Got Authorization flow working (Untested)

src/api/auth/redirect.ts

@@ -4,12 +4,10 @@ import * as msal from "@azure/msal-node";
 import { msalClient } from "../../constants";
 import { users } from "../../managers/users";
 
-/* /v1/authRedirect */
+/* /v1/auth/redirect */
 export default createRoute("get", ["/"], async (c) => {
   c.status(200);
 
-  console.log("Query", c.req.query());
-
   const tokenRequest: msal.AuthorizationCodeRequest = {
     code: c.req.query().code as string,
     scopes: ["user.read"],
@@ -20,17 +18,10 @@ export default createRoute("get", ["/"], async (c) => {
 
   await users.authenticate(authResult);
 
-  // This closes the window because duh
-  return c.html(`
-    <script>
-      window.close();
-    </script>
-  `);
-
-  /*     return c.json({
-        status: 200,
-        message: "Auth Redirect Endpoint",
-        data: authResult,
-        successful: true,
-    }); */
+  return c.json({
+    status: 200,
+    message: "Auth Redirect Endpoint",
+    data: authResult,
+    successful: true,
+  });
 });

src/api/auth/refresh.ts

@@ -0,0 +1,26 @@
+import { Hono } from "hono/tiny";
+import { createRoute } from "../../modules/api-utils/createRoute";
+import { sessions } from "../../managers/sessions";
+
+/* /v1/auth/refresh */
+export default createRoute("post", ["/"], async (c) => {
+  c.status(201);
+
+  const refreshToken = c.req.header("x-refresh-token") || "";
+
+  const session = await sessions.fetch({
+    refreshToken: refreshToken,
+  });
+
+  const newAccessToken = await session.refresh(refreshToken);
+
+  return c.json({
+    status: 201,
+    message: "Token refreshed successfully!",
+    data: {
+      accessToken: newAccessToken,
+      refreshToken,
+    },
+    successful: true,
+  });
+});

src/api/middleware/authorization.ts

@@ -0,0 +1,80 @@
+import { Context, Env, MiddlewareHandler } from "hono";
+import AuthorizationError from "../../Errors/AuthorizationError";
+import { sessions } from "../../managers/sessions";
+import { Variables } from "../../types/HonoTypes";
+import GenericError from "../../Errors/GenericError";
+import { events } from "../../modules/globalEvents";
+
+/**
+ * Authorization Middleware
+ *
+ * This middleware will do all of the authorization for all the routes that may need authorization.
+ * It will check which auth type is being used and pull the correct credentials from said auth type and
+ * supply them as a variable to the route.  If there is an error thrown at any point in this middleware, it
+ * will hault and will not proceed to the route handler.
+ *
+ * Eventually this method will analyze roles and permissions and supply those as objects to the route handler.
+ *
+ * ## Auth Types
+ * - Bearer: Access Token for user authentication
+ * - Key: API Key
+ *
+ * @param ctx - Hono Context Object
+ * @param next - Move onto the handler
+ */
+export const authMiddleware = (permParams?: {
+  permissions?: string[];
+  scopes?: string[];
+  forbiddenAuthTypes?: string[];
+}): MiddlewareHandler<{
+  Variables: Variables;
+}> => {
+  return async (ctx, next) => {
+    const authorization = ctx.req.header()["authorization"];
+    if (!authorization)
+      throw new AuthorizationError("Missing 'authorization' header.");
+
+    const components = authorization.match(
+      /^(Bearer|Key)\s([a-zA-Z0-9-_]+\.[a-zA-Z0-9-_]+\.[a-zA-Z0-9-_]+)$/,
+    );
+    if (!components)
+      throw new AuthorizationError(
+        "Invalid or malformed authorization header...",
+      );
+
+    const authType: string = components[1] ?? "";
+    const authValue: string = components[2] ?? "";
+
+    if (permParams?.forbiddenAuthTypes?.includes(authType))
+      throw new GenericError({
+        name: "NonpermittedAuthType",
+        message:
+          "The authorization method you are using is not permitted for this API request.",
+        cause: `Type '${authType}' is not permitted.`,
+        status: 403,
+      });
+
+    if (authType) {
+      const session = await sessions.fetch({ accessToken: authValue });
+      const user = await session.fetchUser();
+      ctx.set("user", user);
+
+      if (
+        permParams?.permissions &&
+        permParams?.permissions.length > 0 &&
+        (
+          await Promise.all(
+            permParams?.permissions.map((p) => user.hasPermission(p)),
+          )
+        ).includes(false)
+      )
+        throw new GenericError({
+          name: "InsufficentPermission",
+          message: "You do not have sufficent permissions to do this.",
+          status: 403,
+        });
+    }
+
+    await next();
+  };
+};