update

server/api/v1/authentication/login-fes.post.ts

@@ -0,0 +1,122 @@
+import { getRequestURL, readBody, setCookie } from 'h3'
+
+// Function to verify JWT token with the userinfo endpoint
+export default defineEventHandler(async (event) => {
+  console.log("=================== MASUK FE SSO! ===================")
+  const body = await readBody(event)
+  const url = getRequestURL(event)
+  const config = useRuntimeConfig()
+
+  console.log("body: " + JSON.stringify(body))
+
+  // const apiSSOConfirm = 'https://auth.rssa.top/realms/sandbox/protocol/openid-connect/userinfo'
+  const apiSSOConfirm = config.public.SSO_CONFIRM_URL
+
+  const jwt = body.jwt
+  // const nip = body.nip
+  // const role = body.role
+  // const roleid = body.roleid
+  // const shift = body.shift
+  // const loginStatus = body.status_login
+  const token = 'Bearer ' + jwt
+
+  const res_sso = await fetch(apiSSOConfirm,
+  {
+    method: 'GET',
+    headers: {
+      'Content-Type': 'application/json',
+      'Authorization': token,
+    }
+  })
+
+  console.log(res_sso)
+  if (res_sso.status === 200) {
+    const parts = jwt.split('.')
+
+    if (parts.count != 3) {
+        // return ['error' => 'Invalid JWT format'];
+    }
+
+    const header = Buffer.from(strtr(parts[0], '-_', '+/'), 'base64').toString('utf8')
+    const payload = Buffer.from(strtr(parts[1], '-_', '+/'), 'base64').toString('utf8')
+
+    // const textDecoder = new TextDecoder('utf-8');
+    // // Decode the header and payload
+    // const decodedBinaryHead = atob(parts[0]);
+    // const decodedBinaryPayload = atob(parts[0]);
+    // const header = textDecoder.decode(Uint8Array.from(decodedBinaryHead, char => char.charCodeAt(0)));
+    // const payload = textDecoder.decode(Uint8Array.from(decodedBinaryPayload, char => char.charCodeAt(0)));
+
+    const result = {
+        'header': header,
+        'payload': payload
+    };
+
+    const apiOrigin = config.public.API_ORIGIN
+
+    const cleanOrigin = apiOrigin.replace(/\/+$/, '')
+    const cleanPath = url.pathname.replace(/^\/api\//, '').replace(/^\/+/, '')
+    const externalUrl = `${cleanOrigin}/${cleanPath}${url.search}`
+    console.log("external url: " + externalUrl)
+    console.log("body: " + JSON.stringify(body))
+
+    const resp = await fetch(externalUrl,
+    {
+      method: 'POST',
+      body: JSON.stringify({
+        name: JSON.parse(payload).name,
+      }),
+      headers: {
+        'Content-Type': 'application/json',
+        'X-AuthPartner-Code': config.public.X_AP_CODE,
+        'X-AuthPartner-SecretKey': config.public.X_AP_SECRET_KEY,
+      },
+    })
+
+    console.log(resp)
+    // if (resp.status === 200) {
+    //   const data = await resp.json()
+
+    //   if (data?.data?.accessToken) {
+    //     setCookie(event, 'authentication', data.data.accessToken, {
+    //       path: '/',
+    //       httpOnly: true,
+    //       sameSite: 'strict',
+    //       maxAge: 60 * 60 * 24,
+    //     })
+
+    //     delete data.data.accessToken
+    //     // return data
+
+    //     const { login } = useUserStore()
+    //     await login(resp.text())
+    //     await navigateTo('/')
+    //   }
+    // }
+
+    return new Response(await resp.text(), {
+      status: resp.status,
+      headers: {
+        'Content-Type': resp.headers.get('content-type') || 'text/plain',
+      },
+    })
+  }
+
+  return new Response(await res_sso.text(), {
+    status: res_sso.status,
+    headers: {
+      'Content-Type': res_sso.headers.get('content-type') || 'text/plain',
+    },
+  })
+})
+
+function strtr(str: string, fromChars: string, toChars: string) {
+  let result = str;
+  for (let i = 0; i < fromChars.length; i++) {
+    const fromChar = fromChars[i] || '_-';
+    // const toChar = toChars[i];
+    // Use a global regex to replace all occurrences of the character
+    result = result.replace(new RegExp(fromChar.replace(/[.*+?^${}()|[\]\\]/g, '\\$&'), 'g'), toChars);
+  }
+  return result;
+}