Implement OIDC login

2025-07-16 21:44:20 +02:00
parent f0c729cba7
commit 33c1e7278b
11 changed files with 385 additions and 37 deletions
--- a/packages/sshecret-frontend/src/store/auth.ts
+++ b/packages/sshecret-frontend/src/store/auth.ts
@ -3,6 +3,7 @@ import { defineStore } from 'pinia'
 import { client } from '@/client/client.gen'
 import { SshecretAdmin } from '@/client'
 import type { Token } from '@/client'
+import { assertSdkResponseOk } from '@/api/assertSdkResponseOk'

 export function setAuthToken(token: string | null) {
  client.setConfig({
@ -16,6 +17,7 @@ export const useAuthTokenStore = defineStore('authtoken', {
    refreshToken: '' as string,
    isLoggedIn: false,
    username: '' as string,
+    oidcUser: false as boolean,
  }),
  actions: {
    async login(username: string, password: string): Promise<boolean> {
@ -38,6 +40,15 @@ export const useAuthTokenStore = defineStore('authtoken', {
        return false
      }
    },
+    setToken(accessToken: string, refreshToken: string) {
+      this.accessToken = accessToken
+      this.refreshToken = refreshToken
+      this.isLoggedIn = true
+      localStorage.setItem('accessToken', accessToken)
+      localStorage.setItem('refreshToken', refreshToken)
+      setAuthToken(this.accessToken)
+
+    },
    async refresh(): Promise<boolean> {
      try {
        console.log("Refreshing token")
@ -57,6 +68,31 @@ export const useAuthTokenStore = defineStore('authtoken', {
        return false
      }
    },
+    async getUserInfo() {
+      try {
+        const response = await SshecretAdmin.getCurrentUserApiV1UsersMeGet()
+        const responseData = assertSdkResponseOk(response)
+        this.username = responseData.display_name
+        this.oidcUser = !responseData.local
+      } catch (err) {
+        console.log(err)
+        this.logout()
+      }
+    },
+    async getOidcProvider(): Promise<string | null> {
+      try {
+        const response = await SshecretAdmin.getAuthInfoApiV1OidcStatusGet()
+        const responseData = assertSdkResponseOk(response)
+        console.log(responseData)
+        if (responseData.enabled && responseData.oidc_provider) {
+          console.log('Yes')
+          return responseData.oidc_provider
+        }
+      } catch (err) {
+        console.log(err)
+      }
+      return null
+    },
    loadFromStorage() {
      // Load token from user storage.
      const accessToken = localStorage.getItem('accessToken')