keycloak-org
/
keycloak-demo
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

update refresh token

This commit is contained in:
Jay 2021-09-02 09:03:07 +08:00
parent 94837efdee
commit d11f1a053b
2 changed files with 9825 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
controllers/common/index.js
View File

@ -4,12 +4,12 @@ const util = require('util')
const joi = require('joi') const joi = require('joi')
const response = require('src/utils/response/index.js') const response = require('src/utils/response/index.js')
const config = require('src/config/index.js') const config = require('src/config/index.js')
const { jwt } = require('src/utils/pkgs.js')
const sso = require('src/utils/sso/index.js') const sso = require('src/utils/sso/index.js')
const { copyObject } = require('src/utils/index.js') const { copyObject } = require('src/utils/index.js')
const { get: getCacheInstance } = require('src/utils/cache.js') const { get: getCacheInstance } = require('src/utils/cache.js')
const { Success, InternalError, DataFormat, Forbidden, Unauthorized } = response.resp const { Success, InternalError, DataFormat, Unauthorized } =
response.resp
const controller = {} const controller = {}
module.exports = controller module.exports = controller
@ -56,8 +56,8 @@ controller.apiHandler = () => async (ctx, next) => {
ctx.resp = responseFunc.bind(ctx) ctx.resp = responseFunc.bind(ctx)
ctx.err = responseError ctx.err = responseError
ctx.getBody = key => (ctx.request.body || {})[key] ctx.getBody = (key) => (ctx.request.body || {})[key]
ctx.getFile = key => (ctx.request.files || {})[key] ctx.getFile = (key) => (ctx.request.files || {})[key]
// run next // run next
try { try {
@ -87,16 +87,32 @@ controller.apiHandler = () => async (ctx, next) => {
* data validate middleware * data validate middleware
* @param {{query?: any, header?: any, body?: any}} schema body,query and header is joi.Schema * @param {{query?: any, header?: any, body?: any}} schema body,query and header is joi.Schema
*/ */
controller.validate = schema => { controller.validate = (schema) => {
if (typeof schema !== 'object') responseError(InternalError) if (typeof schema !== 'object') responseError(InternalError)
const v = {} const v = {}
if ('body' in schema) v.body = joi.isSchema(schema.body) ? schema.body : joi.object(schema.body).unknown() if ('body' in schema) {
if ('header' in schema) v.header = joi.isSchema(schema.header) ? schema.header : joi.object(schema.header).unknown() v.body = joi.isSchema(schema.body)
if ('query' in schema) v.query = joi.isSchema(schema.query) ? schema.query : joi.object(schema.query).unknown() ? schema.body
: joi.object(schema.body).unknown()
}
if ('header' in schema) {
v.header = joi.isSchema(schema.header)
? schema.header
: joi.object(schema.header).unknown()
}
if ('query' in schema) {
v.query = joi.isSchema(schema.query)
? schema.query
: joi.object(schema.query).unknown()
}
return async (ctx, next) => { return async (ctx, next) => {
try { try {
await joi.object(v).unknown().validateAsync({ query: ctx.query, header: ctx.headers, body: ctx.request.body }) await joi.object(v).unknown().validateAsync({
query: ctx.query,
header: ctx.headers,
body: ctx.request.body
})
} catch (err) { } catch (err) {
debug(`data validate error: ${util.inspect(err, false, null)}`) debug(`data validate error: ${util.inspect(err, false, null)}`)
responseError(DataFormat) responseError(DataFormat)
@ -106,7 +122,6 @@ controller.validate = schema => {
} }
/** /**
* @param {boolean=} allowExpired
* @return {import('koa').Middleware} * @return {import('koa').Middleware}
*/ */
controller.authorization = () => { controller.authorization = () => {
@ -120,18 +135,21 @@ controller.authorization = () => {
try { try {
const strs = token.split(/\s/) const strs = token.split(/\s/)
debug(`Get Header: ${token}`) debug(`Get Header: ${token}`)
if (strs.length !== 2 || !/^bearer$/i.test(strs[0])) ctx.err(Unauthorized, response.codeMessage.CodeTokenInvalid); if (strs.length !== 2 || !/^bearer$/i.test(strs[0])) { ctx.err(Unauthorized, response.codeMessage.CodeTokenInvalid) }
[, ctx.token.origin] = strs [, ctx.token.origin] = strs
const decoded = {} const decoded = {}
const cache = getCacheInstance()
// cache not exists
if (!cache.get(ctx.token.origin)) ctx.err(Unauthorized)
try { try {
// 可以考慮這邊做個cache 多久之內存取不會到keycloak驗證 // 可以考慮這邊做個cache 多久之內存取不會到keycloak驗證
let userInfo = await sso.getUserInfo(ctx.token.origin) let userInfo = await sso.getUserInfo(ctx.token.origin)
if (!userInfo) { if (!userInfo) {
// try refresh // try refresh
const cache = getCacheInstance() const oldToken = ctx.token.origin
const refreshToken = cache.get(ctx.token.origin) const refreshToken = cache.get(ctx.token.origin)
if (!refreshToken) throw new Error('no cache data') if (!refreshToken) throw new Error('no cache data')
const token = await sso.refreshToken(refreshToken) const token = await sso.refreshToken(refreshToken)
@ -141,6 +159,7 @@ controller.authorization = () => {
userInfo = await sso.getUserInfo(token.access_token) userInfo = await sso.getUserInfo(token.access_token)
if (!userInfo) throw new Error('get user info fail') if (!userInfo) throw new Error('get user info fail')
cache.del(oldToken)
ctx.set('x-new-token', ctx.token.origin) ctx.set('x-new-token', ctx.token.origin)
} }

9806
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff