UNPKG

json-object-editor

Version:

JOE the Json Object Editor | Platform Edition

craydent.com/JsonObjectEditor/docs.html

121 lines (103 loc) 4.19 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
var jwtDecode = require('jwt-decode'); // var request = require("request"); //var got = require('got'); function Auth(){ var self = this; this.default = function(data,req,res){ try{ var payload = { params:req.params, data:data } }catch(e){ return {errors:'plugin error: '+e,failedat:'plugin'}; } return payload; }; this.login = async function(data,req,res){ // Use got to exchange the Google authorization_code for tokens. // We POST form-encoded params to the current Google OAuth token endpoint. const gotMod = await import('got'); const got = gotMod.default || gotMod; var originalUrl = data.state||''; console.log(originalUrl); const tokenUrl = 'https://oauth2.googleapis.com/token'; const options = { method: 'POST', // Google expects application/x-www-form-urlencoded body, not querystring. form: { grant_type: 'authorization_code', code: data.code, redirect_uri: `${JOE.webconfig.authorization.host}/API/plugin/auth/login`, client_id: JOE.webconfig.authorization.client_id, client_secret: JOE.webconfig.authorization.client_secret }, headers: { 'cache-control': 'no-cache', Accept: 'application/json' }, responseType: 'json', https: { rejectUnauthorized: false } }; got(tokenUrl, options) .then(response => { const body = response.body || {}; // if (error){ // res.send(error); // return; // } if (body.error){ // Bubble up Google's error payload so it's easier to diagnose console.error('[auth.login] Google token error payload:', body); res.status(400).send(body); return; } //res.send(body); //get creds var id_token = body.id_token; var access_token = body.access_token; var user = {}; var idTokenInfo = jwtDecode(id_token); //var accessTokenInfo = jwtDecode(access_token); //user.username = accessTokenInfo.username.toLowerCase(); user.email = idTokenInfo.email.toLowerCase(); var users = (JOE.Data && JOE.Data.user) || []; var User = users.where({email:user.email})[0]||false; if(User){ //req.cookies._j_user && req.cookies._j_token res.cookie('_j_user',User.name); res.cookie('_j_token',User.token); }else{ var finalUrl = originalUrl+(originalUrl.indexOf('?') == -1?'?':'&')+'noSSO=true' res.redirect(finalUrl); return; } //redirect to home or gotoUrl res.redirect(originalUrl || `/JOE/${User.apps[0]}`); }) .catch(error => { // Log structured info so we can see status + body from Google const status = error.response && error.response.statusCode; const body = error.response && error.response.body; console.error('[auth.login] HTTPError from Google token endpoint:', { status, body, message: error.message }); res.status(status || 500).send(body || { error: 'oauth_token_error', message: error.message }); }); return({use_callback:true}); } this.html = function(data,req,res){ return JSON.stringify(self.default(data,req),'','\t\r\n <br/>'); } this.protected = []; this.async = {login:true} return self; } module.exports = new Auth();