keycloak-demo/controllers/common/index.js

/* eslint-disable no-bitwise */
const debug = require('debug')('ctrl:common')
const util = require('util')
const joi = require('joi')
const response = require('src/utils/response/index.js')
const config = require('src/config/index.js')
const { jwt } = require('src/utils/pkgs.js')
const sso = require('src/utils/sso/index.js')
const { copyObject } = require('src/utils/index.js')
const { get: getCacheInstance } = require('src/utils/cache.js')

const { Success, InternalError, DataFormat, Forbidden, Unauthorized } = response.resp

const controller = {}
module.exports = controller

/**
 * api reponse function
 * @param {import('src/utils/response/index.js').respObject} resp
 * @param {string|Object} body
 */
function responseFunc (resp, body) {
  /** @type {import('src/utils/response/index.js').respObject} */
  const copy = copyObject(response.checkStruct(resp) ? resp : Success)

  if (typeof body === 'string') copy.object.message = body
  else if (typeof body === 'object') copy.object = body

  // @ts-ignore
  if (!('obj' in this)) this.obj = {}
  this.obj.status = copy.status
  this.obj.object = copy.object
}

/**
 * api error response function
 * @param {import('src/utils/response/index.js').respObject} resp
 * @param {import('src/utils/response/index.js').codeMessage=} code
 */
function responseError (resp, code) {
  /** @type {import('src/utils/response/index.js').respObject} */
  const copy = copyObject(response.checkStruct(resp) ? resp : InternalError)

  if (code && typeof code === 'object' && 'message' in code && 'code' in code) {
    copy.object = code
  }

  const err = new response.APIError(copy.object.message, copy)
  throw err
}

controller.apiHandler = () => async (ctx, next) => {
  ctx.obj = {}
  ctx.token = {}

  ctx.resp = responseFunc.bind(ctx)
  ctx.err = responseError

  ctx.getBody = key => (ctx.request.body || {})[key]
  ctx.getFile = key => (ctx.request.files || {})[key]

  // run next
  try {
    await next()
  } catch (err) {
    debug(`Get API Throw Error: ${util.inspect(err, false, null)}`)
    // debug(err.stack);
    if (!(err instanceof response.APIError)) {
      ctx.resp(InternalError)
    } else {
      ctx.obj = err.object
    }

    if (process.env.NODE_ENV !== 'production') {
      ctx.obj.object.errorStack = err.stack
      ctx.obj.object.errorMessage = err.message
    }
  }

  if (Object.keys(ctx.obj).length > 0) {
    ctx.status = ctx.obj.status
    ctx.body = ctx.obj.object
  }
}

/**
 * data validate middleware
 * @param {{query?: any, header?: any, body?: any}} schema body,query and header is joi.Schema
 */
controller.validate = schema => {
  if (typeof schema !== 'object') responseError(InternalError)
  const v = {}
  if ('body' in schema) v.body = joi.isSchema(schema.body) ? schema.body : joi.object(schema.body).unknown()
  if ('header' in schema) v.header = joi.isSchema(schema.header) ? schema.header : joi.object(schema.header).unknown()
  if ('query' in schema) v.query = joi.isSchema(schema.query) ? schema.query : joi.object(schema.query).unknown()

  return async (ctx, next) => {
    try {
      await joi.object(v).unknown().validateAsync({ query: ctx.query, header: ctx.headers, body: ctx.request.body })
    } catch (err) {
      debug(`data validate error: ${util.inspect(err, false, null)}`)
      responseError(DataFormat)
    }
    return next()
  }
}

/**
 * @param {boolean=} allowExpired
 * @return {import('koa').Middleware}
 */
controller.authorization = () => {
  return async (ctx, next) => {
    ctx.token = {}
    /** @type {string} */
    const token = ctx.get('authorization')

    if (!token) ctx.err(Unauthorized)

    try {
      const strs = token.split(/\s/)
      debug(`Get Header: ${token}`)
      if (strs.length !== 2 || !/^bearer$/i.test(strs[0])) ctx.err(Unauthorized, response.codeMessage.CodeTokenInvalid);

      [, ctx.token.origin] = strs

      const decoded = {}

      try {
        // 可以考慮這邊做個cache 多久之內存取不會到keycloak驗證
        let userInfo = await sso.getUserInfo(ctx.token.origin)
        if (!userInfo) {
          // try refresh
          const cache = getCacheInstance()
          const refreshToken = cache.get(ctx.token.origin)
          if (!refreshToken) throw new Error('no cache data')
          const token = await sso.refreshToken(refreshToken)
          // set new cache
          cache.set(token.access_token, token.refresh_token, false)
          ctx.token.origin = token.access_token
          userInfo = await sso.getUserInfo(token.access_token)
          if (!userInfo) throw new Error('get user info fail')

          ctx.set('x-new-token', ctx.token.origin)
        }

        Object.assign(decoded, userInfo)
      } catch (err) {
        debug(`user info get fail ::: ${util.inspect(err, false, null)}`)
        ctx.err(Unauthorized)
      }

      ctx.token.user_id = decoded.username
      ctx.token.sso = true

      ctx.token.info = decoded

      ctx.verified = true
    } catch (err) {
      debug(`Token valid fail: ${util.inspect(err, false, null)}`)
      throw err
    }

    return next()
  }
}
[feat] Init code 2021-08-31 10:24:42 +00:00			`/* eslint-disable no-bitwise */`
update 2021-09-01 12:46:41 +00:00			`const debug = require('debug')('ctrl:common')`
			`const util = require('util')`
			`const joi = require('joi')`
			`const response = require('src/utils/response/index.js')`
			`const config = require('src/config/index.js')`
			`const { jwt } = require('src/utils/pkgs.js')`
update 2021-09-01 13:15:26 +00:00			`const sso = require('src/utils/sso/index.js')`
			`const { copyObject } = require('src/utils/index.js')`
			`const { get: getCacheInstance } = require('src/utils/cache.js')`
[feat] Init code 2021-08-31 10:24:42 +00:00
update 2021-09-01 12:46:41 +00:00			`const { Success, InternalError, DataFormat, Forbidden, Unauthorized } = response.resp`
[feat] Init code 2021-08-31 10:24:42 +00:00
update 2021-09-01 12:46:41 +00:00			`const controller = {}`
			`module.exports = controller`
[feat] Init code 2021-08-31 10:24:42 +00:00
			`/**`
			`* api reponse function`
			`* @param {import('src/utils/response/index.js').respObject} resp`
			`* @param {string\|Object} body`
			`*/`
update 2021-09-01 12:46:41 +00:00			`function responseFunc (resp, body) {`
[feat] Init code 2021-08-31 10:24:42 +00:00			`/** @type {import('src/utils/response/index.js').respObject} */`
update 2021-09-01 12:46:41 +00:00			`const copy = copyObject(response.checkStruct(resp) ? resp : Success)`
[feat] Init code 2021-08-31 10:24:42 +00:00
update 2021-09-01 12:46:41 +00:00			`if (typeof body === 'string') copy.object.message = body`
			`else if (typeof body === 'object') copy.object = body`
[feat] Init code 2021-08-31 10:24:42 +00:00
			`// @ts-ignore`
update 2021-09-01 12:46:41 +00:00			`if (!('obj' in this)) this.obj = {}`
			`this.obj.status = copy.status`
			`this.obj.object = copy.object`
[feat] Init code 2021-08-31 10:24:42 +00:00			`}`

			`/**`
			`* api error response function`
			`* @param {import('src/utils/response/index.js').respObject} resp`
			`* @param {import('src/utils/response/index.js').codeMessage=} code`
			`*/`
update 2021-09-01 12:46:41 +00:00			`function responseError (resp, code) {`
[feat] Init code 2021-08-31 10:24:42 +00:00			`/** @type {import('src/utils/response/index.js').respObject} */`
update 2021-09-01 12:46:41 +00:00			`const copy = copyObject(response.checkStruct(resp) ? resp : InternalError)`
[feat] Init code 2021-08-31 10:24:42 +00:00
			`if (code && typeof code === 'object' && 'message' in code && 'code' in code) {`
update 2021-09-01 12:46:41 +00:00			`copy.object = code`
[feat] Init code 2021-08-31 10:24:42 +00:00			`}`

update 2021-09-01 12:46:41 +00:00			`const err = new response.APIError(copy.object.message, copy)`
			`throw err`
[feat] Init code 2021-08-31 10:24:42 +00:00			`}`

			`controller.apiHandler = () => async (ctx, next) => {`
update 2021-09-01 12:46:41 +00:00			`ctx.obj = {}`
			`ctx.token = {}`
[feat] Init code 2021-08-31 10:24:42 +00:00
update 2021-09-01 12:46:41 +00:00			`ctx.resp = responseFunc.bind(ctx)`
			`ctx.err = responseError`
[feat] Init code 2021-08-31 10:24:42 +00:00
update 2021-09-01 12:46:41 +00:00			`ctx.getBody = key => (ctx.request.body \|\| {})[key]`
			`ctx.getFile = key => (ctx.request.files \|\| {})[key]`
[feat] Init code 2021-08-31 10:24:42 +00:00
			`// run next`
			`try {`
update 2021-09-01 12:46:41 +00:00			`await next()`
[feat] Init code 2021-08-31 10:24:42 +00:00			`} catch (err) {`
update 2021-09-01 12:46:41 +00:00			debug(`Get API Throw Error: ${util.inspect(err, false, null)}`)
[feat] Init code 2021-08-31 10:24:42 +00:00			`// debug(err.stack);`
			`if (!(err instanceof response.APIError)) {`
update 2021-09-01 12:46:41 +00:00			`ctx.resp(InternalError)`
[feat] Init code 2021-08-31 10:24:42 +00:00			`} else {`
update 2021-09-01 12:46:41 +00:00			`ctx.obj = err.object`
[feat] Init code 2021-08-31 10:24:42 +00:00			`}`

			`if (process.env.NODE_ENV !== 'production') {`
update 2021-09-01 12:46:41 +00:00			`ctx.obj.object.errorStack = err.stack`
			`ctx.obj.object.errorMessage = err.message`
[feat] Init code 2021-08-31 10:24:42 +00:00			`}`
			`}`

			`if (Object.keys(ctx.obj).length > 0) {`
update 2021-09-01 12:46:41 +00:00			`ctx.status = ctx.obj.status`
			`ctx.body = ctx.obj.object`
[feat] Init code 2021-08-31 10:24:42 +00:00			`}`
update 2021-09-01 12:46:41 +00:00			`}`
[feat] Init code 2021-08-31 10:24:42 +00:00
			`/**`
			`* data validate middleware`
			`* @param {{query?: any, header?: any, body?: any}} schema body,query and header is joi.Schema`
			`*/`
			`controller.validate = schema => {`
update 2021-09-01 12:46:41 +00:00			`if (typeof schema !== 'object') responseError(InternalError)`
			`const v = {}`
			`if ('body' in schema) v.body = joi.isSchema(schema.body) ? schema.body : joi.object(schema.body).unknown()`
			`if ('header' in schema) v.header = joi.isSchema(schema.header) ? schema.header : joi.object(schema.header).unknown()`
			`if ('query' in schema) v.query = joi.isSchema(schema.query) ? schema.query : joi.object(schema.query).unknown()`
[feat] Init code 2021-08-31 10:24:42 +00:00
			`return async (ctx, next) => {`
			`try {`
update 2021-09-01 12:46:41 +00:00			`await joi.object(v).unknown().validateAsync({ query: ctx.query, header: ctx.headers, body: ctx.request.body })`
[feat] Init code 2021-08-31 10:24:42 +00:00			`} catch (err) {`
update 2021-09-01 12:46:41 +00:00			debug(`data validate error: ${util.inspect(err, false, null)}`)
			`responseError(DataFormat)`
[feat] Init code 2021-08-31 10:24:42 +00:00			`}`
update 2021-09-01 12:46:41 +00:00			`return next()`
			`}`
			`}`
[feat] Init code 2021-08-31 10:24:42 +00:00
[feat] Update route format 2021-09-01 07:20:53 +00:00			`/**`
			`* @param {boolean=} allowExpired`
			`* @return {import('koa').Middleware}`
			`*/`
update 2021-09-01 13:15:26 +00:00			`controller.authorization = () => {`
[feat] Update route format 2021-09-01 07:20:53 +00:00			`return async (ctx, next) => {`
update 2021-09-01 12:46:41 +00:00			`ctx.token = {}`
[feat] Update route format 2021-09-01 07:20:53 +00:00			`/** @type {string} */`
update 2021-09-01 12:46:41 +00:00			`const token = ctx.get('authorization')`
[feat] Init code 2021-08-31 10:24:42 +00:00
update 2021-09-01 12:46:41 +00:00			`if (!token) ctx.err(Unauthorized)`
[feat] Init code 2021-08-31 10:24:42 +00:00
[feat] Update route format 2021-09-01 07:20:53 +00:00			`try {`
update 2021-09-01 12:46:41 +00:00			`const strs = token.split(/\s/)`
			debug(`Get Header: ${token}`)
[feat] Update route format 2021-09-01 07:20:53 +00:00			`if (strs.length !== 2 \|\| !/^bearer$/i.test(strs[0])) ctx.err(Unauthorized, response.codeMessage.CodeTokenInvalid);`

update 2021-09-01 12:46:41 +00:00			`[, ctx.token.origin] = strs`
[feat] Update route format 2021-09-01 07:20:53 +00:00
update 2021-09-01 13:15:26 +00:00			`const decoded = {}`
[feat] Update route format 2021-09-01 07:20:53 +00:00
			`try {`
update 2021-09-01 13:15:26 +00:00			`// 可以考慮這邊做個cache 多久之內存取不會到keycloak驗證`
			`let userInfo = await sso.getUserInfo(ctx.token.origin)`
			`if (!userInfo) {`
			`// try refresh`
			`const cache = getCacheInstance()`
			`const refreshToken = cache.get(ctx.token.origin)`
			`if (!refreshToken) throw new Error('no cache data')`
			`const token = await sso.refreshToken(refreshToken)`
			`// set new cache`
			`cache.set(token.access_token, token.refresh_token, false)`
			`ctx.token.origin = token.access_token`
			`userInfo = await sso.getUserInfo(token.access_token)`
			`if (!userInfo) throw new Error('get user info fail')`

			`ctx.set('x-new-token', ctx.token.origin)`
[feat] Update route format 2021-09-01 07:20:53 +00:00			`}`
update 2021-09-01 13:15:26 +00:00
			`Object.assign(decoded, userInfo)`
			`} catch (err) {`
			debug(`user info get fail ::: ${util.inspect(err, false, null)}`)
			`ctx.err(Unauthorized)`
[feat] Update route format 2021-09-01 07:20:53 +00:00			`}`

update 2021-09-01 13:15:26 +00:00			`ctx.token.user_id = decoded.username`
			`ctx.token.sso = true`
[feat] Update route format 2021-09-01 07:20:53 +00:00
update 2021-09-01 13:15:26 +00:00			`ctx.token.info = decoded`
[feat] Update route format 2021-09-01 07:20:53 +00:00
update 2021-09-01 12:46:41 +00:00			`ctx.verified = true`
[feat] Update route format 2021-09-01 07:20:53 +00:00			`} catch (err) {`
update 2021-09-01 12:46:41 +00:00			debug(`Token valid fail: ${util.inspect(err, false, null)}`)
			`throw err`
[feat] Update route format 2021-09-01 07:20:53 +00:00			`}`

update 2021-09-01 12:46:41 +00:00			`return next()`
			`}`
			`}`