const tokenResponse = await axios.post(urlKeycloakToken, postData2, {
headers: {
"Content-Type": "application/x-www-form-urlencoded",
},
});
// console.log("==== user token ====");
// console.log(tokenResponse.data);
// await postLog('เข้าสู่ระบบ', tokenResponse.data.access_token);
res.cookie('oldssotoken', tokenSSO, {
maxAge: 1000 * 60 * 60 * 24, // กำหนด timeout หน่วยเป็น millisecond
path: "/",
httpOnly: true,
});
res.status(200).send(tokenResponse.data);
} else {
decodedToken = jwt.verify(tokenSSO, publicKeyLanding);
res.status(200).send({ isLogin: true });
}
let d = JSON.parse(JSON.stringify(decodedToken));
// console.log("==== username from cookies ====", d);
const username = d.username;
// create body for admin token
let body = {
client_id: clientId,
client_secret: clientSecret,
grant_type: "client_credentials",
};
const postData = querystring.stringify(body);
// get admin token
const response = await axios.post(urlKeycloakToken, postData, {
headers: {
"Content-Type": "application/x-www-form-urlencoded",
},
});
// console.log("==== admin token ====");
const adminToken = response.data.access_token;
// console.log(adminToken);
// create body for user token
let body2 = {
client_id: clientId,
client_secret: clientSecret,
grant_type: "urn:ietf:params:oauth:grant-type:token-exchange",
subject_token: adminToken,
requested_token_type: "urn:ietf:params:oauth:token-type:refresh_token",
audience: clientId,
requested_subject: username,
};
const postData2 = querystring.stringify(body2);
// console.log("==== postData2 ====");
// console.log(body2);
// get admin token
const tokenResponse = await axios.post(urlKeycloakToken, postData2, {
headers: {
"Content-Type": "application/x-www-form-urlencoded",
},
});
// console.log("==== user token ====");
// console.log(tokenResponse.data);
// await postLog('เข้าสู่ระบบ', tokenResponse.data.access_token);
res.status(200).send(tokenResponse.data);
} catch (error) {
// console.log("error===>", error);