denis/gremiumhub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

major: Rename legalconsenthub to gremiumhub
All checks were successful
CI/CD Pipeline / frontend (push) Successful in 5m52s
Details
CI/CD Pipeline / backend (push) Successful in 7m58s
Details
CI/CD Pipeline / deploy (push) Successful in 1s
Details

Browse Source
This commit is contained in:
Denis Lugowski
2026-03-16 10:28:32 +01:00
parent 52fe6b6392
commit afec157b35
326 changed files with 566 additions and 1004 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
legalconsenthub/server/routes/auth/keycloak.get.ts
View File

@@ -1,76 +0,0 @@
import { jwtDecode } from 'jwt-decode'
import type { KeycloakTokenPayload, Organization } from '~~/types/keycloak'
import { createLogger } from '~~/shared/utils/logger'
export default defineOAuthKeycloakEventHandler({
async onSuccess(event, { user, tokens }) {
const config = useRuntimeConfig()
const logger = createLogger({
level: config.public.logLevel,
tag: 'auth',
fancy: import.meta.env.MODE !== 'production'
})
const rawAccessToken = tokens?.access_token
let decodedJwt: KeycloakTokenPayload | null = null
try {
decodedJwt = jwtDecode<KeycloakTokenPayload>(rawAccessToken!)
} catch (err) {
logger.warn('Failed to decode access token:', err)
}
const organizations = decodedJwt ? extractOrganizations(decodedJwt) : []
const roles = decodedJwt ? extractRoles(decodedJwt, config.oauth.keycloak.clientId) : []
await setUserSession(event, {
user: {
keycloakId: user.sub,
name: user.preferred_username,
organizations,
roles
},
jwt: {
accessToken: tokens.access_token,
refreshToken: tokens.refresh_token,
expiresIn: tokens.expires_in
},
loggedInAt: Date.now()
})
return sendRedirect(event, '/callback')
},
onError(event) {
const config = useRuntimeConfig()
const logger = createLogger({
level: config.public.logLevel,
tag: 'auth'
})
logger.error('Error during keycloak authentication')
return sendRedirect(event, '/login')
}
})
function extractOrganizations(decoded: KeycloakTokenPayload): Organization[] {
const organizations: Organization[] = []
const orgClaim = decoded?.organization ?? null
if (orgClaim && typeof orgClaim === 'object') {
Object.entries(orgClaim).forEach(([name, meta]) => {
if (!name || !meta?.id) return
organizations.push({
name: name,
id: meta.id
})
})
}
return organizations
}
function extractRoles(decoded: KeycloakTokenPayload, clientId: string): string[] {
return decoded?.resource_access?.[clientId]?.roles ?? []
}