diff --git a/src/auth.ts b/src/auth.ts
index 9f5dfcb85ee75fd96e2ac9b21126eb4890192b13..39f9c12be65d88a5c5ccc5d30e68df1a7c673651 100644
--- a/src/auth.ts
+++ b/src/auth.ts
@@ -6,5 +6,5 @@ export const aidc = await AriseIdConnect.init({
client_id: env.AIDC_CLIENT_ID,
client_secret: env.AIDC_CLIENT_SECRET,
scope: "openid offline profile",
- luciaWrapper: defaultLucia,
+ wrapper: defaultLucia,
});
diff --git a/src/lib/default.ts b/src/lib/default.ts
index 3be7992f5304194ca5b6744579422218b457738e..f5894422af1f1b07807f534e8b47dab47d3007ea 100644
--- a/src/lib/default.ts
+++ b/src/lib/default.ts
@@ -2,6 +2,7 @@ import { BetterSqlite3Adapter } from "@lucia-auth/adapter-sqlite";
import sqlite from "better-sqlite3";
import type { Database as SqLiteConnection } from "better-sqlite3";
import { LuciaWrapper } from "./lucia.js";
+import type { IdTokenClaims, UserinfoResponse } from "openid-client";
class DefaultLucia extends LuciaWrapper<DatabaseUser> {
db: SqLiteConnection;
@@ -20,7 +21,8 @@ class DefaultLucia extends LuciaWrapper<DatabaseUser> {
initDatabase() {
this.db.exec(`CREATE TABLE IF NOT EXISTS user (
id TEXT NOT NULL PRIMARY KEY,
- subject TEXT NOT NULL UNIQUE
+ subject TEXT NOT NULL UNIQUE,
+ claims JSON NOT NULL
)`);
this.db.exec(`CREATE TABLE IF NOT EXISTS session (
@@ -38,10 +40,10 @@ class DefaultLucia extends LuciaWrapper<DatabaseUser> {
.get(subject) as DatabaseUser | undefined;
}
- createUser(subject: string, userId: string) {
+ createUser(subject: string, userId: string, claims: IdTokenClaims) {
this.db
- .prepare("INSERT INTO user (id, subject) VALUES (?, ?)")
- .run(userId, subject);
+ .prepare("INSERT INTO user (id, subject, claims) VALUES (?, ?, ?)")
+ .run(userId, subject, claims);
}
}
@@ -58,6 +60,7 @@ declare module "lucia" {
export interface DatabaseUser {
id: string;
subject: string;
+ claims: UserinfoResponse;
}
export interface DatabaseSession {
id: string;
diff --git a/src/lib/index.ts b/src/lib/index.ts
index 4c30722fdef1c8cc951364028749acd0654e429a..83b3088ceef9c4014c3792cd368efe0586a53b95 100644
--- a/src/lib/index.ts
+++ b/src/lib/index.ts
@@ -53,7 +53,7 @@ export class AriseIdConnect<DbUser extends DatabaseUser> {
);
const aidc = new AriseIdConnect(config, issuer);
- await aidc.config.luciaWrapper.initDatabase();
+ await aidc.config.wrapper.initDatabase();
return aidc;
}
@@ -121,7 +121,7 @@ export class AriseIdConnect<DbUser extends DatabaseUser> {
redirect(SEE_OTHER, this.paths.home);
}
- const { lucia } = this.config.luciaWrapper;
+ const { lucia } = this.config.wrapper;
const { session } = await lucia.validateSession(event.locals.session.id);
@@ -149,23 +149,21 @@ export class AriseIdConnect<DbUser extends DatabaseUser> {
throw new Error("No id_token in tokenSet");
}
- const subject = tokenSet.claims().sub;
-
- const { luciaWrapper } = this.config;
- const { lucia } = luciaWrapper;
-
- const existingUser = await luciaWrapper.getUser(subject);
+ const claims = tokenSet.claims();
+ const { sub } = claims;
+ const { wrapper } = this.config;
+ const existingUser = await wrapper.getUser(sub);
const userId = existingUser ? existingUser.id : generateId(15);
if (!existingUser) {
- await luciaWrapper.createUser(subject, userId);
+ await wrapper.createUser(sub, userId, claims);
}
- const session = await lucia.createSession(userId, {
+ const session = await wrapper.lucia.createSession(userId, {
id_token: tokenSet.id_token,
});
- setLuciaCookie(event, lucia.createSessionCookie(session.id));
+ setLuciaCookie(event, wrapper.lucia.createSessionCookie(session.id));
if (this.config.on?.login) {
return this.config.on.login(event, tokenSet.claims());
@@ -175,7 +173,7 @@ export class AriseIdConnect<DbUser extends DatabaseUser> {
};
protected sessionHandler: Handle = async ({ event, resolve }) => {
- const { lucia } = this.config.luciaWrapper;
+ const { lucia } = this.config.wrapper;
const sessionId = event.cookies.get(lucia.sessionCookieName);
if (!sessionId) {
diff --git a/src/lib/lucia.ts b/src/lib/lucia.ts
index a52426c5ae377c621b0e15b8c7b20125e20176a3..44b85ca9f9234fabf6250154e388c9d8a1fc9762 100644
--- a/src/lib/lucia.ts
+++ b/src/lib/lucia.ts
@@ -8,6 +8,7 @@ import type {
TimeSpan,
} from "lucia";
import { Lucia } from "lucia";
+import type { UserinfoResponse } from "openid-client";
export interface DatabaseUser {
id: string;
@@ -61,5 +62,9 @@ export abstract class LuciaWrapper<
abstract initDatabase(): MaybePromise<void>;
abstract getUser(subject: string): MaybePromise<DbUser | undefined>;
- abstract createUser(subject: string, userId: string): MaybePromise<void>;
+ abstract createUser(
+ subject: string,
+ userId: string,
+ claims: UserinfoResponse,
+ ): MaybePromise<void>;
}
diff --git a/src/lib/types.ts b/src/lib/types.ts
index 73ffbb898ecb74dc3d9d60dc2b64e9b8aaad4180..21958949ea942020dac623218fa124380876fa06 100644
--- a/src/lib/types.ts
+++ b/src/lib/types.ts
@@ -11,7 +11,7 @@ export interface Config<DbUser extends DatabaseUser> extends ClientMetadata {
login?: (event: RequestEvent, userInfo: UserinfoResponse) => never;
logout?: (event: RequestEvent) => MaybePromise<void>;
};
- luciaWrapper: LuciaWrapper<DbUser>;
+ wrapper: LuciaWrapper<DbUser>;
cookieNames?: Partial<CookieNames>;
paths?: Partial<Paths>;
}