remove comment

livecycle · Aug 1, 2023 · cd38969 · cd38969
1 parent 9dfbd56
commit cd38969
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 38 deletions.
diff --git a/tunnel-server/src/app.ts b/tunnel-server/src/app.ts
@@ -5,7 +5,7 @@ import internal from 'stream'
 import { Logger } from 'pino'
 import { match } from 'ts-pattern'
 import { SessionManager } from './seesion'
-import { Claims, JwtAuthenticator, authenticator, envToIssuerToKeyData, unauthorized } from './auth'
+import { Claims, JwtAuthenticator, authenticator, getIssuerToKeyDataFromEnv, unauthorized } from './auth'
 import { PreviewEnvStore } from './preview-env'
 import { replaceHostname } from './url'
 
@@ -63,7 +63,7 @@ export const app = ({ isProxyRequest, proxyHandlers, sessionManager, baseUrl, en
       }
       const session = sessionManager(req.raw, res.raw, env.publicKeyThumbprint)
       if (!session.user) {
-        const auth = authenticator([JwtAuthenticator(envToIssuerToKeyData(env))])
+        const auth = authenticator([JwtAuthenticator(getIssuerToKeyDataFromEnv(env))])
         const result = await auth(req.raw)
         if (!result.isAuthenticated) {
           return unauthorized(res.raw)
@@ -73,9 +73,4 @@ export const app = ({ isProxyRequest, proxyHandlers, sessionManager, baseUrl, en
       }
       return await res.redirect(new URL(returnPath, replaceHostname(baseUrl, `${envId}.${baseUrl.hostname}`)).toString())
     })
-    .get('/tunnels', {}, async (req, res) => {
-      // const auth = authenticator([JwtAuthenticator((iss) => ({pk: }))])
-      const envs = await envStore.getAll()
-      void res.send(envs)
-    })
     .get('/healthz', { logLevel: 'warn' }, async () => 'OK')
diff --git a/tunnel-server/src/auth.ts b/tunnel-server/src/auth.ts
@@ -79,23 +79,6 @@ export function JwtAuthenticator(issuerToKeyData: IssuerToKeyData) {
     }
 
     const { iss } = decodeJwt(jwt)
-    // const { issuer, publicKey, extractClaims } = await match(iss).when(() => iss?.startsWith('preevy://'), async () => {
-    //   const thumbprint = await calculateJwkThumbprintUri(await exportJWK(env.publicKey))
-    //   return {
-    //     publicKey: env.publicKey,
-    //     issuer: `preevy://${thumbprint}`,
-    //     extractClaims: (token:JWTPayload) => ({
-    //       role: 'admin',
-    //       type: 'profile',
-    //       exp: token.exp,
-    //       scopes: ['admin'],
-    //       sub: `preevy-profile:${env.publicKeyThumbprint}`,
-    //     }),
-    //   }
-    // }).otherwise(async () => {
-    //   throw new Error('invalid issuer')
-    // })
-
     const { pk, extractClaims } = issuerToKeyData(iss)
 
     const token = await jwtVerify(jwt, pk, { issuer: iss })
@@ -127,19 +110,17 @@ export const unauthorized = (res: ServerResponse<IncomingMessage>) => {
   res.end('Unauthorized')
 }
 
-export const envToIssuerToKeyData = (env: PreviewEnv): IssuerToKeyData => iss => {
-  if (iss === `preevy://${env.publicKeyThumbprint}`) {
-    return {
-      pk: env.publicKey,
-      extractClaims: token => ({
-        role: 'admin',
-        type: 'profile',
-        exp: token.exp,
-        scopes: ['admin'],
-        sub: `preevy-profile:${env.publicKeyThumbprint}`,
-      }),
-    }
+export const getIssuerToKeyDataFromEnv = (env: PreviewEnv): IssuerToKeyData => iss => {
+  if (iss !== `preevy://${env.publicKeyThumbprint}`) throw new Error('invalid issuer')
+
+  return {
+    pk: env.publicKey,
+    extractClaims: token => ({
+      role: 'admin',
+      type: 'profile',
+      exp: token.exp,
+      scopes: ['admin'],
+      sub: `preevy-profile:${env.publicKeyThumbprint}`,
+    }),
   }
-
-  throw new Error('invalid issuer')
 }