@crowdin/app-project-module/out/middlewares/ui-module.js

Module that generates for you all common endpoints for serving standalone Crowdin App

"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
    return new (P || (P = Promise))(function (resolve, reject) {
        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
        step((generator = generator.apply(thisArg, _arguments || [])).next());
    });
};
Object.defineProperty(exports, "__esModule", { value: true });
const crowdin_apps_functions_1 = require("@crowdin/crowdin-apps-functions");
const storage_1 = require("../storage");
const util_1 = require("../util");
const connection_1 = require("../util/connection");
const logger_1 = require("../util/logger");
const subscription_1 = require("../util/subscription");
function handle({ config, allowUnauthorized = false, moduleType, }) {
    return (0, util_1.runAsyncWrapper)((req, res, next) => __awaiter(this, void 0, void 0, function* () {
        if (allowUnauthorized) {
            next();
            return;
        }
        if (!(0, util_1.isAuthorizedConfig)(config)) {
            throw new Error('Invalid configuration. UI module was configured as authorized but client id and client secret are missing');
        }
        const jwtToken = req.query.jwtToken;
        if (!jwtToken) {
            (0, logger_1.temporaryErrorDebug)('Access denied: ui-module', req);
            return res.status(403).send({ error: 'Access denied' });
        }
        (0, logger_1.log)('Validating jwt token from incoming request');
        const jwtPayload = yield (0, crowdin_apps_functions_1.validateJwtToken)(jwtToken, config.clientSecret, config.jwtValidationOptions);
        const id = `${jwtPayload.domain || jwtPayload.context.organization_id}`;
        if (moduleType && jwtPayload.module && jwtPayload.module !== moduleType) {
            (0, logger_1.temporaryErrorDebug)('Access denied: ui-module', req);
            return res.status(403).send({ error: 'Access denied' });
        }
        const context = {
            jwtPayload,
            clientId: (0, crowdin_apps_functions_1.constructCrowdinIdFromJwtPayload)(jwtPayload),
            crowdinId: id,
            appIdentifier: config.identifier,
        };
        const logInfo = (0, logger_1.withContext)(context);
        logInfo('Loading crowdin credentials');
        const credentials = yield (0, storage_1.getStorage)().getCrowdinCredentials(id);
        if (!credentials) {
            throw new Error("Can't find organization by id");
        }
        logInfo('Building crowdin client instance');
        const { token } = yield (0, connection_1.prepareCrowdinClient)({ config, credentials, context });
        const { expired, subscribeLink } = yield (0, subscription_1.checkSubscription)({
            config,
            token,
            organization: credentials.id,
            accountType: credentials.type,
        });
        if (expired) {
            return res.render('subscription', { subscribeLink });
        }
        next();
    }));
}
exports.default = handle;