UNPKG

adonis-ally-rdstation

Version:
175 lines (174 loc) 6.53 kB
"use strict"; /* |-------------------------------------------------------------------------- | Ally Oauth driver |-------------------------------------------------------------------------- | | This is a dummy implementation of the Oauth driver. Make sure you | | - Got through every line of code | - Read every comment | */ Object.defineProperty(exports, "__esModule", { value: true }); exports.RDStationDriver = void 0; const standalone_1 = require("@adonisjs/ally/build/standalone"); /** * Driver implementation. It is mostly configuration driven except the user calls * * ------------------------------------------------ * Change "RDStation" to something more relevant * ------------------------------------------------ */ class RDStationDriver extends standalone_1.Oauth2Driver { constructor(ctx, config) { super(ctx, config); this.config = config; /** * The URL for the redirect request. The user will be redirected on this page * to authorize the request. * * Do not define query strings in this URL. */ this.authorizeUrl = 'https://api.rd.services/auth/dialog'; /** * The URL to hit to exchange the authorization code for the access token * * Do not define query strings in this URL. */ this.accessTokenUrl = 'https://api.rd.services/auth/token'; /** * The URL to hit to get the user details * * Do not define query strings in this URL. */ this.userInfoUrl = ''; /** * The param name for the authorization code. Read the documentation of your oauth * provider and update the param name to match the query string field name in * which the oauth provider sends the authorization_code post redirect. */ this.codeParamName = 'code'; /** * The param name for the error. Read the documentation of your oauth provider and update * the param name to match the query string field name in which the oauth provider sends * the error post redirect */ this.errorParamName = 'error'; /** * Cookie name for storing the CSRF token. Make sure it is always unique. So a better * approach is to prefix the oauth provider name to `oauth_state` value. For example: * For example: "facebook_oauth_state" */ this.stateCookieName = 'rds_oauth_state'; /** * Parameter name to be used for sending and receiving the state from. * Read the documentation of your oauth provider and update the param * name to match the query string used by the provider for exchanging * the state. */ this.stateParamName = 'state'; /** * Parameter name for sending the scopes to the oauth provider. */ this.scopeParamName = 'scope'; /** * The separator indentifier for defining multiple scopes */ this.scopesSeparator = ' '; /** * Extremely important to call the following method to clear the * state set by the redirect request. * * DO NOT REMOVE THE FOLLOWING LINE */ this.loadState(); } /** * Optionally configure the authorization redirect request. The actual request * is made by the base implementation of "Oauth2" driver and this is a * hook to pre-configure the request. */ configureRedirectRequest(request) { request.scopes(['user']); } /** * Optionally configure the access token request. The actual request is made by * the base implementation of "Oauth2" driver and this is a hook to pre-configure * the request */ configureAccessTokenRequest(request) { /** * Send state to rd when request is not stateles */ if (!this.isStateless) { request.field('state', this.stateCookieValue); } } /** * Update the implementation to tell if the error received during redirect * means "ACCESS DENIED". */ accessDenied() { return this.ctx.request.input('error') === 'user_denied'; } getAuthenticatedRequest(url, token) { const request = this.httpClient(url); request.header('Authorization', `token ${token}`); request.header('Accept', 'application/json'); request.parseAs('json'); return request; } /** * Get the user details by query the provider API. This method must return * the access token and the user details both. Checkout the google * implementation for same. * * https://github.com/adonisjs/ally/blob/develop/src/Drivers/Google/index.ts#L191-L199 */ async user(callback) { const accessToken = await this.accessToken(); const request = this.httpClient(this.config.userInfoUrl || this.userInfoUrl); /** * Allow end user to configure the request. This should be called after your custom * configuration, so that the user can override them (if required) */ if (typeof callback === 'function') { callback(request); } /** * Write your implementation details here */ return { ...accessToken, ...this.decodeUserToken(accessToken.token) }; } async userFromToken(accessToken, callback) { const request = this.httpClient(this.config.userInfoUrl || this.userInfoUrl); /** * Allow end user to configure the request. This should be called after your custom * configuration, so that the user can override them (if required) */ if (typeof callback === 'function') { callback(request); } /** * Write your implementation details here */ return { token: accessToken, type: 'bearer', ...this.decodeUserToken(accessToken) }; } /** * Decode token and extract user details */ decodeUserToken(accessToken) { function base64UrlDecode(str) { // Padding for base64 to be valid str = str.replace(/-/g, '+').replace(/_/g, '/'); while (str.length % 4) { str += '='; } return Buffer.from(str, 'base64').toString(); } const parts = accessToken.split('.'); return JSON.parse(base64UrlDecode(parts[1])); } } exports.RDStationDriver = RDStationDriver;