import { Authorizer } from '@authorizerdev/authorizer-js'; import { Server } from '@hocuspocus/server'; const port = process.env.PORT || 4000; const authorizer = new Authorizer({ clientID: process.env.AUTHORIZER_CLIENT_ID || '', authorizerURL: process.env.AUTHORIZER_URL || 'https://auth.discours.io', redirectURL: process.env.REDIRECT_URL || 'https://testing.discours.io', }); const server = Server.configure({ port, onConnect({ connection }) { connection.requiresAuthentication = true; }, onAuthenticate(data) { return new Promise((resolve, reject) => { const headers = data.requestHeaders; if (!headers) { console.error('Request headers not found'); return reject(new Error('Required header is not present')); } const shout_id = parseInt(data.documentName.replace('shout-', ''), 10); console.debug(`shout_id extracted: ${shout_id}`); const token = data.token || headers['authorization'] || ''; if (!token) { console.error('Authorization token not found'); return reject(new Error('Token is not found')); } authorizer.validateJWTToken({ token_type: 'access_token', token }) .then(response => { if (!response?.data?.is_valid) { console.error('Invalid authorization token'); return reject(new Error('Token is invalid')); } const { sub: user_id, allowed_roles: roles } = response.data.claims; console.debug(`user_id: ${user_id} roles: ${roles}`); if (roles.includes('editor')) { return resolve({ id: user_id, roles: Array.isArray(roles) ? roles : roles.split(','), }); } fetch('https://core.discours.io/graphql', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ query: ` query { get_author(user_id: $user_id) { id slug user } } `, variables: { user_id }, }), }) .then(res => res.json()) .then(data => { const { id: author_id } = data.get_author if (author_id) { fetch('https://core.discours.io/graphql', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ query: `query { get_shout(shout_id: $shout_id) { id slug authors } } `, variables: { shout_id }, }), }) .then(res => res.json()) .then(data => { const { authors } = data.get_shout; if (authors.includes(author_id)) { return resolve({ id: user_id, author: author_id, roles: Array.isArray(roles) ? roles : roles.split(','), }); } return reject(new Error('User is not in authors list')); }) .catch(e => { console.error('Error fetching shout data:', e.message); console.error(e.stack); return reject(new Error('Error fetching shout data')); }); } }) .catch(e => { console.error('Error fetching author data:', e.message); console.error(e.stack); return reject(new Error('Error fetching author data')); }); }) .catch(e => { console.error('Error validating authorization token:', e.message); console.error(e.stack); return reject(new Error('Error validating authorization token')); }); }); }, }); server.listen().then(r => console.info('Server started'));