Making grants and authentication now possible.

2020-03-18 11:00:57 +01:00 · 2020-03-18 11:00:57 +01:00 · d94e83b468
commit d94e83b468
parent 44d02b0110
3 changed files with 141 additions and 112 deletions
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@ -5,7 +5,7 @@
   "version": "0.2.0",
   "configurations": [
      {
-         "type": "node",
+         "type": "pwa-node",
         "request": "launch",
         "name": "Launch Program",
         "program": "${workspaceFolder}/lib/index.js",
--- a/locales/en.json
+++ b/locales/en.json
@ -11,5 +11,7 @@
 	"Special token invalid": "Special token invalid",
 	"You are not logged in or your login is expired(Special token invalid)": "You are not logged in or your login is expired(Special token invalid)",
 	"No login token": "No login token",
-	"Login token invalid": "Login token invalid"
+	"Login token invalid": "Login token invalid",
+	"Authorize %s": "Authorize %s",
+	"By clicking on ALLOW, you allow this app to access the requested recources.": "By clicking on ALLOW, you allow this app to access the requested recources."
 }
--- a/src/api/oauth/auth.ts
+++ b/src/api/oauth/auth.ts
@ -84,13 +84,20 @@ import GetAuthPage from "../../views/authorize";
 //    }
 // })

-const GetAuthRoute = (view = false) => Stacker(GetUserMiddleware(false), async (req: Request, res: Response) => {
-   let { response_type, client_id, redirect_uri, scope, state, nored } = req.query;
-   const sendError = (type) => {
-      if (redirect_uri === "$local")
-         redirect_uri = "/code";
-      res.redirect(redirect_uri += `?error=${type}&state=${state}`);
-   }
+const GetAuthRoute = (view = false) =>
+   Stacker(GetUserMiddleware(false), async (req: Request, res: Response) => {
+      let {
+         response_type,
+         client_id,
+         redirect_uri,
+         scope,
+         state,
+         nored
+      } = req.query;
+      const sendError = type => {
+         if (redirect_uri === "$local") redirect_uri = "/code";
+         res.redirect((redirect_uri += `?error=${type}&state=${state}`));
+      };

      const scopes = scope.split(";");

@ -100,7 +107,6 @@ const GetAuthRoute = (view = false) => Stacker(GetUserMiddleware(false), async (
         if (response_type !== "code") {
            return sendError("unsupported_response_type");
         } else {
-
            let client = await Client.findOne({ client_id: client_id });
            if (!client) {
               return sendError("unauthorized_client");
@ -108,7 +114,9 @@ const GetAuthRoute = (view = false) => Stacker(GetUserMiddleware(false), async (

            if (redirect_uri && client.redirect_url !== redirect_uri) {
               Logging.log(redirect_uri, client.redirect_url);
-            return res.send("Invalid redirect_uri. Please check the integrity of the site requesting and contact the administrator of the page, you want to authorize!");
+               return res.send(
+                  "Invalid redirect_uri. Please check the integrity of the site requesting and contact the administrator of the page, you want to authorize!"
+               );
            }

            let permissions: IPermission[] = [];
@ -137,37 +145,51 @@ const GetAuthRoute = (view = false) => Stacker(GetUserMiddleware(false), async (
            let grant: IGrant | undefined = await Grant.findOne({
               client: client._id,
               user: req.user._id
-         })
+            });

            Logging.debug("Grant", grant, permissions);

            let missing_permissions: IPermission[] = [];

            if (grant) {
-            missing_permissions = grant.permissions.map(perm => permissions.find(p => p._id.equals(perm))).filter(e => !!e);
+               missing_permissions = grant.permissions
+                  .map(perm => permissions.find(p => p._id.equals(perm)))
+                  .filter(e => !!e);
            } else {
               missing_permissions = permissions;
            }

-         let client_granted_perm = missing_permissions.filter(e => e.grant_type == "client")
+            let client_granted_perm = missing_permissions.filter(
+               e => e.grant_type == "client"
+            );
            if (client_granted_perm.length > 0) {
-            return sendError("no_permission")
+               return sendError("no_permission");
            }

-         if (grant && missing_permissions.length > 0) {
-            await new Promise<void>((yes, no) => GetUserMiddleware(false, true)(req, res, (err?: Error) => err ? no(err) : yes())); // Maybe unresolved when redirect is happening
+            if (!grant && missing_permissions.length > 0) {
+               await new Promise<void>((yes, no) =>
+                  GetUserMiddleware(false, true)(req, res, (err?: Error) =>
+                     err ? no(err) : yes()
+                  )
+               ); // Maybe unresolved when redirect is happening

               if (view) {
-               res.send(GetAuthPage(req.__, client.name, permissions.map(perm => {
+                  res.send(
+                     GetAuthPage(
+                        req.__,
+                        client.name,
+                        permissions.map(perm => {
                           return {
                              name: perm.name,
                              description: perm.description,
                              logo: client.logo
-                  }
-               })));
+                           };
+                        })
+                     )
+                  );
                  return;
               } else {
-               if (req.body.allow = "true") {
+                  if ((req.body.allow = "true")) {
                     if (!grant)
                        grant = Grant.new({
                           client: client._id,
@ -175,7 +197,9 @@ const GetAuthRoute = (view = false) => Stacker(GetUserMiddleware(false), async (
                           permissions: []
                        });

-                  grant.permissions.push(...missing_permissions.map(e => e._id));
+                     grant.permissions.push(
+                        ...missing_permissions.map(e => e._id)
+                     );
                     await Grant.save(grant);
                  } else {
                     return sendError("access_denied");
@ -187,24 +211,27 @@ const GetAuthRoute = (view = false) => Stacker(GetUserMiddleware(false), async (
               user: req.user._id,
               client: client._id,
               permissions: permissions.map(p => p._id),
-            validTill: moment().add(30, "minutes").toDate(),
+               validTill: moment()
+                  .add(30, "minutes")
+                  .toDate(),
               code: randomBytes(16).toString("hex")
            });
            await ClientCode.save(code);

-         let redir = client.redirect_url === "$local" ? "/code" : client.redirect_url;
+            let redir =
+               client.redirect_url === "$local" ? "/code" : client.redirect_url;
            let ruri = redir + `?code=${code.code}&state=${state}`;
            if (nored === "true") {
               res.json({
                  redirect_uri: ruri
-            })
+               });
            } else {
               res.redirect(ruri);
            }
         }
      } catch (err) {
         Logging.error(err);
-      sendError("server_error")
+         sendError("server_error");
      }
   });