forked from exlinc/keycloak-passport
-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.js
60 lines (51 loc) · 1.37 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
const util = require("util");
const OAuth2Strategy = require("passport-oauth2");
function Strategy(options, verify) {
[
"host",
"realm",
"clientID",
"clientSecret",
"callbackURL"
].forEach((k) => {
if (!options[k]) {
throw new Error(`${k} is required`);
}
});
this.options = options;
this._base = Object.getPrototypeOf(Strategy.prototype);
this._base.constructor.call(this, this.options, verify);
this.name = "Keycloak";
}
util.inherits(Strategy, OAuth2Strategy);
Strategy.prototype.userProfile = function (accessToken, done) {
this._oauth2._useAuthorizationHeaderForGET = true;
this._oauth2.get(this.options.userInfoURL, accessToken, (err, body) => {
if (err) {
return done(err);
}
try {
const json = JSON.parse(body);
const email = json.email;
const userInfo = {
keycloakId: json.sub,
fullName: json.name,
firstName: json.given_name,
lastName: json.family_name,
username: json.preferred_username,
email,
avatar: json.avatar,
realm: this.options.realm,
};
if (this.options.additionalClaims !== undefined) {
this.options.additionalClaims.forEach((claim) => {
userInfo[claim] = json[claim];
});
}
done(null, userInfo);
} catch (e) {
done(e);
}
});
};
module.exports = Strategy;