66 lines
1.8 KiB
Go
66 lines
1.8 KiB
Go
|
package app
|
||
|
|
||
|
import (
|
||
|
"forge.cadoles.com/Cadoles/emissary/internal/jwk"
|
||
|
"forge.cadoles.com/arcad/edge/pkg/app"
|
||
|
"forge.cadoles.com/arcad/edge/pkg/module"
|
||
|
"forge.cadoles.com/arcad/edge/pkg/module/auth"
|
||
|
"github.com/dop251/goja"
|
||
|
"github.com/pkg/errors"
|
||
|
)
|
||
|
|
||
|
const (
|
||
|
RoleVisitor string = "visitor"
|
||
|
RoleUser string = "user"
|
||
|
RoleSuperuser string = "superuser"
|
||
|
RoleAdmin string = "admin"
|
||
|
RoleSuperadmin string = "superadmin"
|
||
|
)
|
||
|
|
||
|
func authModule(keySet jwk.Set) app.ServerModuleFactory {
|
||
|
return module.Extends(
|
||
|
auth.ModuleFactory(
|
||
|
auth.WithJWT(func() (jwk.Set, error) {
|
||
|
return keySet, nil
|
||
|
}),
|
||
|
),
|
||
|
func(o *goja.Object) {
|
||
|
if err := o.Set("CLAIM_TENANT", "arcad_tenant"); err != nil {
|
||
|
panic(errors.New("could not set 'CLAIM_TENANT' property"))
|
||
|
}
|
||
|
|
||
|
if err := o.Set("CLAIM_ENTRYPOINT", "arcad_entrypoint"); err != nil {
|
||
|
panic(errors.New("could not set 'CLAIM_ENTRYPOINT' property"))
|
||
|
}
|
||
|
|
||
|
if err := o.Set("CLAIM_ROLE", "arcad_role"); err != nil {
|
||
|
panic(errors.New("could not set 'CLAIM_ROLE' property"))
|
||
|
}
|
||
|
|
||
|
if err := o.Set("CLAIM_PREFERRED_USERNAME", "preferred_username"); err != nil {
|
||
|
panic(errors.New("could not set 'CLAIM_PREFERRED_USERNAME' property"))
|
||
|
}
|
||
|
|
||
|
if err := o.Set("ROLE_VISITOR", RoleVisitor); err != nil {
|
||
|
panic(errors.New("could not set 'ROLE_VISITOR' property"))
|
||
|
}
|
||
|
|
||
|
if err := o.Set("ROLE_USER", RoleUser); err != nil {
|
||
|
panic(errors.New("could not set 'ROLE_USER' property"))
|
||
|
}
|
||
|
|
||
|
if err := o.Set("ROLE_SUPERUSER", RoleSuperuser); err != nil {
|
||
|
panic(errors.New("could not set 'ROLE_SUPERUSER' property"))
|
||
|
}
|
||
|
|
||
|
if err := o.Set("ROLE_ADMIN", RoleAdmin); err != nil {
|
||
|
panic(errors.New("could not set 'ROLE_ADMIN' property"))
|
||
|
}
|
||
|
|
||
|
if err := o.Set("ROLE_SUPERADMIN", RoleSuperadmin); err != nil {
|
||
|
panic(errors.New("could not set 'ROLE_SUPERADMIN' property"))
|
||
|
}
|
||
|
},
|
||
|
)
|
||
|
}
|