updated-server

2024-03-03 17:04:49 +03:00 · 2024-03-03 17:04:49 +03:00 · bb1e14a4a4
commit bb1e14a4a4
parent fee5b09de9
1 changed files with 35 additions and 25 deletions
--- a/index.mjs
+++ b/index.mjs
@ -3,8 +3,8 @@ import { Server } from '@hocuspocus/server';

 const authorizer = new Authorizer({
  clientID: process.env.AUTHORIZER_CLIENT_ID || '',
-  authorizerURL: 'https://auth.discours.io',
-  redirectURL: 'https://testing.discours.io',
+  authorizerURL: process.env.AUTHORIZER_URL || 'https://auth.discours.io',
+  redirectURL: process.env.REDIRECT_URL || 'https://testing.discours.io',
 });

 const server = Server.configure({
@ -13,30 +13,40 @@ const server = Server.configure({
    connection.requiresAuthentication = true;
  },
  onAuthenticate(data) {
-    if (data.requestHeaders) {
-      const params = {
-        token_type: 'access_token',
-        token: data.requestHeaders['authorization'] || '',
-      };
-      if (params.token) {
-        authorizer.validateJWTToken(params)
-          .then(response => {
-
-          if (response?.data?.is_valid) {
-            const { sub: user, allowed_roles: roles } = response.data.claims;
-            console.debug(`user_id: ${user} roles: ${roles}`);
-            return {
-              id: user,
-              roles,
-            };
-          }
-        }).catch((e) => {
-          console.error(e)
-          console.error('no valid auth token presented');
-          throw new Error('Not authorized!');
-        })
-      }
+    if (!data.requestHeaders) {
+      console.error('Request headers not found');
+      return null;
    }
+
+    const params = {
+      token_type: 'access_token',
+      token: data.requestHeaders['authorization'] || '',
+    };
+
+    if (!params.token) {
+      console.error('Authorization token not found');
+      return null;
+    }
+
+    return authorizer.validateJWTToken(params)
+        .then(response => {
+          if (!response?.data?.is_valid) {
+            console.error('Invalid authorization token');
+            return null;
+          }
+
+          const { sub: user, allowed_roles: roles } = response.data.claims;
+          console.debug(`user_id: ${user} roles: ${roles}`);
+          return {
+            id: user,
+            roles: Array.isArray(roles) ? roles : [roles],
+          };
+        })
+        .catch(e => {
+          console.error('Error validating authorization token:', e.message);
+          console.error(e.stack);
+          return null;
+        });
  },
 });