UNPKG

@dataroadinc/setup-auth

Version:

CLI tool and programmatic API for automated OAuth setup across cloud platforms

github.com/dataroadinc/dr-ts-setup-auth

dataroadinc/dr-ts-setup-auth

158 lines (157 loc) 6.61 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
import { buildRedirectUriList } from "../utils/redirect-urls.js"; import { GcpOAuthWebClientManager } from "../providers/gcp/oauth/client.js"; import { SetupAuthError } from "../utils/error.js"; export class SetupAuthAPI { constructor() { } static getInstance() { if (!SetupAuthAPI.instance) { SetupAuthAPI.instance = new SetupAuthAPI(); } return SetupAuthAPI.instance; } async registerCallbackUrls(config) { try { this.validateCallbackUrlConfig(config); const redirectUris = await this.buildRedirectUris(config); switch (config.provider) { case "gcp": return await this.registerGcpCallbackUrls(config, redirectUris); case "github": return await this.registerGitHubCallbackUrls(config, redirectUris); case "azure": return await this.registerAzureCallbackUrls(config, redirectUris); case "linkedin": return await this.registerLinkedInCallbackUrls(config, redirectUris); default: throw new SetupAuthError(`Unsupported OAuth provider: ${config.provider}`); } } catch (error) { return { success: false, error: error instanceof Error ? error.message : String(error), }; } } async updateCallbackUrls(config) { try { this.validateCallbackUrlConfig(config); const redirectUris = await this.buildRedirectUris(config); switch (config.provider) { case "gcp": return await this.updateGcpCallbackUrls(config, redirectUris); case "github": return await this.updateGitHubCallbackUrls(config, redirectUris); case "azure": return await this.updateAzureCallbackUrls(config, redirectUris); case "linkedin": return await this.updateLinkedInCallbackUrls(config, redirectUris); default: throw new SetupAuthError(`Unsupported OAuth provider: ${config.provider}`); } } catch (error) { return { success: false, error: error instanceof Error ? error.message : String(error), }; } } validateCallbackUrlConfig(config) { if (!config.provider) { throw new SetupAuthError("OAuth provider is required"); } if (!config.platform) { throw new SetupAuthError("Platform is required"); } switch (config.provider) { case "gcp": if (!config.projectConfig?.gcpProjectId) { throw new SetupAuthError("GCP project ID is required for GCP provider"); } break; case "github": if (!config.projectConfig?.githubAppName) { throw new SetupAuthError("GitHub app name is required for GitHub provider"); } break; case "azure": if (!config.projectConfig?.azureTenantId) { throw new SetupAuthError("Azure tenant ID is required for Azure provider"); } break; } } async buildRedirectUris(config) { const options = { platform: config.platform, oauthProvider: config.provider, deploymentUrl: config.deploymentUrl, callbackPath: config.callbackPath, redirectOptions: { gcpOauthProjectId: config.projectConfig?.gcpProjectId || "", clientId: "", additionalUrls: config.additionalUrls, wildcardPatterns: config.wildcardPatterns, }, }; return buildRedirectUriList(options); } async registerGcpCallbackUrls(config, redirectUris) { if (!config.projectConfig?.gcpProjectId) { throw new SetupAuthError("GCP project ID is required"); } const oauthClient = new GcpOAuthWebClientManager(config.projectConfig.gcpProjectId); const displayName = `${config.platform.charAt(0).toUpperCase() + config.platform.slice(1)} OAuth Client`; const { clientId, clientSecret } = await oauthClient.createClient(displayName, redirectUris, []); return { success: true, registeredUrls: redirectUris, clientId, providerDetails: { clientSecret, projectId: config.projectConfig.gcpProjectId, }, }; } async updateGcpCallbackUrls(config, redirectUris) { if (!config.projectConfig?.gcpProjectId) { throw new SetupAuthError("GCP project ID is required"); } const clientId = process.env.GCP_OAUTH_CLIENT_ID?.replace(/\.apps\.googleusercontent\.com$/, ""); if (!clientId) { throw new SetupAuthError("GCP OAuth client ID not found. Please run setup first."); } const oauthClient = new GcpOAuthWebClientManager(config.projectConfig.gcpProjectId); await oauthClient.updateRedirectUris(clientId, redirectUris); return { success: true, redirectUris, }; } async registerGitHubCallbackUrls(_config, _redirectUris) { throw new SetupAuthError("GitHub OAuth app creation not yet implemented"); } async updateGitHubCallbackUrls(_config, _redirectUris) { throw new SetupAuthError("GitHub OAuth app update not yet implemented"); } async registerAzureCallbackUrls(_config, _redirectUris) { throw new SetupAuthError("Azure AD app registration not yet implemented"); } async updateAzureCallbackUrls(_config, _redirectUris) { throw new SetupAuthError("Azure AD app update not yet implemented"); } async registerLinkedInCallbackUrls(_config, _redirectUris) { throw new SetupAuthError("LinkedIn OAuth app creation not yet implemented"); } async updateLinkedInCallbackUrls(_config, _redirectUris) { throw new SetupAuthError("LinkedIn OAuth app update not yet implemented"); } } SetupAuthAPI.instance = null; export async function registerCallbackUrls(config) { return SetupAuthAPI.getInstance().registerCallbackUrls(config); } export async function updateCallbackUrls(config) { return SetupAuthAPI.getInstance().updateCallbackUrls(config); }