82 lines
3.2 KiB
TypeScript
82 lines
3.2 KiB
TypeScript
import * as plugins from './plugins.js';
|
|
import * as paths from './paths.js';
|
|
import { Reception } from './reception/classes.reception.js';
|
|
|
|
export const runCli = async () => {
|
|
const serviceQenv = new plugins.qenv.Qenv('./', './.nogit', false);
|
|
|
|
// Create reception first so we can reference it in routes
|
|
let reception: Reception;
|
|
|
|
const websiteServer = new plugins.typedserver.utilityservers.UtilityWebsiteServer({
|
|
feedMetadata: null,
|
|
domain: 'idp.global',
|
|
serveDir: paths.distWebDir,
|
|
securityHeaders: {
|
|
csp: {
|
|
defaultSrc: "'self'",
|
|
scriptSrc: ["'self'", "'unsafe-inline'", "'unsafe-eval'", "https://cdn.paddle.com", "https://public.profitwell.com"],
|
|
styleSrc: ["'self'", "'unsafe-inline'", "https://cdn.paddle.com", "https://assetbroker.lossless.one"],
|
|
imgSrc: ["'self'", "data:", "https:"],
|
|
fontSrc: ["'self'", "data:"],
|
|
connectSrc: ["'self'", "https://*.paddle.com", "https://buy.paddle.com", "https://checkout.paddle.com", "https://checkout-service.paddle.com", "https://cdn.paddle.com", "https://*.sentry.io", "https://public.profitwell.com", "wss:"],
|
|
frameSrc: ["https://buy.paddle.com", "https://checkout.paddle.com", "https://*.paddle.com"],
|
|
},
|
|
},
|
|
addCustomRoutes: async (typedserver) => {
|
|
// Enable SPA fallback - serves index.html for non-file routes (e.g., /login, /dashboard)
|
|
typedserver.options.spaFallback = true;
|
|
|
|
// OIDC Discovery endpoint
|
|
typedserver.addRoute('/.well-known/openid-configuration', 'GET', async (req) => {
|
|
return new Response(JSON.stringify(reception.oidcManager.getDiscoveryDocument()), {
|
|
headers: { 'Content-Type': 'application/json' },
|
|
});
|
|
});
|
|
|
|
// JWKS endpoint
|
|
typedserver.addRoute('/.well-known/jwks.json', 'GET', async (req) => {
|
|
return new Response(JSON.stringify(reception.oidcManager.getJwks()), {
|
|
headers: { 'Content-Type': 'application/json' },
|
|
});
|
|
});
|
|
|
|
// OAuth Authorization endpoint
|
|
typedserver.addRoute('/oauth/authorize', 'GET', async (req) => {
|
|
return reception.oidcManager.handleAuthorize(req);
|
|
});
|
|
|
|
// OAuth Token endpoint
|
|
typedserver.addRoute('/oauth/token', 'POST', async (req) => {
|
|
return reception.oidcManager.handleToken(req);
|
|
});
|
|
|
|
// OAuth UserInfo endpoint (GET and POST)
|
|
typedserver.addRoute('/oauth/userinfo', 'GET', async (req) => {
|
|
return reception.oidcManager.handleUserInfo(req);
|
|
});
|
|
typedserver.addRoute('/oauth/userinfo', 'POST', async (req) => {
|
|
return reception.oidcManager.handleUserInfo(req);
|
|
});
|
|
|
|
// OAuth Revocation endpoint
|
|
typedserver.addRoute('/oauth/revoke', 'POST', async (req) => {
|
|
return reception.oidcManager.handleRevoke(req);
|
|
});
|
|
},
|
|
});
|
|
|
|
// lets add the reception routes
|
|
reception = new Reception({
|
|
name: (await serviceQenv.getEnvVarOnDemand('INSTANCE_NAME')) || 'idp.global',
|
|
mongoDescriptor: {
|
|
mongoDbUrl: await serviceQenv.getEnvVarOnDemand('MONGODB_URL'),
|
|
},
|
|
websiteServer: websiteServer,
|
|
baseUrl: await serviceQenv.getEnvVarOnDemand('IDP_BASEURL'),
|
|
});
|
|
await reception.start();
|
|
|
|
await websiteServer.start(2999);
|
|
};
|