Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore: Integrate authentication library (#81)
Fixes #2. High-level changes: - Integrate [`mock-oauth2-server`](https://github.com/navikt/mock-oauth2-server) in development. - Integrate fork of [`fastify-auth0-verify`](https://github.com/nearform/fastify-auth0-verify). See #82. #84 will actually use `request.user` to enforce authorisation, so no endpoint is being updated to enforce authorisation here. # Testing This PR can be verified by creating the dummy route `GET /authn` as follows: ```diff diff --git a/src/services/routes/healthcheck.routes.ts b/src/services/routes/healthcheck.routes.ts index 7b7abe7..6cf48d3 100644 --- a/src/services/routes/healthcheck.routes.ts +++ b/src/services/routes/healthcheck.routes.ts @@ -20,5 +20,15 @@ export default function registerRoutes( }, }); + fastify.route({ + method: ['GET'], + url: '/authn', + preValidation: fastify.authenticate, + + async handler(request, reply): Promise<void> { + await reply.code(HTTP_STATUS_CODES.OK).send(request.user); + }, ``` Then making requests to it as follows: ```http ### Make anonymous request GET http://veraid-authority.default.10.103.177.106.sslip.io/authn ### Make authenticated request with invalid credentials GET http://veraid-authority.default.10.103.177.106.sslip.io/authn Authorization: Bearer INVALID_TOKEN ### Make authenticated request with valid credentials GET http://veraid-authority.default.10.103.177.106.sslip.io/authn Authorization: Bearer <VALID-TOKEN-HERE> ``` `<VALID-TOKEN-HERE>` can be obtained with: ```http ### Authenticate with authorisation server (client credentials) POST http://mock-authz-server.default.10.103.177.106.sslip.io/default/token Content-Type: application/x-www-form-urlencoded grant_type=client_credentials&client_id=admin@example.com&client_secret=s3cr3t ```
- Loading branch information