UNPKG

@auth/core

Version:

Authentication for the Web.

authjs.dev

nextauthjs/next-auth

171 lines (170 loc) 8.09 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
/** * <div class="provider" style={{backgroundColor: "#24292f", display: "flex", justifyContent: "space-between", color: "#fff", padding: 16}}> * <span>Built-in <b>NetSuite</b> integration.</span> * <a href="https://system.netsuite.com"> * <img style={{display: "block"}} src="https://authjs.dev/img/providers/netsuite.svg" height="48" width="48"/> * </a> * </div> * * @module providers/netsuite */ /** * Add Netsuite login to your page and make requests to: * - [NetSuite RESTLets](https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_4567507062.html#Tracking-RESTlet-Calls-Made-with-TBA-and-OAuth-2.0). * - [NetSuite REST Web Services](https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/book_1559132836.html#SuiteTalk-REST-Web-Services-API-Guide). * * ### Setup * * #### Disclaimer * By using this provider, you consent to sharing your data with NetSuite. * By using this provider we assume you comply with NetSuite's [Terms of Service](https://www.netsuite.com/portal/assets/pdf/terms_of_service.pdf) and [Privacy Policy](https://www.oracle.com/legal/privacy). * The author of this provider is not affiliated with NetSuite. Proceeding with this provider you must be a NetSuite customer and have a NetSuite account (Full access user). * **Ensure the OAuth 2.0 Feature is enabled in your NetSuite account with the proper permissions set up on the current role/user** * * Before setting up the provider, you will need to: * - [Create an Integration Record](https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_157771733782.html#procedure_157838925981) * - Uncheck the TBA Auth Flow checkbox. * - Check OAuth 2.0 Auth Flow checkbox. * - Copy and paste the `Callback URL` below into the `Redirect URI` field. * - Then select the scope(s) you want to use. * - **REST Web Services** (`rest_webservices`) - Access to REST Web Services. * - **RESTlets**(`restlets`) - Access to RESTLets. * - **SuiteAnalytics Connect** (`suiteanalytics_connect`) - Access to SuiteAnalytics Connect. * - Add any policies you want to use. * - Application Logo (_Optional_) (Shown to users when they are asked to grant access to your application). - Consent Screen * - Application Terms of Use (_Optional_) - A PDF file that contains the terms of use for your application. - Consent Screen * - Application Privacy Policy (_Optional_) - A PDF file that contains the privacy policy for your application. - Consent Screen * - OAuth 2.0 Consent Policy Preference - This setting determines whether the user is asked to grant access to your application **every time** they sign in or only the **first time** they sign in or **never**. * - **Save** the Integration record. * - The Integration record will be used to generate the `clientId` and `clientSecret` for the provider. **Save the generated values for later** * * #### Callback URL * * :::tip * When setting the Redirect URI in the Integration record, you must use the `https` protocol. * Otherwise, you will get an error when trying to sign in. (_INVALID_LOGIN_ATTEMPT_). * If you are testing locally, you can use a service like [ngrok](https://ngrok.com/) to create a secure tunnel to your localhost. * ::: * * ``` * https://example.com/api/auth/callback/netsuite * ``` * * :::tip * Our `userinfo` needs to compose of a suitelet or RESTLet url that gives us the information about the user. This has to be very fast in which the handshake profile gather execution can't take long. * The best bet is to use the `N/runtime` module to get the basics first. - Here is an example of a RESTlet below. Be sure to deploy and enable access to "All Roles". * ::: * * #### Example RESTLet Callback Handler * Be sure to deploy and use the **external** RESTLet url of any usage of the URIs. * * ```js * * /** * * @NApiVersion 2.1 * * @NScriptType Restlet * *\/ * define(["N/runtime"], /** * @param{runtime} runtimee * \/ (runtime) => { * /** * * Defines the function that is executed when a GET request is sent to a RESTlet. * * @param {Object} requestParams - Parameters from HTTP request URL; parameters passed as an Object (for all supported * * content types) * * @returns {string | Object} HTTP response body; returns a string when request Content-Type is 'text/plain'; returns an * * Object when request Content-Type is 'application/json' or 'application/xml' * * @since 2015.2 * *\/ * const get = (requestParams) => { * let userObject = runtime.getCurrentUser(); * * try { * log.debug({ title: "Payload received:", details: requestParams }); * * const { id, name, role, location, email, contact } = userObject; * * log.audit({ title: "Current User Ran", details: name }); * * let user = { * id, * name, * role, * location, * email, * contact, * }; * * log.debug({ title: "Returning user", details: user }); * * return JSON.stringify(user); * } catch (e) { * log.error({ title: "Error grabbing current user:", details: e }); * } * }; * * return { * get, * }; * ); * ``` * * > **Note**: Above is an example of returning the basic runtime information. Be sure to create a new script record and deployment record. Upon saving the deployment record. We will get our URLs for our RESTlet. * * ### Configuration * * ```ts * import { Auth } from "@auth/core" * import Netsuite from "@auth/core/providers/netsuite" * * const request = new Request(origin) * const response = await Auth(request, { * providers: [ * NetSuite({ * accountID: NETSUITE_ACCOUNT_ID, // EX: TSTDRV1234567 or 81555 for prod, and 1234567-SB1 for Sandbox accounts not "_" use "-". * // Returns the current user using the N/runtime module. This url can be a suitelet or RESTlet (Recommended) * // Using getCurrentUser(); So we match this schema returned from this RESTlet in the profile callback. (Required) * userinfo: "https://1234567.restlets.api.netsuite.com/app/site/hosting/restlet.nl?script=123&deploy=1", * }) * ], * }) * ``` * * ### Resources * * - [NetSuite - Creating an Integration Record (OAuth 2.0)](https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_157771733782.html#Related-Topics) * - [NetSuite - Authorizing OAuth Requests](https://docs.github.com/en/developers/apps/building-oauth-apps/authorizing-oauth-apps) * - [NetSuite - Configure OAuth Roles](https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_157771510070.html#Set-Up-OAuth-2.0-Roles) * - [Learn more about NetSuite OAuth 2.0](https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/chapter_157769826287.html#OAuth-2.0) * * ### Notes * * :::tip * Make sure the `userinfo` matches the return type of the profile callback to ensure the user session gets read correctly. * To override the defaults for your use case, check out [customizing a built-in OAuth provider](https://authjs.dev/guides/providers/custom-provider#override-default-options). * ::: * */ export default function NetSuite(config) { const { accountID } = config; return { id: "netsuite", name: "NetSuite", type: "oauth", checks: ["state"], authorization: { url: `https://${accountID}.app.netsuite.com/app/login/oauth2/authorize.nl`, params: { scope: "restlets rest_webservices" }, }, token: `https://${accountID}.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token`, profile(profile) { // This is the default runtime.getCurrentUser() object returned from the RESTlet or SUITELet return { id: profile.id.toString(), name: profile.name, email: profile.email, image: null, }; }, style: { logo: "/netsuite.svg", bg: "#181a1b", text: "#fbfbfb" }, options: config, }; }