Ronni Baslund
17ffd95a70
Upgrade both Nuxt apps to Nuxt 4.4.6 (vue-tsc 3, TypeScript 5.6, undici 7) and add a root tsconfig.json to each app. Fix the strict-null / noUncheckedIndexedAccess errors surfaced by Nuxt 4's stricter generated tsconfig and vue-tsc 3. Drop the nuxt-oidc-auth pnpm patch (Nuxt 4 fixes the prepare:types crash natively).
32 lines
1.2 KiB
TypeScript
32 lines
1.2 KiB
TypeScript
// Throwaway verification endpoint mirroring the operator one. Decodes the
|
|
// portal access token from the nuxt-oidc-auth session and echoes the claims
|
|
// that matter (iss/aud/sub/groups/exp). Useful for confirming that signing
|
|
// in here yields aud=dezky-portal, distinct from the operator's dezky-operator.
|
|
|
|
import { getUserSession } from 'nuxt-oidc-auth/runtime/server/utils/session.js'
|
|
|
|
function decodeJwtClaims(token: string): Record<string, unknown> {
|
|
const parts = token.split('.')
|
|
if (parts.length < 2) throw new Error('Not a JWT')
|
|
const payload = parts[1]!.replace(/-/g, '+').replace(/_/g, '/')
|
|
const padded = payload + '='.repeat((4 - (payload.length % 4)) % 4)
|
|
return JSON.parse(Buffer.from(padded, 'base64').toString('utf8'))
|
|
}
|
|
|
|
export default defineEventHandler(async (event) => {
|
|
const session = await getUserSession(event).catch(() => null)
|
|
const accessToken = (session as { accessToken?: string } | null)?.accessToken
|
|
if (!accessToken) throw createError({ statusCode: 401, statusMessage: 'No session' })
|
|
|
|
const claims = decodeJwtClaims(accessToken)
|
|
return {
|
|
iss: claims.iss,
|
|
aud: claims.aud,
|
|
sub: claims.sub,
|
|
email: claims.email,
|
|
groups: claims.groups,
|
|
exp: claims.exp,
|
|
iat: claims.iat,
|
|
}
|
|
})
|