use passport-authsch lib for authentication

package.json

@@ -25,6 +25,7 @@
   "dependencies": {
     "@casl/ability": "^6.3.3",
     "@casl/prisma": "^1.4.1",
+    "@kir-dev/passport-authsch": "^2.0.3",
     "@nestjs/axios": "^3.0.0",
     "@nestjs/common": "^10.0.2",
     "@nestjs/core": "^10.0.2",
@@ -43,7 +44,6 @@
     "ics": "^3.1.0",
     "papaparse": "^5.3.2",
     "passport-jwt": "^4.0.0",
-    "passport-oauth2": "^1.6.1",
     "puppeteer": "^20.7.4",
     "reflect-metadata": "^0.2.0",
     "rimraf": "^5.0.0",
@@ -60,7 +60,6 @@
     "@types/node": "^20.0.0",
     "@types/papaparse": "^5.3.7",
     "@types/passport-jwt": "^4.0.0",
-    "@types/passport-oauth2": "^1.4.11",
     "@types/supertest": "^6.0.0",
     "@typescript-eslint/eslint-plugin": "^8.0.0",
     "@typescript-eslint/parser": "^8.0.0",

src/auth/auth.service.ts

@@ -1,3 +1,4 @@
+import { AuthSchProfile } from '@kir-dev/passport-authsch'
 import {
   Injectable,
   InternalServerErrorException,
@@ -7,8 +8,6 @@ import { JwtService } from '@nestjs/jwt'
 import { User } from '@prisma/client'
 import { UserEntity } from 'src/users/dto/UserEntity.dto'
 import { UsersService } from '../users/users.service'
-import { OAuthUser } from './oauthuser'
-
 @Injectable()
 export class AuthService {
   private readonly logger = new Logger(AuthService.name)
@@ -18,20 +17,18 @@ export class AuthService {
     private readonly jwtService: JwtService,
   ) {}
 
-  async findOrCreateUser(oAuthUser: OAuthUser): Promise<UserEntity> {
+  async findOrCreateUser(oAuthUser: AuthSchProfile): Promise<UserEntity> {
     try {
-      const user = await this.usersService.findByAuthSchId(
-        oAuthUser.internal_id,
-      )
+      const user = await this.usersService.findByAuthSchId(oAuthUser.authSchId)
       if (user) {
         return user
       }
 
       const newUser = await this.usersService.create({
-        authSchId: oAuthUser.internal_id,
-        firstName: oAuthUser.givenName,
-        fullName: oAuthUser.displayName,
-        email: oAuthUser.mail,
+        authSchId: oAuthUser.authSchId,
+        firstName: oAuthUser.firstName,
+        fullName: oAuthUser.fullName,
+        email: oAuthUser.email,
       })
 
       this.logger.log(`User #${newUser.id} created`)

src/auth/authsch.strategy.ts

@@ -1,38 +1,26 @@
-import { HttpService } from '@nestjs/axios'
+import {
+  AuthSchProfile,
+  AuthSchScope,
+  Strategy,
+} from '@kir-dev/passport-authsch'
 import { Injectable, Logger } from '@nestjs/common'
 import { PassportStrategy } from '@nestjs/passport'
-import { Strategy } from 'passport-oauth2'
-import { firstValueFrom } from 'rxjs'
 import { UserEntity } from 'src/users/dto/UserEntity.dto'
 import { AuthService } from './auth.service'
-import { OAuthUser } from './oauthuser'
-
-const AUTHSCH_HOST = 'https://auth.sch.bme.hu'
 
 @Injectable()
-export class AuthschStrategy extends PassportStrategy(Strategy, 'authsch') {
+export class AuthschStrategy extends PassportStrategy(Strategy) {
   private readonly logger = new Logger(AuthschStrategy.name)
-  constructor(
-    private httpService: HttpService,
-    private authService: AuthService,
-  ) {
+  constructor(private authService: AuthService) {
     super({
-      authorizationURL: `${AUTHSCH_HOST}/site/login`,
-      tokenURL: `${AUTHSCH_HOST}/oauth2/token`,
-      clientID: process.env.AUTHSCH_CLIENT_ID,
+      clientId: process.env.AUTHSCH_CLIENT_ID,
       clientSecret: process.env.AUTHSCH_CLIENT_SECRET,
-      scope: ['basic', 'givenName', 'displayName', 'mail'], // ?? niifEduPersonAttendedCourse = hallgatott tárgyak
-      // Hallgató által jelenleg hallgatott kurzusok kódjai. Példa: "BMEVIAUA218;BMEVIIIA316"
+      scopes: [AuthSchScope.PROFILE, AuthSchScope.EMAIL],
     })
   }
 
-  async validate(accessToken: string): Promise<UserEntity> {
-    const { data: oAuthUser } = await firstValueFrom(
-      this.httpService.get<OAuthUser>(
-        `${AUTHSCH_HOST}/api/profile?access_token=${accessToken}`,
-      ),
-    )
-    const dbUser = await this.authService.findOrCreateUser(oAuthUser)
+  async validate(userProfile: AuthSchProfile): Promise<UserEntity> {
+    const dbUser = await this.authService.findOrCreateUser(userProfile)
     this.logger.debug('DbUser in validate' + JSON.stringify(dbUser, null, 2))
     return dbUser
   }