crdt-server/index.ts

import {
  ApiResponse,
  Authorizer,
  ConfigType,
  ValidateJWTTokenInput,
  ValidateJWTTokenResponse,
} from '@authorizerdev/authorizer-js'
import { Server, onAuthenticatePayload } from '@hocuspocus/server'

const authorizer = new Authorizer({
  clientID: process.env.AUTHORIZER_CLIENT_ID,
  authorizerURL: 'https://auth.discours.io',
  redirectURL: 'https://testing.discours.io',
} as ConfigType)

const server = await Server.configure({
  port: 4242,
  async onConnect({ connection }) {
    connection.requiresAuthentication = false // FIXME
  },
  async onAuthenticate(data: onAuthenticatePayload) {
    // Danger! This won’t be called for that connection attempt.

    if (data.requestHeaders) {
      const params: ValidateJWTTokenInput = {
        token_type: 'access_token',
        token: data.requestHeaders['authorization'] || '',
      }
      if (params.token) {
        // NOTE: ожидаем, что клиент отправит токен
        const response: ApiResponse<ValidateJWTTokenResponse> = await authorizer.validateJWTToken(params)
        if (response?.data?.is_valid) {
          const { sub: user, allowed_roles: roles } = response.data.claims
          console.debug(`user_id: ${user} roles: ${roles}`)
        } else {
          console.debug('no valid auth token presented')
        }
      }
    }
  },
}).listen()

server.listen()