Ronni Baslund
17ffd95a70
Upgrade both Nuxt apps to Nuxt 4.4.6 (vue-tsc 3, TypeScript 5.6, undici 7) and add a root tsconfig.json to each app. Fix the strict-null / noUncheckedIndexedAccess errors surfaced by Nuxt 4's stricter generated tsconfig and vue-tsc 3. Drop the nuxt-oidc-auth pnpm patch (Nuxt 4 fixes the prepare:types crash natively).
33 lines
1.3 KiB
TypeScript
33 lines
1.3 KiB
TypeScript
// Throwaway verification endpoint for O.9: decodes the access token currently
|
|
// stored in the operator's nuxt-oidc-auth session and returns the claims we
|
|
// care about (iss, aud, sub, exp, groups). NEVER returns the raw token. Safe
|
|
// to leave deployed since it requires a valid operator session and only
|
|
// echoes claims the user can already see in their JWT.
|
|
|
|
import { getUserSession } from 'nuxt-oidc-auth/runtime/server/utils/session.js'
|
|
|
|
function decodeJwtClaims(token: string): Record<string, unknown> {
|
|
const parts = token.split('.')
|
|
if (parts.length < 2) throw new Error('Not a JWT')
|
|
const payload = parts[1]!.replace(/-/g, '+').replace(/_/g, '/')
|
|
const padded = payload + '='.repeat((4 - (payload.length % 4)) % 4)
|
|
return JSON.parse(Buffer.from(padded, 'base64').toString('utf8'))
|
|
}
|
|
|
|
export default defineEventHandler(async (event) => {
|
|
const session = await getUserSession(event).catch(() => null)
|
|
const accessToken = (session as { accessToken?: string } | null)?.accessToken
|
|
if (!accessToken) throw createError({ statusCode: 401, statusMessage: 'No session' })
|
|
|
|
const claims = decodeJwtClaims(accessToken)
|
|
return {
|
|
iss: claims.iss,
|
|
aud: claims.aud,
|
|
sub: claims.sub,
|
|
email: claims.email,
|
|
groups: claims.groups,
|
|
exp: claims.exp,
|
|
iat: claims.iat,
|
|
}
|
|
})
|