userinfo lookup

Author: NextFire

main.ts

@@ -44,10 +44,9 @@ app.get(`${API_PREFIX}/login`, async (c) => {
 
 app.get(`${API_PREFIX}/callback`, async (c) => {
   const accessToken = await getOIDCAccessToken(c.req.query("code")!);
-  console.log(accessToken);
+  const data = await getUserinfo(accessToken);
 
-
-  const [_header, _payload, _signature] = decode(accessToken);
+  const [_header, _payload, _signature] = decode(data);
   console.debug(_payload);
   const { preferred_username: username, groups: oidc_groups } = _payload as {
     preferred_username: string;
@@ -74,7 +73,11 @@ app.get(`${API_PREFIX}/callback`, async (c) => {
   return c.redirect("/");
 });
 
-let oidcConfig: { authorization_endpoint: string; token_endpoint: string };
+let oidcConfig: {
+  authorization_endpoint: string;
+  token_endpoint: string;
+  userinfo_endpoint: string;
+};
 async function getOIDCConfig() {
   if (!oidcConfig) {
     const resp = await fetch(OIDC_CONFIG_URL);
@@ -101,6 +104,14 @@ async function getOIDCAccessToken(code: string) {
   return json.access_token as string;
 }
 
+async function getUserinfo(accessToken: string) {
+  const config = await getOIDCConfig();
+  const resp = await fetch(config.userinfo_endpoint, {
+    headers: { Authorization: `Bearer ${accessToken}` },
+  });
+  return await resp.json();
+}
+
 async function createToken() {
   const resp = await fetch(`${SFTPGO_WEB_URL}/api/v2/token`, {
     headers: { Authorization: `Basic ${SFTPGO_ADMIN_BASICAUTH}` },