planka/server/api/controllers/access-tokens/exchange.js

const { getRemoteAddress } = require('../../../utils/remoteAddress');

const Errors = {
  INVALID_TOKEN: {
    invalidToken: 'Invalid token',
  },
  EMAIL_ALREADY_IN_USE: {
    emailAlreadyInUse: 'Email already in use',
  },
  USERNAME_ALREADY_IN_USE: {
    usernameAlreadyInUse: 'Username already in use',
  },
  MISSING_VALUES: {
    missingValues: 'Unable to retrieve required values (email, name)',
  },
};

module.exports = {
  inputs: {
    token: {
      type: 'string',
      required: true,
    },
  },

  exits: {
    invalidToken: {
      responseType: 'unauthorized',
    },
    emailAlreadyInUse: {
      responseType: 'conflict',
    },
    usernameAlreadyInUse: {
      responseType: 'conflict',
    },
    missingValues: {
      responseType: 'unprocessableEntity',
    },
  },

  async fn(inputs) {
    const remoteAddress = getRemoteAddress(this.req);

    const user = await sails.helpers.users
      .getOrCreateOneByOidcToken(inputs.token)
      .intercept('invalidToken', () => {
        sails.log.warn(`Invalid token! (IP: ${remoteAddress})`);
        return Errors.INVALID_TOKEN;
      })
      .intercept('emailAlreadyInUse', () => Errors.EMAIL_ALREADY_IN_USE)
      .intercept('usernameAlreadyInUse', () => Errors.USERNAME_ALREADY_IN_USE)
      .intercept('missingValues', () => Errors.MISSING_VALUES);

    const accessToken = sails.helpers.utils.createToken(user.id);

    await Session.create({
      accessToken,
      remoteAddress,
      userId: user.id,
      userAgent: this.req.headers['user-agent'],
    });

    return {
      item: accessToken,
    };
  },
};
feat: OIDC with PKCE flow (#491) 2023-09-04 10:06:59 -05:00			`const { getRemoteAddress } = require('../../../utils/remoteAddress');`

			`const Errors = {`
			`INVALID_TOKEN: {`
fix: OIDC finalization and refactoring 2023-10-17 19:18:19 +02:00			`invalidToken: 'Invalid token',`
			`},`
			`EMAIL_ALREADY_IN_USE: {`
			`emailAlreadyInUse: 'Email already in use',`
			`},`
			`USERNAME_ALREADY_IN_USE: {`
			`usernameAlreadyInUse: 'Username already in use',`
feat: OIDC with PKCE flow (#491) 2023-09-04 10:06:59 -05:00			`},`
			`MISSING_VALUES: {`
fix: OIDC finalization and refactoring 2023-10-17 19:18:19 +02:00			`missingValues: 'Unable to retrieve required values (email, name)',`
feat: OIDC with PKCE flow (#491) 2023-09-04 10:06:59 -05:00			`},`
			`};`

			`module.exports = {`
			`inputs: {`
			`token: {`
			`type: 'string',`
			`required: true,`
			`},`
			`},`

			`exits: {`
			`invalidToken: {`
			`responseType: 'unauthorized',`
			`},`
fix: OIDC finalization and refactoring 2023-10-17 19:18:19 +02:00			`emailAlreadyInUse: {`
			`responseType: 'conflict',`
			`},`
			`usernameAlreadyInUse: {`
			`responseType: 'conflict',`
			`},`
feat: OIDC with PKCE flow (#491) 2023-09-04 10:06:59 -05:00			`missingValues: {`
fix: OIDC finalization and refactoring 2023-10-17 19:18:19 +02:00			`responseType: 'unprocessableEntity',`
feat: OIDC with PKCE flow (#491) 2023-09-04 10:06:59 -05:00			`},`
			`},`

			`async fn(inputs) {`
fix: OIDC finalization and refactoring 2023-10-17 19:18:19 +02:00			`const remoteAddress = getRemoteAddress(this.req);`
feat: OIDC with PKCE flow (#491) 2023-09-04 10:06:59 -05:00
fix: OIDC finalization and refactoring 2023-10-17 19:18:19 +02:00			`const user = await sails.helpers.users`
			`.getOrCreateOneByOidcToken(inputs.token)`
			`.intercept('invalidToken', () => {`
			sails.log.warn(`Invalid token! (IP: ${remoteAddress})`);
			`return Errors.INVALID_TOKEN;`
			`})`
			`.intercept('emailAlreadyInUse', () => Errors.EMAIL_ALREADY_IN_USE)`
			`.intercept('usernameAlreadyInUse', () => Errors.USERNAME_ALREADY_IN_USE)`
			`.intercept('missingValues', () => Errors.MISSING_VALUES);`
feat: OIDC with PKCE flow (#491) 2023-09-04 10:06:59 -05:00
fix: OIDC finalization and refactoring 2023-10-17 19:18:19 +02:00			`const accessToken = sails.helpers.utils.createToken(user.id);`
feat: OIDC with PKCE flow (#491) 2023-09-04 10:06:59 -05:00
			`await Session.create({`
fix: OIDC finalization and refactoring 2023-10-17 19:18:19 +02:00			`accessToken,`
feat: OIDC with PKCE flow (#491) 2023-09-04 10:06:59 -05:00			`remoteAddress,`
			`userId: user.id,`
			`userAgent: this.req.headers['user-agent'],`
			`});`

			`return {`
fix: OIDC finalization and refactoring 2023-10-17 19:18:19 +02:00			`item: accessToken,`
feat: OIDC with PKCE flow (#491) 2023-09-04 10:06:59 -05:00			`};`
			`},`
			`};`