Restructuring the Project

Updating dependencies
2023-04-07 19:54:47 +02:00
parent 532107c479
commit 0453e461c9
121 changed files with 16380 additions and 6701 deletions
--- a/Backend/src/api/user/oauth/_helper.ts
+++ b/Backend/src/api/user/oauth/_helper.ts
@ -0,0 +1,21 @@
+import RequestError, { HttpStatusCode } from "../../../helper/request_error";
+import Client, { IClient } from "../../../models/client";
+
+export async function getClientWithOrigin(client_id: string, origin: string) {
+   const client = await Client.findOne({
+      client_id,
+   });
+
+   const clientNotFoundError = new RequestError(
+      "Client not found!",
+      HttpStatusCode.BAD_REQUEST
+   );
+
+   if (!client) throw clientNotFoundError;
+
+   const clientUrl = new URL(client.redirect_url);
+
+   if (clientUrl.hostname !== origin) throw clientNotFoundError;
+
+   return client;
+}
--- a/Backend/src/api/user/oauth/index.ts
+++ b/Backend/src/api/user/oauth/index.ts
@ -0,0 +1,12 @@
+import { Router } from "express";
+import { GetJWTByUser } from "./jwt";
+import { GetPermissionsForAuthRequest } from "./permissions";
+import { GetTokenByUser } from "./refresh_token";
+
+const router = Router();
+
+router.get("/jwt", GetJWTByUser);
+router.get("/permissions", GetPermissionsForAuthRequest);
+router.get("/refresh_token", GetTokenByUser);
+
+export default router;
--- a/Backend/src/api/user/oauth/jwt.ts
+++ b/Backend/src/api/user/oauth/jwt.ts
@ -0,0 +1,25 @@
+import { Request, Response } from "express";
+import Stacker from "../../middlewares/stacker";
+import { GetUserMiddleware } from "../../middlewares/user";
+import { URL } from "url";
+import Client from "../../../models/client";
+import RequestError, { HttpStatusCode } from "../../../helper/request_error";
+import { getAccessTokenJWT } from "../../../helper/jwt";
+import { getClientWithOrigin } from "./_helper";
+
+export const GetJWTByUser = Stacker(
+   GetUserMiddleware(true, false),
+   async (req: Request, res: Response) => {
+      const { client_id, origin } = req.query as { [key: string]: string };
+
+      const client = await getClientWithOrigin(client_id, origin);
+
+      const jwt = await getAccessTokenJWT({
+         user: req.user,
+         client: client,
+         permissions: [],
+      });
+
+      res.json({ jwt });
+   }
+);
--- a/Backend/src/api/user/oauth/permissions.ts
+++ b/Backend/src/api/user/oauth/permissions.ts
@ -0,0 +1,38 @@
+import { Request, Response } from "express";
+import Stacker from "../../middlewares/stacker";
+import { GetUserMiddleware } from "../../middlewares/user";
+import { URL } from "url";
+import Client from "../../../models/client";
+import RequestError, { HttpStatusCode } from "../../../helper/request_error";
+import { randomBytes } from "crypto";
+import moment = require("moment");
+import RefreshToken from "../../../models/refresh_token";
+import { refreshTokenValidTime } from "../../../config";
+import { getClientWithOrigin } from "./_helper";
+import Permission from "../../../models/permissions";
+
+export const GetPermissionsForAuthRequest = Stacker(
+   GetUserMiddleware(true, false),
+   async (req: Request, res: Response) => {
+      const { client_id, origin, permissions } = req.query as {
+         [key: string]: string;
+      };
+
+      const client = await getClientWithOrigin(client_id, origin);
+
+      const perm = permissions.split(",").filter((e) => !!e);
+
+      const resolved = await Promise.all(
+         perm.map((p) => Permission.findById(p))
+      );
+
+      if (resolved.some((e) => e.grant_type !== "user")) {
+         throw new RequestError(
+            "Invalid Permission requested",
+            HttpStatusCode.BAD_REQUEST
+         );
+      }
+
+      res.json({ permissions: resolved });
+   }
+);
--- a/Backend/src/api/user/oauth/refresh_token.ts
+++ b/Backend/src/api/user/oauth/refresh_token.ts
@ -0,0 +1,49 @@
+import { Request, Response } from "express";
+import Stacker from "../../middlewares/stacker";
+import { GetUserMiddleware } from "../../middlewares/user";
+import { URL } from "url";
+import Client from "../../../models/client";
+import RequestError, { HttpStatusCode } from "../../../helper/request_error";
+import { randomBytes } from "crypto";
+import moment = require("moment");
+import RefreshToken from "../../../models/refresh_token";
+import { refreshTokenValidTime } from "../../../config";
+import { getClientWithOrigin } from "./_helper";
+import Permission from "../../../models/permissions";
+
+export const GetTokenByUser = Stacker(
+   GetUserMiddleware(true, false),
+   async (req: Request, res: Response) => {
+      const { client_id, origin, permissions } = req.query as {
+         [key: string]: string;
+      };
+
+      const client = await getClientWithOrigin(client_id, origin);
+
+      const perm = permissions.split(",").filter((e) => !!e);
+
+      const resolved = await Promise.all(
+         perm.map((p) => Permission.findById(p))
+      );
+
+      if (resolved.some((e) => e.grant_type !== "user")) {
+         throw new RequestError(
+            "Invalid Permission requested",
+            HttpStatusCode.BAD_REQUEST
+         );
+      }
+
+      let token = RefreshToken.new({
+         user: req.user._id,
+         client: client._id,
+         permissions: resolved.map((e) => e._id),
+         token: randomBytes(16).toString("hex"),
+         valid: true,
+         validTill: moment().add(refreshTokenValidTime).toDate(),
+      });
+
+      await RefreshToken.save(token);
+
+      res.json({ token });
+   }
+);