Merge pull request #7 from wang-bam-bbang/docs

Docs

Author: Kimcheolhui

package-lock.json

@@ -34,6 +34,7 @@
     "axios": "^1.7.7",
     "class-transformer": "^0.5.1",
     "class-validator": "^0.14.1",
+    "cookie-parser": "^1.4.7",
     "express-basic-auth": "^1.2.1",
     "passport": "^0.7.0",
     "passport-http-bearer": "^1.0.1",

package.json

@@ -91,7 +91,7 @@ export class IdpService {
     const tokenResponse = await firstValueFrom(
       this.httpService
         .post<IdpJwtResponse>(
-          this.idpUrl + '/token',
+          this.idpUrl + '/oauth/token',
           {
             grant_type: 'refresh_token',
             refresh_token: refreshToken,

src/idp/idp.service.ts

@@ -4,6 +4,7 @@ import { ValidationPipe } from '@nestjs/common';
 
 import { DocumentBuilder, SwaggerModule } from '@nestjs/swagger';
 import expressBasicAuth from 'express-basic-auth';
+import cookieParser from 'cookie-parser';
 
 async function bootstrap() {
   const app = await NestFactory.create(AppModule);
@@ -17,6 +18,7 @@ async function bootstrap() {
       },
     }),
   );
+  app.use(cookieParser());
 
   app.useGlobalPipes(
     new ValidationPipe({
@@ -31,6 +33,20 @@ async function bootstrap() {
     )
     .setVersion('1.0')
     .addTag('Fint-it')
+    .addOAuth2({
+      type: 'oauth2',
+      flows: {
+        authorizationCode: {
+          authorizationUrl: `${process.env.IDP_WEB_URL}/authorize?prompt=consent`,
+          tokenUrl: `${process.env.IDP_URL}/oauth/token`,
+          scopes: {
+            openid: '',
+            profile: '',
+            offline_access: '',
+          },
+        },
+      },
+    })
     .addBearerAuth(
       {
         type: 'http',
@@ -40,13 +56,21 @@ async function bootstrap() {
       },
       'access-token',
     )
+    .addCookieAuth('refresh_token')
     .build();
 
   const document = SwaggerModule.createDocument(app, config);
 
   SwaggerModule.setup('api/docs', app, document, {
     swaggerOptions: {
+      oauth2RedirectUrl: `${process.env.IDP_CALLBACK_URL}`,
+      persistAuthorization: true,
       displayRequestDuration: true,
+      initOAuth: {
+        clientId: process.env.IDP_CLIENT_ID,
+        clientSecret: process.env.IDP_CLIENT_SECRET,
+        usePkceWithAuthorizationCodeGrant: true,
+      },
     },
   });
 

src/main.ts

@@ -19,6 +19,8 @@ import { LoginCallbackDto } from './dto/req/callBack.dto';
 import { JwtTokenResDto } from './dto/res/jwtTokenRes.dto';
 import {
   ApiBearerAuth,
+  ApiCookieAuth,
+  ApiCreatedResponse,
   ApiInternalServerErrorResponse,
   ApiOkResponse,
   ApiOperation,
@@ -70,12 +72,21 @@ export class UserController {
     return { access_token };
   }
 
+  @ApiOperation({
+    summary: 'Refresh token',
+    description: 'Refresh the access token from idp',
+  })
+  @ApiCookieAuth('refresh_token')
+  @ApiCreatedResponse({ type: JwtTokenResDto, description: 'Return jwt token' })
+  @ApiUnauthorizedResponse({ description: 'Unauthorized' })
+  @ApiInternalServerErrorResponse({ description: 'Internal Server Error' })
   @Post('refresh')
   async refreshToken(
     @Req() req: Request,
     @Res({ passthrough: true }) res: Response,
   ): Promise<JwtTokenResDto> {
     const refreshToken = req.cookies['refresh_token'];
+
     if (!refreshToken) throw new UnauthorizedException();
 
     const { access_token, refresh_token } =

src/user/user.controller.ts

@@ -18,7 +18,7 @@ export class UserService {
   ) {}
 
   async getIdpLoginUrl(): Promise<string> {
-    const idpWebUrl = 'https://idp.gistory.me';
+    const idpWebUrl = this.configService.get<string>('IDP_WEB_URL');
 
     const params = new URLSearchParams({
       response_type: 'code',