payload-auth-plugin
Version:
Authentication plugin for Payload CMS
83 lines (74 loc) • 2.28 kB
text/typescript
import type { AuthorizationServer } from "oauth4webapi"
import { InvalidDomain } from "../../core/errors/consoleErrors.js"
import type {
AccountInfo,
OAuth2ProviderConfig,
OAuthBaseProviderConfig,
} from "../../types.js"
interface RobloxAuthConfig extends OAuthBaseProviderConfig {
/**
* Domain is required to create custom email addresses, since Roblox does not share users’ actual email addresses for security and privacy reasons. The plugin automatically generates a unique custom email address for each new signup.
*/
emailDomain: string
}
const authorization_server: AuthorizationServer = {
issuer: "https://apis.roblox.com/oauth/",
authorization_endpoint: "https://apis.roblox.com/oauth/v1/authorize",
token_endpoint: "https://apis.roblox.com/oauth/v1/token",
userinfo_endpoint: "https://apis.roblox.com/oauth/v1/userinfo",
}
/**
* Add Roblox OAuth2 Provider
*
* #### Callback or Redirect URL pattern
*
* ```
* https://example.com/api/{name}/oauth/callback/roblox
* ```
*
* #### Plugin Setup
*
* ```ts
* import { Plugin } from 'payload'
* import {authPlugin} from "payload-auth-plugin"
* import {RobloxAuthProvider} from "payload-auth-plugin/providers"
*
* export const plugins: Plugin[] = [
* authPlugin({
* providers:[
* RobloxAuthProvider({
* client_id: process.env.ROBOLOX_CLIENT_ID as string,
* client_secret: process.env.ROBOLOR_CLIENT_SECRET as string,
* })
* ]
* })
* ]
* ```
*
*/
function RobloxAuthProvider(config: RobloxAuthConfig): OAuth2ProviderConfig {
const { overrideScope, ...restConfig } = config
const domainRegex = /^(?!-)(?:[a-zA-Z0-9-]{1,63}\.)+[a-zA-Z]{2,63}$/;
const isValidDomain = domainRegex.test(restConfig.emailDomain);
if (!isValidDomain) {
throw new InvalidDomain()
}
return {
...restConfig,
id: "roblox",
scope: overrideScope ?? "openid email profile",
authorization_server,
name: "Roblox",
algorithm: "oauth2",
kind: "oauth",
profile: (profile): AccountInfo => {
return {
sub: profile.sub as string,
name: profile.name as string,
email: profile.email as string,
picture: profile.picture as string,
}
},
}
}
export default RobloxAuthProvider