Improve popup window support.

Switching to new views_repo with new build system
2020-11-03 23:29:56 +01:00
parent 6b4ad81940
commit dd10cae1cd
19 changed files with 163 additions and 1800 deletions
--- a/src/api/oauth/refresh.ts
+++ b/src/api/oauth/refresh.ts
@ -16,6 +16,7 @@ import moment = require("moment");
 // import { JWTExpDur } from "../../keys";
 import RefreshToken from "../../models/refresh_token";
 import { getEncryptionKey } from "../../helper/user_key";
+import { refreshTokenValidTime } from "../../config";

 // TODO:
 /*
@ -27,8 +28,6 @@ legitimate client, one of them will present an invalidated refresh
 token, which will inform the authorization server of the breach.
 */

-const refreshTokenValidTime = moment.duration(6, "month");
-
 const RefreshTokenRoute = Stacker(
   GetClientAuthMiddleware(false, false, true),
   async (req: Request, res: Response) => {
--- a/src/api/user/index.ts
+++ b/src/api/user/index.ts
@ -1,11 +1,11 @@
 import { Router } from "express";
 import { GetAccount } from "./account";
 import { GetContactInfos } from "./contact";
-import { GetJWTByUser } from "./jwt";
 import Login from "./login";
 import Register from "./register";
 import { DeleteToken, GetToken } from "./token";
 import TwoFactorRoute from "./twofactor";
+import OAuthRoute from "./oauth";

 const UserRoute: Router = Router();

@ -127,6 +127,6 @@ UserRoute.get("/account", GetAccount);
 */
 UserRoute.get("/contact", GetContactInfos);

-UserRoute.get("/jwt", GetJWTByUser);
+UserRoute.use("/oauth", OAuthRoute);

 export default UserRoute;
--- a/src/api/user/jwt.ts
+++ b/src/api/user/jwt.ts
@ -1,37 +0,0 @@
-import { Request, Response } from "express";
-import Stacker from "../middlewares/stacker";
-import { GetUserMiddleware } from "../middlewares/user";
-import { URL } from "url";
-import Client from "../../models/client";
-import RequestError, { HttpStatusCode } from "../../helper/request_error";
-import { getAccessTokenJWT } from "../../helper/jwt";
-
-export const GetJWTByUser = Stacker(
-   GetUserMiddleware(true, false),
-   async (req: Request, res: Response) => {
-      const { client_id, origin } = req.query as { [key: string]: string };
-
-      const client = await Client.findOne({
-         client_id,
-      });
-
-      const clientNotFoundError = new RequestError(
-         "Client not found!",
-         HttpStatusCode.BAD_REQUEST
-      );
-
-      if (!client) throw clientNotFoundError;
-
-      const clientUrl = new URL(client.redirect_url);
-
-      if (clientUrl.hostname !== origin) throw clientNotFoundError;
-
-      const jwt = await getAccessTokenJWT({
-         user: req.user,
-         client: client,
-         permissions: [],
-      });
-
-      res.json({ jwt });
-   }
-);
--- a/src/api/user/oauth/_helper.ts
+++ b/src/api/user/oauth/_helper.ts
@ -0,0 +1,21 @@
+import RequestError, { HttpStatusCode } from "../../../helper/request_error";
+import Client, { IClient } from "../../../models/client";
+
+export async function getClientWithOrigin(client_id: string, origin: string) {
+   const client = await Client.findOne({
+      client_id,
+   });
+
+   const clientNotFoundError = new RequestError(
+      "Client not found!",
+      HttpStatusCode.BAD_REQUEST
+   );
+
+   if (!client) throw clientNotFoundError;
+
+   const clientUrl = new URL(client.redirect_url);
+
+   if (clientUrl.hostname !== origin) throw clientNotFoundError;
+
+   return client;
+}
--- a/src/api/user/oauth/index.ts
+++ b/src/api/user/oauth/index.ts
@ -0,0 +1,12 @@
+import { Router } from "express";
+import { GetJWTByUser } from "./jwt";
+import { GetPermissionsForAuthRequest } from "./permissions";
+import { GetTokenByUser } from "./refresh_token";
+
+const router = Router();
+
+router.get("/jwt", GetJWTByUser);
+router.get("/permissions", GetPermissionsForAuthRequest);
+router.get("/refresh_token", GetTokenByUser);
+
+export default router;
--- a/src/api/user/oauth/jwt.ts
+++ b/src/api/user/oauth/jwt.ts
@ -0,0 +1,25 @@
+import { Request, Response } from "express";
+import Stacker from "../../middlewares/stacker";
+import { GetUserMiddleware } from "../../middlewares/user";
+import { URL } from "url";
+import Client from "../../../models/client";
+import RequestError, { HttpStatusCode } from "../../../helper/request_error";
+import { getAccessTokenJWT } from "../../../helper/jwt";
+import { getClientWithOrigin } from "./_helper";
+
+export const GetJWTByUser = Stacker(
+   GetUserMiddleware(true, false),
+   async (req: Request, res: Response) => {
+      const { client_id, origin } = req.query as { [key: string]: string };
+
+      const client = await getClientWithOrigin(client_id, origin);
+
+      const jwt = await getAccessTokenJWT({
+         user: req.user,
+         client: client,
+         permissions: [],
+      });
+
+      res.json({ jwt });
+   }
+);
--- a/src/api/user/oauth/permissions.ts
+++ b/src/api/user/oauth/permissions.ts
@ -0,0 +1,38 @@
+import { Request, Response } from "express";
+import Stacker from "../../middlewares/stacker";
+import { GetUserMiddleware } from "../../middlewares/user";
+import { URL } from "url";
+import Client from "../../../models/client";
+import RequestError, { HttpStatusCode } from "../../../helper/request_error";
+import { randomBytes } from "crypto";
+import moment = require("moment");
+import RefreshToken from "../../../models/refresh_token";
+import { refreshTokenValidTime } from "../../../config";
+import { getClientWithOrigin } from "./_helper";
+import Permission from "../../../models/permissions";
+
+export const GetPermissionsForAuthRequest = Stacker(
+   GetUserMiddleware(true, false),
+   async (req: Request, res: Response) => {
+      const { client_id, origin, permissions } = req.query as {
+         [key: string]: string;
+      };
+
+      const client = await getClientWithOrigin(client_id, origin);
+
+      const perm = permissions.split(",").filter((e) => !!e);
+
+      const resolved = await Promise.all(
+         perm.map((p) => Permission.findById(p))
+      );
+
+      if (resolved.some((e) => e.grant_type !== "user")) {
+         throw new RequestError(
+            "Invalid Permission requested",
+            HttpStatusCode.BAD_REQUEST
+         );
+      }
+
+      res.json({ permissions: resolved });
+   }
+);
--- a/src/api/user/oauth/refresh_token.ts
+++ b/src/api/user/oauth/refresh_token.ts
@ -0,0 +1,49 @@
+import { Request, Response } from "express";
+import Stacker from "../../middlewares/stacker";
+import { GetUserMiddleware } from "../../middlewares/user";
+import { URL } from "url";
+import Client from "../../../models/client";
+import RequestError, { HttpStatusCode } from "../../../helper/request_error";
+import { randomBytes } from "crypto";
+import moment = require("moment");
+import RefreshToken from "../../../models/refresh_token";
+import { refreshTokenValidTime } from "../../../config";
+import { getClientWithOrigin } from "./_helper";
+import Permission from "../../../models/permissions";
+
+export const GetTokenByUser = Stacker(
+   GetUserMiddleware(true, false),
+   async (req: Request, res: Response) => {
+      const { client_id, origin, permissions } = req.query as {
+         [key: string]: string;
+      };
+
+      const client = await getClientWithOrigin(client_id, origin);
+
+      const perm = permissions.split(",").filter((e) => !!e);
+
+      const resolved = await Promise.all(
+         perm.map((p) => Permission.findById(p))
+      );
+
+      if (resolved.some((e) => e.grant_type !== "user")) {
+         throw new RequestError(
+            "Invalid Permission requested",
+            HttpStatusCode.BAD_REQUEST
+         );
+      }
+
+      let token = RefreshToken.new({
+         user: req.user._id,
+         client: client._id,
+         permissions: resolved.map((e) => e._id),
+         token: randomBytes(16).toString("hex"),
+         valid: true,
+         validTill: moment().add(refreshTokenValidTime).toDate(),
+      });
+
+      await RefreshToken.save(token);
+
+      res.json({ token });
+   }
+);
--- a/src/config.ts
+++ b/src/config.ts
@ -1,8 +1,9 @@
 import { parse } from "@hibas123/config";
 import { Logging } from "@hibas123/nodelogging";
 import * as dotenv from "dotenv";
-import { readFileSync } from "fs";
-import * as ini from "ini";
+import moment = require("moment");
+
+export const refreshTokenValidTime = moment.duration(6, "month");

 dotenv.config();

--- a/src/views/views.ts
+++ b/src/views/views.ts
@ -40,13 +40,13 @@ ViewRouter.get("/register", (req, res) => {
 ViewRouter.use(
   "/login",
   addCache,
-   ServeStatic("./views_repo/build/login", { cacheControl: false })
+   ServeStatic("./views_repo/build/Login", { cacheControl: false })
 );

 ViewRouter.use(
   "/user",
   addCache,
-   ServeStatic("./views_repo/build/user", { cacheControl: false })
+   ServeStatic("./views_repo/build/User", { cacheControl: false })
 );

 ViewRouter.get("/code", (req, res) => {
@ -69,9 +69,15 @@ ViewRouter.get(

 ViewRouter.get("/auth", GetAuthRoute(true));

-ViewRouter.get("/popup", UserMiddleware, (req, res) => {
-   res.send(GetPopupPage(req.__));
-});
+ViewRouter.use(
+   "/popup",
+   addCache,
+   ServeStatic("./views_repo/build/Popup", { cacheControl: false })
+);
+
+// ViewRouter.get("/popup", UserMiddleware, (req, res) => {
+//    res.send(GetPopupPage(req.__));
+// });

 // if (config.core.dev) {
 //    const logo =