Jennie Robinson Faber
3187b5118b
The server catch-all route was intercepting /oidc/login and passing it to oidc-provider, which returned 404. Now it falls through to the Vue page router instead.
37 lines
1.2 KiB
TypeScript
37 lines
1.2 KiB
TypeScript
/**
|
|
* Catch-all route that delegates all /oidc/* requests to the oidc-provider.
|
|
*
|
|
* This exposes the standard OIDC endpoints:
|
|
* /oidc/auth — authorization
|
|
* /oidc/token — token exchange
|
|
* /oidc/me — userinfo
|
|
* /oidc/session/end — logout
|
|
* /oidc/jwks — JSON Web Key Set
|
|
*/
|
|
import { getOidcProvider } from "../../utils/oidc-provider.js";
|
|
|
|
export default defineEventHandler(async (event) => {
|
|
// Let Nuxt handle the /oidc/login page (Vue SPA route)
|
|
const path = event.path || getRequestURL(event).pathname;
|
|
if (path === "/oidc/login" || path.startsWith("/oidc/login?")) {
|
|
return;
|
|
}
|
|
|
|
const provider = await getOidcProvider();
|
|
const { req, res } = event.node;
|
|
|
|
// The provider's routes config includes the /oidc prefix,
|
|
// so pass the full path through without stripping.
|
|
|
|
// Traefik terminates TLS — tell the provider we're on https
|
|
req.headers["x-forwarded-proto"] = "https";
|
|
|
|
// Hand off to oidc-provider's Connect-style callback
|
|
const callback = provider.callback() as Function;
|
|
await new Promise<void>((resolve, reject) => {
|
|
callback(req, res, (err: unknown) => {
|
|
if (err) reject(err);
|
|
else resolve();
|
|
});
|
|
});
|
|
});
|