UNPKG

@uppy/companion

Version:

OAuth helper and remote fetcher for Uppy's (https://uppy.io) extensible file upload widget with support for drag&drop, resumable uploads, previews, restrictions, file processing/encoding, remote providers like Dropbox and Google Drive, S3 and more :dog:

github.com/transloadit/uppy

transloadit/uppy

50 lines (49 loc) 2.28 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
/** * oAuth callback. Encrypts the access token and sends the new token with the response, */ import serialize from 'serialize-javascript'; import * as tokenService from '../helpers/jwt.js'; import * as oAuthState from '../helpers/oauth-state.js'; import logger from '../logger.js'; const closePageHtml = (origin) => ` <!DOCTYPE html> <html> <head> <meta charset="utf-8" /> <script> // if window.opener is nullish, we want the following line to throw to avoid // the window closing without informing the user. window.opener.postMessage(${serialize({ error: true })}, ${serialize(origin)}) window.close() </script> </head> <body>Authentication failed.</body> </html>`; /** * * @param {object} req * @param {object} res * @param {Function} next */ export default function callback(req, res, next) { const { providerName } = req.params; const grant = req.session.grant || {}; const grantDynamic = oAuthState.getGrantDynamicFromRequest(req); const origin = grantDynamic.state && oAuthState.getFromState(grantDynamic.state, 'origin', req.companion.options.secret); if (!grant.response?.access_token) { logger.debug(`Did not receive access token for provider ${providerName}`, null, req.id); logger.debug(grant.response, 'callback.oauth.resp', req.id); return res.status(400).send(closePageHtml(origin)); } const { access_token: accessToken, refresh_token: refreshToken } = grant.response; req.companion.providerUserSession = { accessToken, refreshToken, // might be undefined for some providers ...req.companion.providerClass.grantDynamicToUserSession({ grantDynamic }), }; logger.debug(`Generating auth token for provider ${providerName}. refreshToken: ${refreshToken ? 'yes' : 'no'}`, null, req.id); const uppyAuthToken = tokenService.generateEncryptedAuthToken({ [providerName]: req.companion.providerUserSession }, req.companion.options.secret, req.companion.providerClass.authStateExpiry); tokenService.addToCookiesIfNeeded(req, res, uppyAuthToken, req.companion.providerClass.authStateExpiry); return res.redirect(req.companion.buildURL(`/${providerName}/send-token?uppyAuthToken=${uppyAuthToken}`, true)); }