use email from user info

numerique-gouv · Apr 30, 2024 · 0e807e8 · 0e807e8
1 parent 1d48de1
commit 0e807e8
Showing 1 changed file with 23 additions and 15 deletions.
diff --git a/lib/oidcAuth.js b/lib/oidcAuth.js
@@ -96,23 +96,31 @@ module.exports.finishAuth = async (req) => {
     return { error: "L'identification a échoué. Entrez votre adresse mail ci-dessous pour recommencer." }
   }
 
-  const tokenSet = await client.callback(
-    config.HOSTNAME_WITH_PROTOCOL + urlCallback,
-    params,
-    {
-      state: request.state,
-      nonce: request.nonce
-      // todo  code_verifier: req.session.code_verifier
-    }
-  )
-  const claims = tokenSet.claims()
-  console.log(`CLAIMS : ${JSON.stringify(claims)}`)
-  const userinfo = await client.userinfo(tokenSet)
-  console.log(`USERINFO : ${JSON.stringify(userinfo)}`)
+  let tokenSet
+  try {
+    tokenSet = await client.callback(
+      config.HOSTNAME_WITH_PROTOCOL + urlCallback,
+      params,
+      {
+        state: request.state,
+        nonce: request.nonce
+        // todo  code_verifier: req.session.code_verifier
+      }
+    )
+  } catch(error){
+    console.error("error when requesting token from OIDC", error)
+    return { error: "L'identification a échoué. Entrez votre adresse mail ci-dessous pour recommencer." }
+  }
 
+  let userinfo
+  try {
+    userinfo = await client.userinfo(tokenSet)
+  } catch(error){
+    console.error("error when requesting userinfo from OIDC", error)
+    return { error: "L'identification a échoué. Entrez votre adresse mail ci-dessous pour recommencer." }
+  }
+  const email = userinfo.email
 
-  const email = claims.preferred_username
-
   return {
     email,
     durationInMinutes: request.durationInMinutes,