UNPKG

@xrengine/server-core

Version:

Shared components for XREngine server

github.com/XRFoundation/XREngine

XRFoundation/XREngine

131 lines (122 loc) 5.42 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
import { AuthenticationRequest } from '@feathersjs/authentication' import { Paginated, Params } from '@feathersjs/feathers' import { random } from 'lodash' import { AvatarInterface } from '@xrengine/common/src/interfaces/AvatarInterface' import { UserInterface } from '@xrengine/common/src/interfaces/User' import { Application } from '../../../declarations' import config from '../../appconfig' import getFreeInviteCode from '../../util/get-free-invite-code' import makeInitialAdmin from '../../util/make-initial-admin' import CustomOAuthStrategy, { CustomOAuthParams } from './custom-oauth' export class GithubStrategy extends CustomOAuthStrategy { constructor(app: Application) { super() this.app = app } async getEntityData(profile: any, entity: any, params: CustomOAuthParams): Promise<any> { const baseData = await super.getEntityData(profile, null, {}) const authResult = await (this.app.service('authentication') as any).strategies.jwt.authenticate( { accessToken: params?.authentication?.accessToken }, {} ) const identityProvider = authResult['identity-provider'] const userId = identityProvider ? identityProvider.userId : params?.query ? params.query.userId : undefined return { ...baseData, email: profile.email, type: 'github', oauthToken: params.access_token!, userName: profile.login, userId, accountIdentifier: profile.login } } async updateEntity(entity: any, profile: any, params: CustomOAuthParams): Promise<any> { const authResult = await (this.app.service('authentication') as any).strategies.jwt.authenticate( { accessToken: params?.authentication?.accessToken }, {} ) if (!entity.userId) { const avatars = (await this.app.service('avatar').find({ isInternal: true })) as Paginated<AvatarInterface> const code = await getFreeInviteCode(this.app) const newUser = (await this.app.service('user').create({ isGuest: false, inviteCode: code, avatarId: avatars[random(avatars.total - 1)].id })) as UserInterface entity.userId = newUser.id await this.app.service('identity-provider').patch(entity.id, { userId: newUser.id }) } const identityProvider = authResult['identity-provider'] const user = await this.app.service('user').get(entity.userId) await makeInitialAdmin(this.app, user.id) if (user.isGuest) await this.app.service('user').patch(entity.userId, { isGuest: false }) const apiKey = await this.app.service('user-api-key').find({ query: { userId: entity.userId } }) if ((apiKey as any).total === 0) await this.app.service('user-api-key').create({ userId: entity.userId }) if (entity.type !== 'guest' && identityProvider.type === 'guest') { await this.app.service('identity-provider').remove(identityProvider.id) await this.app.service('user').remove(identityProvider.userId) await this.app.service('github-repo-access-refresh').find(Object.assign({}, params, { user })) return super.updateEntity(entity, profile, params) } const existingEntity = await super.findEntity(profile, params) if (!existingEntity) { profile.userId = user.id profile.oauthToken = params.access_token const newIP = await super.createEntity(profile, params) if (entity.type === 'guest') await this.app.service('identity-provider').remove(entity.id) await this.app.service('github-repo-access-refresh').find(Object.assign({}, params, { user })) return newIP } else if (existingEntity.userId === identityProvider.userId) { await this.app.service('github-repo-access-refresh').find(Object.assign({}, params, { user })) return existingEntity } else { throw new Error('Another user is linked to this account') } } async getRedirect(data: any, params: CustomOAuthParams): Promise<string> { const redirectHost = config.authentication.callback.github const type = params?.query?.userId ? 'connection' : 'login' if (data instanceof Error || Object.getPrototypeOf(data) === Error.prototype) { const err = data.message as string return redirectHost + `?error=${err}` } else { const token = data.accessToken as string const redirect = params.redirect! let parsedRedirect try { parsedRedirect = JSON.parse(redirect) } catch (err) { parsedRedirect = {} } const path = parsedRedirect.path const instanceId = parsedRedirect.instanceId let returned = redirectHost + `?token=${token}&type=${type}` if (path != null) returned = returned.concat(`&path=${path}`) if (instanceId != null) returned = returned.concat(`&instanceId=${instanceId}`) return returned } } async authenticate(authentication: AuthenticationRequest, originalParams: CustomOAuthParams) { if (authentication.error) { if (authentication.error.message === 'Bad credentials') throw new Error('You canceled the GitHub OAuth login flow') else throw new Error('There was a problem with the GitHub OAuth login flow: ' + authentication.error_description) } originalParams.access_token = authentication.access_token return super.authenticate(authentication, originalParams) } } export default GithubStrategy