realm-object-server/dist/auth/google/GoogleAuthProvider.js

Realm Object Server

"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
    return new (P || (P = Promise))(function (resolve, reject) {
        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
        function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); }
        step((generator = generator.apply(thisArg, _arguments || [])).next());
    });
};
Object.defineProperty(exports, "__esModule", { value: true });
const AuthProvider_1 = require("../AuthProvider");
const errors = require("../../errors");
const superagent = require("superagent");
class GoogleAuthProvider extends AuthProvider_1.AuthProvider {
    constructor(config) {
        super();
        this.name = "google";
        this.clientId = config.clientId;
    }
    authenticateOrCreateUser(body) {
        return __awaiter(this, void 0, void 0, function* () {
            const accessToken = body.data;
            if (accessToken === undefined) {
                throw new errors.realm.MissingParameters("access token");
            }
            return superagent
                .get(`https://www.googleapis.com/oauth2/v3/tokeninfo?id_token=${accessToken}`)
                .set("Accept", "application/json")
                .then((response) => {
                if (response.body.sub === undefined) {
                    throw new errors.realm.InvalidCredentials();
                }
                if (response.body.aud !== this.clientId) {
                    throw new errors.realm.InvalidCredentials({
                        detail: "Client ID does not match."
                    });
                }
                const now = Math.floor(Date.now() / 1000);
                if (parseInt(response.body.exp, 10) <= now) {
                    throw new errors.realm.InvalidCredentials({
                        detail: "Expiration date is expired."
                    });
                }
                const userId = response.body.sub.toString();
                const foundUser = this.service.getUserByProviderId("google", userId);
                if (foundUser) {
                    return foundUser;
                }
                return this.service.createOrUpdateUser(userId, "google", false, null);
            })
                .catch((err) => {
                throw new errors.realm.InvalidCredentials({
                    detail: err.toString()
                });
            });
        });
    }
}
exports.GoogleAuthProvider = GoogleAuthProvider;
//# sourceMappingURL=GoogleAuthProvider.js.map