updated-server

index.mjs

@@ -3,8 +3,8 @@ import { Server } from '@hocuspocus/server';
 
 const authorizer = new Authorizer({
   clientID: process.env.AUTHORIZER_CLIENT_ID || '',
-  authorizerURL: 'https://auth.discours.io',
-  redirectURL: 'https://testing.discours.io',
+  authorizerURL: process.env.AUTHORIZER_URL || 'https://auth.discours.io',
+  redirectURL: process.env.REDIRECT_URL || 'https://testing.discours.io',
 });
 
 const server = Server.configure({
@@ -13,30 +13,40 @@ const server = Server.configure({
     connection.requiresAuthentication = true;
   },
   onAuthenticate(data) {
-    if (data.requestHeaders) {
+    if (!data.requestHeaders) {
+      console.error('Request headers not found');
+      return null;
+    }
+
     const params = {
       token_type: 'access_token',
       token: data.requestHeaders['authorization'] || '',
     };
-      if (params.token) {
-        authorizer.validateJWTToken(params)
-          .then(response => {
 
-          if (response?.data?.is_valid) {
+    if (!params.token) {
+      console.error('Authorization token not found');
+      return null;
+    }
+
+    return authorizer.validateJWTToken(params)
+        .then(response => {
+          if (!response?.data?.is_valid) {
+            console.error('Invalid authorization token');
+            return null;
+          }
+
           const { sub: user, allowed_roles: roles } = response.data.claims;
           console.debug(`user_id: ${user} roles: ${roles}`);
           return {
             id: user,
-              roles,
+            roles: Array.isArray(roles) ? roles : [roles],
           };
-          }
-        }).catch((e) => {
-          console.error(e)
-          console.error('no valid auth token presented');
-          throw new Error('Not authorized!');
         })
-      }
-    }
+        .catch(e => {
+          console.error('Error validating authorization token:', e.message);
+          console.error(e.stack);
+          return null;
+        });
   },
 });