Skip to content

Commit

Permalink
Merge pull request #47 from walnuts1018/46-refresh-token
Browse files Browse the repository at this point in the history
46 refresh token
  • Loading branch information
walnuts1018 authored Nov 6, 2023
2 parents 0f8086a + 12ee6c6 commit edca944
Show file tree
Hide file tree
Showing 7 changed files with 61 additions and 16 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/back-test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,7 @@ permissions:
contents: read

jobs:
test:
name: Test
backend-tests:
runs-on: ubuntu-latest
steps:
- name: Check out code
Expand All @@ -31,6 +30,7 @@ jobs:
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
if: github.ref == 'refs/heads/main'
with:
token: ${{ secrets.CODECOV_TOKEN }}
files: cover.out
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/docker-back.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ on:
workflow_dispatch:

jobs:
ImageBuild:
BackImageBuild:
name: Build openchokin/back Custom Docker Image
runs-on: ubuntu-latest
steps:
Expand Down Expand Up @@ -62,7 +62,7 @@ jobs:
SucceessNotification:
if: ${{ success() }}
name: Send Success Message
needs: [ImageBuild]
needs: [BackImageBuild]
runs-on: ubuntu-latest
steps:
- name: Send Message to Slack
Expand All @@ -80,7 +80,7 @@ jobs:
FailureAlert:
if: ${{ failure() }}
name: Notify failure
needs: [ImageBuild]
needs: [BackImageBuild]
runs-on: ubuntu-latest
steps:
- name: Send Failure Alert to Slack
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/docker-front.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ on:
workflow_dispatch:

jobs:
ImageBuild:
FrontImageBuild:
name: Build openchokin/front Docker Image
runs-on: ubuntu-latest
steps:
Expand Down Expand Up @@ -53,7 +53,7 @@ jobs:
SucceessNotification:
if: ${{ success() }}
name: Send Success Message
needs: [ImageBuild]
needs: [FrontImageBuild]
runs-on: ubuntu-latest
steps:
- name: Send Message to Slack
Expand All @@ -71,7 +71,7 @@ jobs:
FailureAlert:
if: ${{ failure() }}
name: Notify failure
needs: [ImageBuild]
needs: [FrontImageBuild]
runs-on: ubuntu-latest
steps:
- name: Send Failure Alert to Slack
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/front-test.yaml
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
name: Frontend Tests
on:
pull_request:
workflow_dispatch:
pull_request:
jobs:
build:
frontend-buildtests:
runs-on: ubuntu-latest
steps:
- name: checkout
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/lint.yaml
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
name: Lint
on:
pull_request:
workflow_dispatch:
pull_request:
jobs:
build:
frontend-lint:
runs-on: ubuntu-latest
steps:
- name: checkout
Expand Down
51 changes: 47 additions & 4 deletions front/src/app/api/auth/[...nextauth]/options.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ export const authOptions: NextAuthOptions = {
clientId: process.env.ZITADEL_CLIENT_ID as string,
clientSecret: process.env.ZITADEL_CLIENT_SECRET as string,
issuer: process.env.ZITADEL_URL,
authorization: { params: { scope: "openid email profile offline_access" } },
}),
],
callbacks: {
Expand All @@ -23,26 +24,68 @@ export const authOptions: NextAuthOptions = {
account?: any;
profile?: any;
isNewUser?: boolean;
session?: any;
}) => {
//console.log("JWT Callback token", token);
if (user) {
token.user = user;
const u = user as any;
token.role = u.role;
token.role = user.role;
}
if (account) {
token.accessToken = account.access_token;
token.refreshToken = account.refresh_token;
token.idToken = account.id_token;
token.expiresAt = account.expires_at;
}
else if (new Date() > new Date(token.expiresAt as number * 1000)) {
try {
const { id_token, refresh_token, expires_at } = await refreshIDToken(token.refreshToken as string);
token.idToken = id_token;
token.refreshToken = refresh_token;
token.expiresAt = expires_at;
console.log("Refreshed token");
} catch (e) {
console.error(e);
return { ...token, error: "RefreshAccessTokenError" as const }
}
}
//console.debug(token);
return token;
},
session: ({ session, token }: { token: JWT; session?: any }) => {
session.user.role = token.role;
session.user.idToken = token.idToken;
session.user.sub = token.sub;
//console.debug(session);
return session;
},
},
pages: {
signIn: '/signin',
},
};


const refreshIDToken = async (refreshToken: string) => {
const response = await fetch(`${process.env.ZITADEL_URL}/oauth/v2/token`, {
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded",
},
body: new URLSearchParams({
grant_type: "refresh_token",
client_id: process.env.ZITADEL_CLIENT_ID as string,
client_secret: process.env.ZITADEL_CLIENT_SECRET as string,
refresh_token: refreshToken,
}),
});
const data = await response.json();
//console.log("Data:", data);
if (!response.ok) {
throw new Error(data.error_description || data.error || "Unknown error");
}

return {
id_token: data.id_token,
refresh_token: data.refresh_token,
expires_at: data.expires_at,
}
}
2 changes: 2 additions & 0 deletions front/src/app/next-auth.d.ts
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ import { DefaultSession } from "next-auth";
declare module "next-auth" {
interface Session {
user: {
refreshToken?: string;
exiresAt?: Date
idToken?: string;
sub?: string;
} & DefaultSession["user"];
Expand Down

0 comments on commit edca944

Please sign in to comment.