Jennie Robinson Faber
a055874680
Configure oidc-provider routes with explicit /oidc prefix so the discovery document and token endpoints resolve correctly. Previously the catch-all stripped the prefix, causing the provider to generate URLs without it.
28 lines
922 B
TypeScript
28 lines
922 B
TypeScript
/**
|
|
* Catch-all route that delegates all /oidc/* requests to the oidc-provider.
|
|
*
|
|
* This exposes the standard OIDC endpoints:
|
|
* /oidc/auth — authorization
|
|
* /oidc/token — token exchange
|
|
* /oidc/me — userinfo
|
|
* /oidc/session/end — logout
|
|
* /oidc/jwks — JSON Web Key Set
|
|
*/
|
|
import { getOidcProvider } from "../../utils/oidc-provider.js";
|
|
|
|
export default defineEventHandler(async (event) => {
|
|
const provider = await getOidcProvider();
|
|
const { req, res } = event.node;
|
|
|
|
// The provider's routes config includes the /oidc prefix,
|
|
// so pass the full path through without stripping.
|
|
|
|
// Hand off to oidc-provider's Connect-style callback
|
|
const callback = provider.callback() as Function;
|
|
await new Promise<void>((resolve, reject) => {
|
|
callback(req, res, (err: unknown) => {
|
|
if (err) reject(err);
|
|
else resolve();
|
|
});
|
|
});
|
|
});
|