feat: add feature to disable endpoints

Author: macropygia

.changeset/silly-crabs-cover.md

@@ -0,0 +1,5 @@
+---
+"elysia-openid-client": patch
+---
+
+Add feature to disable endpoints

.changeset/smooth-buckets-heal.md

@@ -2,4 +2,4 @@
 "elysia-openid-client": patch
 ---
 
-Remove `scope` option and fix scope to `scoped`
+**[BREAKING CHANGE]** Remove `scope` option and fix scope to `scoped`

.changeset/tame-pugs-draw.md

@@ -0,0 +1,5 @@
+---
+"elysia-openid-client": patch
+---
+
+**[BREAKING CHANGE]** Fix multiple issuer support

README.md

@@ -4,7 +4,8 @@
 
 [OpenID Connect](https://openid.net/) client (RP, Relying Party) plugin for [ElysiaJS](https://elysiajs.com/), wrapping [openid-client](https://github.com/panva/node-openid-client).
 
-**Currently under early development. All specifications are subject to change without notice, including those involving breaking changes.**
+**Currently under early development.  
+All specifications are subject to change without notice, including those involving breaking changes.**
 
 ## Overview
 

__mock__/const.ts

@@ -82,31 +82,33 @@ export const mockIdTokenExpiredClaims = {
   sub: "mock-sub",
 };
 
+export const mockSessionId = "mock-session-id";
+
 export const mockLoginSession: OIDCClientSession = {
-  sessionId: "mock-session-id",
+  sessionId: mockSessionId,
   codeVerifier: "mock-code-verifier",
   state: "mock-state",
   nonce: "mock-nonce",
   sessionExpiresAt: 5000000000000,
 };
 
 export const mockActiveSession: OIDCClientActiveSession = {
-  sessionId: "mock-session-id",
+  sessionId: mockSessionId,
   idToken: "mock-id-token",
   accessToken: "mock-access-token",
   refreshToken: "mock-refresh-token",
   sessionExpiresAt: 5000000000000,
 };
 
 export const mockActiveSessionWithoutRefreshToken: OIDCClientActiveSession = {
-  sessionId: "mock-session-id",
+  sessionId: mockSessionId,
   idToken: "mock-id-token",
   accessToken: "mock-access-token",
   sessionExpiresAt: 5000000000000,
 };
 
 export const mockActiveSessionWithRealIdToken: OIDCClientActiveSession = {
-  sessionId: "mock-session-id",
+  sessionId: mockSessionId,
   idToken: mockIdToken,
   accessToken: "mock-access-token",
   refreshToken: "mock-refresh-token",
@@ -130,13 +132,13 @@ export const mockActiveSessionWithRealIdTokenExpired: OIDCClientActiveSession =
 export const mockPostInit = (sid?: string): RequestInit => ({
   method: "POST",
   headers: {
-    Cookie: `${defaultCookieSettings.sessionIdName}=${sid || "mock-sid"}`,
+    Cookie: `${defaultCookieSettings.sessionIdName}=${sid || mockSessionId}`,
   },
 });
 
 export const mockGetInit = (sid?: string): RequestInit => ({
   headers: {
-    Cookie: `${defaultCookieSettings.sessionIdName}=${sid || "mock-sid"}`,
+    Cookie: `${defaultCookieSettings.sessionIdName}=${sid || mockSessionId}`,
   },
 });
 
@@ -170,8 +172,11 @@ export const mockBaseClient = {
   logger: mockLogger,
   initialized: true,
   client: {},
+  clients: {},
   sessions: mock(),
 } as DeepPartial<OidcClient> as OidcClient;
+mockBaseClient.clients["https://op.example.com"] = mockBaseClient.client;
+mockBaseClient.clients[`http://localhost:${opPort}`] = mockBaseClient.client;
 
 export const mockCookie = {
   [defaultCookieSettings.sessionIdName]: {

elysia-openid-client-0.1.10.tgz

@@ -84,7 +84,7 @@ export const defaultLoggerOptions: Record<string, LoggerOptions> = {
   },
 };
 
-export const sessionDataTypeBox = t.Object({
+export const sessionTypeBox = t.Object({
   sessionId: t.String(),
   sessionExpiresAt: t.Number(),
   idToken: t.String(),

src/const.ts

@@ -5,6 +5,7 @@ import {
   mockBaseClient,
   mockLoginSession,
   mockResetRecursively,
+  mockSessionId,
   rpPort,
 } from "@mock/const";
 import Elysia from "elysia";
@@ -48,17 +49,17 @@ describe("Unit/endpoints/callbackEndpoint", () => {
 
   test.each([
     {
-      sessionId: "mock-sid",
+      sessionId: mockSessionId,
       state: "mock-state",
       nonce: "mock-nonce",
     },
     {
-      sessionId: "mock-sid",
+      sessionId: mockSessionId,
       codeVerifier: "mock-verifier",
       nonce: "mock-nonce",
     },
     {
-      sessionId: "mock-sid",
+      sessionId: mockSessionId,
       codeVerifier: "mock-verifier",
       state: "mock-state",
     },

src/endpoints/callbackEndpoint.test.ts

@@ -19,6 +19,11 @@ export function callbackEndpoint(this: OidcClient) {
     authParams: { redirect_uri },
     logger,
   } = this;
+
+  if (!callbackPath) {
+    return new Elysia();
+  }
+
   const callbackCompletedPath = settings.callbackCompletedPath.startsWith("/")
     ? `${baseUrl}${settings.callbackCompletedPath}`
     : settings.callbackCompletedPath;
@@ -64,8 +69,10 @@ export function callbackEndpoint(this: OidcClient) {
         }
 
         extendCookieExpiration(this, cookie);
+
         logger?.debug(`Redirect to: ${callbackCompletedPath}`);
         set.redirect = callbackCompletedPath;
+
         return;
       } catch (e: unknown) {
         logger?.warn("endpoints/callback: Throw exception");

src/endpoints/callbackEndpoint.ts

@@ -22,7 +22,7 @@ describe("Unit/endpoints/claimsEndpoint", () => {
 
   test("Succeeded", async () => {
     const app = new Elysia()
-      .resolve(() => ({ sessionData: mockActiveSessionWithRealIdToken }))
+      .resolve(() => ({ session: mockActiveSessionWithRealIdToken }))
       .use(endpoint.call(mockBaseClient));
     const response = await app
       .handle(new Request(`http://localhost${path}`, mockPostInit()))
@@ -36,7 +36,7 @@ describe("Unit/endpoints/claimsEndpoint", () => {
     mockBaseClient.fetchSession = mock().mockReturnValue(null);
 
     const app = new Elysia()
-      .resolve(() => ({ sessionData: null }))
+      .resolve(() => ({ session: null }))
       .use(endpoint.call(mockBaseClient));
     const response = await app
       .handle(new Request(`http://localhost${path}`, mockPostInit()))

src/endpoints/claimsEndpoint.test.ts

@@ -1,4 +1,4 @@
-import { sessionDataTypeBox } from "@/const";
+import { sessionTypeBox } from "@/const";
 import type { OidcClient } from "@/core/OidcClient";
 import type { OIDCClientActiveSession } from "@/types";
 import { getClaimsFromIdToken } from "@/utils/getClaimsFromIdToken";
@@ -16,17 +16,20 @@ export function claimsEndpoint(this: OidcClient) {
     logger,
   } = this;
 
+  if (!claimsPath) {
+    return new Elysia();
+  }
+
   return new Elysia()
     .decorate({
-      sessionData: sessionDataTypeBox,
+      session: sessionTypeBox,
     })
     .all(
       claimsPath,
-      ({ set, sessionData }) => {
+      ({ set, session }) => {
         logger?.trace("endpoints/claims");
 
-        const currentSession =
-          sessionData as unknown as OIDCClientActiveSession;
+        const currentSession = session as unknown as OIDCClientActiveSession;
 
         if (!currentSession) {
           logger?.warn("Session data does not exist");

src/endpoints/claimsEndpoint.ts

@@ -22,7 +22,7 @@ describe("Unit/endpoints/introspectEndpoint", () => {
 
   test("Succeeded", async () => {
     const app = new Elysia()
-      .resolve(() => ({ sessionData: mockActiveSession }))
+      .resolve(() => ({ session: mockActiveSession }))
       .use(endpoint.call(mockBaseClient));
     const response = await app.handle(
       new Request(`http://localhost${path}`, mockGetInit()),
@@ -36,7 +36,7 @@ describe("Unit/endpoints/introspectEndpoint", () => {
 
   test("Session missing", async () => {
     const app = new Elysia()
-      .resolve(() => ({ sessionData: null }))
+      .resolve(() => ({ session: null }))
       .use(endpoint.call(mockBaseClient));
     const response = await app.handle(
       new Request(`http://localhost${path}`, mockGetInit()),
@@ -55,7 +55,7 @@ describe("Unit/endpoints/introspectEndpoint", () => {
     };
 
     const app = new Elysia()
-      .resolve(() => ({ sessionData: mockActiveSession }))
+      .resolve(() => ({ session: mockActiveSession }))
       .use(endpoint.call(mockBaseClient));
     const response = await app
       .handle(new Request(`http://localhost${path}`))

src/endpoints/introspectEndpoint.test.ts

@@ -1,4 +1,4 @@
-import { sessionDataTypeBox } from "@/const";
+import { sessionTypeBox } from "@/const";
 import type { OidcClient } from "@/core/OidcClient";
 import type { OIDCClientActiveSession } from "@/types";
 import { handleErrorResponse } from "@/utils/handleErrorResponse";
@@ -15,17 +15,20 @@ export function introspectEndpoint(this: OidcClient) {
     logger,
   } = this;
 
+  if (!introspectPath) {
+    return new Elysia();
+  }
+
   return new Elysia()
     .decorate({
-      sessionData: sessionDataTypeBox,
+      session: sessionTypeBox,
     })
     .all(
       introspectPath,
-      async ({ set, cookie, sessionData }) => {
+      async ({ set, cookie, session }) => {
         logger?.trace("endpoints/introspect");
 
-        const currentSession =
-          sessionData as unknown as OIDCClientActiveSession;
+        const currentSession = session as unknown as OIDCClientActiveSession;
 
         try {
           if (!currentSession) {

src/endpoints/introspectEndpoint.ts

@@ -1,6 +1,11 @@
 import { beforeEach, describe, expect, mock, test } from "bun:test";
 import { defaultSettings } from "@/const";
-import { mockBaseClient, mockResetRecursively, opPort } from "@mock/const";
+import {
+  mockBaseClient,
+  mockResetRecursively,
+  mockSessionId,
+  opPort,
+} from "@mock/const";
 import Elysia from "elysia";
 import setCookie from "set-cookie-parser";
 import { loginEndpoint } from "./loginEndpoint";
@@ -13,7 +18,7 @@ describe("Unit/endpoints/loginEndpoint", () => {
   beforeEach(() => {
     mockResetRecursively(mockBaseClient);
     mockBaseClient.createSession = mock().mockReturnValue([
-      "mock-sid",
+      mockSessionId,
       `http://localhost:${opPort}/authorization`,
     ]);
   });
@@ -32,7 +37,7 @@ describe("Unit/endpoints/loginEndpoint", () => {
       response.headers.get("set-cookie") as string,
     )[0];
     expect(cookie.name).toBe("__Host-sid");
-    expect(cookie.value).toBe("mock-sid");
+    expect(cookie.value).toBe(mockSessionId);
     expect(cookie.path).toBe("/");
     expect((cookie.expires as Date) > new Date()).toBeTruthy();
     expect(cookie.httpOnly).toBe(true);

src/endpoints/loginEndpoint.test.ts

@@ -22,6 +22,10 @@ export function loginEndpoint(this: OidcClient) {
     logger,
   } = this;
 
+  if (!loginPath) {
+    return new Elysia();
+  }
+
   return new Elysia().get(
     loginPath,
     async ({ cookie, set }) => {

src/endpoints/loginEndpoint.ts

@@ -17,6 +17,10 @@ export function logoutEndpoint(this: OidcClient) {
     logger,
   } = this;
 
+  if (!logoutPath) {
+    return new Elysia();
+  }
+
   const logoutCompletedUrl = logoutCompletedPath.startsWith("/")
     ? `${baseUrl}${logoutCompletedPath}`
     : logoutCompletedPath;

src/endpoints/logoutEndpoint.ts

@@ -16,6 +16,10 @@ export function refreshEndpoint(this: OidcClient) {
     logger,
   } = this;
 
+  if (!refreshPath) {
+    return new Elysia();
+  }
+
   return new Elysia().all(
     refreshPath,
     async ({ set, cookie }) => {

src/endpoints/refreshEndpoint.ts

@@ -1,4 +1,4 @@
-import { sessionDataTypeBox } from "@/const";
+import { sessionTypeBox } from "@/const";
 import type { OidcClient } from "@/core/OidcClient";
 import type { OIDCClientActiveSession } from "@/types";
 import { handleErrorResponse } from "@/utils/handleErrorResponse";
@@ -17,13 +17,17 @@ export function resourceEndpoint(this: OidcClient) {
     logger,
   } = this;
 
+  if (!resourcePath) {
+    return new Elysia();
+  }
+
   return new Elysia()
     .decorate({
-      sessionData: sessionDataTypeBox,
+      session: sessionTypeBox,
     })
     .get(
       resourcePath,
-      ({ query, cookie, set, sessionData }) => {
+      ({ query, cookie, set, session }) => {
         logger?.trace("endpoints/resource");
 
         if (!query.url) {
@@ -32,8 +36,7 @@ export function resourceEndpoint(this: OidcClient) {
           return;
         }
 
-        const currentSession =
-          sessionData as unknown as OIDCClientActiveSession;
+        const currentSession = session as unknown as OIDCClientActiveSession;
 
         try {
           if (!currentSession) {

src/endpoints/resourceEndpoint.ts

@@ -14,6 +14,10 @@ export function revokeEndpoint(this: OidcClient) {
     logger,
   } = this;
 
+  if (!revokePath) {
+    return new Elysia();
+  }
+
   return new Elysia().all(
     revokePath,
     async ({ set, cookie }) => {
@@ -30,7 +34,7 @@ export function revokeEndpoint(this: OidcClient) {
         await this.client.revoke(staleSession.idToken);
 
         const { sessionId } = staleSession;
-        logger?.debug(`Revoke complete: ${sessionId}`);
+        logger?.debug(`Revoke completed: ${sessionId.slice(0, 8)}`);
         this.deleteSession(sessionId);
         // deleteCookie(this, cookie);
 

src/endpoints/revokeEndpoint.ts

@@ -22,7 +22,7 @@ describe("Unit/endpoints/statusEndpoint", () => {
 
   test("Succeeded", async () => {
     const app = new Elysia()
-      .resolve(() => ({ sessionData: mockActiveSessionWithRealIdToken }))
+      .resolve(() => ({ session: mockActiveSessionWithRealIdToken }))
       .use(endpoint.call(mockBaseClient));
 
     const response = await app
@@ -37,7 +37,7 @@ describe("Unit/endpoints/statusEndpoint", () => {
 
   test("Session data does not exist", async () => {
     const app = new Elysia()
-      .resolve(() => ({ sessionData: null }))
+      .resolve(() => ({ session: null }))
       .use(endpoint.call(mockBaseClient));
     const response = await app
       .handle(new Request(`http://localhost${path}`, mockPostInit()))