|
1 | 1 | import { defaultResponderForAppDir } from "app/api/defaultResponderForAppDir"; |
2 | 2 | import type { NextRequest } from "next/server"; |
3 | 3 | import { NextResponse } from "next/server"; |
4 | | -import z from "zod"; |
| 4 | +import { uuid } from "short-uuid"; |
| 5 | +import { z } from "zod"; |
5 | 6 |
|
6 | 7 | import jackson from "@calcom/features/ee/sso/lib/jackson"; |
7 | 8 | import { HttpError } from "@calcom/lib/http-error"; |
| 9 | +import logger from "@calcom/lib/logger"; |
8 | 10 |
|
9 | 11 | const extractAuthToken = (req: NextRequest) => { |
| 12 | + const log = logger.getSubLogger({ prefix: ["SAML extractAuthToken"] }); |
| 13 | + const uid = uuid(); |
10 | 14 | const authHeader = req.headers.get("authorization"); |
11 | 15 | const parts = (authHeader || "").split(" "); |
12 | 16 | if (parts.length > 1) return parts[1]; |
13 | 17 |
|
14 | 18 | // check for query param |
15 | 19 | let arr: string[] = []; |
16 | | - const { access_token } = requestQuery.parse(Object.fromEntries(req.nextUrl.searchParams)); |
| 20 | + const tokenParse = requestQuery.safeParse(Object.fromEntries(req.nextUrl.searchParams)); |
| 21 | + let access_token; |
| 22 | + if (!tokenParse.success) { |
| 23 | + log.error(`Error parsing request query: ${tokenParse.error} trace ${uid}`); |
| 24 | + throw new HttpError({ statusCode: 401, message: `Unauthorized trace: ${uid}` }); |
| 25 | + } |
| 26 | + access_token = tokenParse.data.access_token; |
17 | 27 | arr = arr.concat(access_token); |
18 | 28 | if (arr[0].length > 0) return arr[0]; |
19 | 29 |
|
20 | | - throw new HttpError({ statusCode: 401, message: "Unauthorized" }); |
| 30 | + throw new HttpError({ statusCode: 401, message: `Unauthorized trace: ${uid}` }); |
21 | 31 | }; |
22 | 32 |
|
23 | 33 | const requestQuery = z.object({ |
24 | 34 | access_token: z.string(), |
25 | 35 | }); |
26 | 36 |
|
27 | 37 | async function handler(req: NextRequest) { |
| 38 | + const log = logger.getSubLogger({ prefix: ["SAML userinfo"] }); |
28 | 39 | const { oauthController } = await jackson(); |
29 | 40 | const token = extractAuthToken(req); |
30 | | - const userInfo = await oauthController.userInfo(token); |
31 | | - return NextResponse.json(userInfo); |
| 41 | + |
| 42 | + try { |
| 43 | + const userInfo = await oauthController.userInfo(token); |
| 44 | + return NextResponse.json(userInfo); |
| 45 | + } catch (error) { |
| 46 | + const uid = uuid(); |
| 47 | + log.error(`trace: ${uid} Error getting user info from token: ${error}`); |
| 48 | + throw new Error(`Error getting user info from token. trace: ${uid}`); |
| 49 | + } |
32 | 50 | } |
33 | 51 |
|
34 | 52 | export const GET = defaultResponderForAppDir(handler); |
|
0 commit comments