diff --git a/sso.js b/sso.js index 9c241f4..acd8ac1 100644 --- a/sso.js +++ b/sso.js @@ -80,38 +80,37 @@ app.post("/api/v1/sso/signin", async (req, res) => { app.post("/api/v1/sso/kcauth", async (req, res) => { try { // kcauth - const useBMA = Boolean(process.env.USE_BMA) || false; - const publicKeyLanding = fs.readFileSync(`./BMA.pub.pem`, "utf8"); + // const useBMA = Boolean(process.env.USE_BMA) || false; + // const publicKeyLanding = fs.readFileSync(`./BMA.pub.pem`, "utf8"); const clientSecret = process.env.KC_CLIENT_SECRET; const clientId = process.env.KC_CLIENT_ID; - const cookies = req.cookies; - let uid = cookies["uid"]; + // const cookies = req.cookies; + const uid = req.body.uid; - let username = ""; + // const tokenSSO = cookies[cookieName]; - const tokenSSO = cookies[cookieName]; - - if (!tokenSSO && !uid) { + if (!uid) { res.status(401).send("Unauthorized"); return; - } else if (tokenSSO) { - let decodedToken = ""; - if (useBMA) { - decodedToken = jwt.decode(tokenSSO); - } else { - decodedToken = jwt.verify(tokenSSO, publicKeyLanding); - } - - let d = JSON.parse(JSON.stringify(decodedToken)); - // console.log("==== username from cookies ====", d); - username = d.username; - - } else if (uid) { - const bytes = CryptoJS.AES.decrypt(uid, secretKey); - const decrypted = bytes.toString(CryptoJS.enc.Utf8); - username = decrypted; } + // else if (tokenSSO) { + // let decodedToken = ""; + // if (useBMA) { + // decodedToken = jwt.decode(tokenSSO); + // } else { + // decodedToken = jwt.verify(tokenSSO, publicKeyLanding); + // } + + // let d = JSON.parse(JSON.stringify(decodedToken)); + // // console.log("==== username from cookies ====", d); + // username = d.username; + + // } else if (uid) { + const bytes = CryptoJS.AES.decrypt(uid, secretKey); + const decrypted = bytes.toString(CryptoJS.enc.Utf8); + const username = decrypted; + // } const oldssotoken = cookies['oldssotoken']; const oldcid = cookies['oldcid'];