@abtnode/blocklet-services 1.16.17-beta-6f0c7674 → 1.16.17-beta-703fb879

package/api/libs/open-graph/emoji.js

@@ -0,0 +1,80 @@
+/* eslint-disable consistent-return */
+/* eslint-disable no-bitwise */
+const fetch = require('node-fetch').default;
+
+const U200D = String.fromCharCode(8205); // zero-width joiner
+const UFE0Fg = /\uFE0F/g; // variation selector regex
+
+const getIconCode = (char) => toCodePoint(char.indexOf(U200D) < 0 ? char.replace(UFE0Fg, '') : char);
+
+const toCodePoint = (unicodeSurrogates) => {
+  const r = [];
+  let c = 0;
+  let p = 0;
+  let i = 0;
+  while (i < unicodeSurrogates.length) {
+    c = unicodeSurrogates.charCodeAt(i++);
+    if (p) {
+      r.push((65536 + ((p - 55296) << 10) + (c - 56320)).toString(16));
+      p = 0;
+    } else if (c >= 55296 && c <= 56319) {
+      p = c;
+    } else {
+      r.push(c.toString(16));
+    }
+  }
+  return r.join('-');
+};
+
+const apis = {
+  twemoji: (code) => `https://cdn.jsdelivr.net/gh/twitter/twemoji@14.0.2/assets/svg/${code.toLowerCase()}.svg`,
+  openmoji: 'https://cdn.jsdelivr.net/npm/@svgmoji/openmoji@2.0.0/svg/',
+  blobmoji: 'https://cdn.jsdelivr.net/npm/@svgmoji/blob@2.0.0/svg/',
+  noto: 'https://cdn.jsdelivr.net/gh/svgmoji/svgmoji/packages/svgmoji__noto/svg/',
+  fluent: (code) => `https://cdn.jsdelivr.net/gh/shuding/fluentui-emoji-unicode/assets/${code.toLowerCase()}_color.svg`,
+  fluentFlat: (code) =>
+    `https://cdn.jsdelivr.net/gh/shuding/fluentui-emoji-unicode/assets/${code.toLowerCase()}_flat.svg`,
+};
+
+// https://github.com/svgmoji/svgmoji
+const loadEmoji = (code, type) => {
+  const api = apis[type] ?? apis.twemoji;
+  if (typeof api === 'function') {
+    return fetch(api(code));
+  }
+  return fetch(`${api}${code.toUpperCase()}.svg`);
+};
+
+const cache = new Map();
+const loadDynamicAsset = (emojiType = 'twemoji') => {
+  const fn = async (languageCode, text) => {
+    if (languageCode === 'emoji') {
+      const code = getIconCode(text);
+      try {
+        const emoji = await loadEmoji(code, emojiType);
+        return `data:image/svg+xml;base64,${btoa(await emoji.text())}`;
+      } catch (err) {
+        console.error(`Failed to fetch emoji: ${text}:${code}`, err);
+      }
+    }
+  };
+
+  return async (...args) => {
+    const key = JSON.stringify({ ...args, emojiType });
+    const cached = cache.get(key);
+    if (cached) {
+      return cached;
+    }
+
+    const font = await fn(...args);
+    cache.set(key, font);
+    return font;
+  };
+};
+
+module.exports = {
+  apis,
+  getIconCode,
+  loadEmoji,
+  loadDynamicAsset,
+};

package/api/libs/open-graph/index.js

@@ -15,6 +15,7 @@ const logger = require('@abtnode/logger')('@abtnode/blocklet-services/og');
 
 const { getTemplate, getLogoSvg } = require('./template');
 const { getCacheFilePath } = require('../image');
+const emoji = require('./emoji');
 
 const TEMPLATES = ['default', 'section', 'cover'];
 
@@ -64,6 +65,12 @@ const schema = Joi.object({
   logo: Joi.string()
     .uri({ scheme: ['https'] })
     .optional(),
+
+  // custom emoji
+  emoji: Joi.string()
+    .valid(...Object.keys(emoji.apis))
+    .optional()
+    .default('twemoji'),
 }).options({ stripUnknown: true, allowUnknown: true, noDefaults: false });
 
 const generateTasks = {};
@@ -133,9 +140,14 @@ const convertExternalImage = (url, dest) => {
           headers: { Accept: 'image/*' },
         },
         (res) => {
+          if (res.statusCode && res.statusCode >= 400) {
+            reject(new Error(`unexpected external image status: ${res.statusCode}`));
+            return;
+          }
+
           const [type] = (res.headers['content-type'] || '').split('/');
           if (type !== 'image') {
-            reject(new Error('external image is not an image'));
+            reject(new Error(`unexpected external image format: ${type}`));
             return;
           }
 
@@ -226,6 +238,7 @@ const generateOgImage = async (params, tmpDir) => {
         style: 'normal',
       },
     ],
+    loadAdditionalAsset: emoji.loadDynamicAsset(params.emoji),
   });
 
   if (params.format === 'svg') {

package/api/services/auth/index.js

@@ -88,6 +88,8 @@ const init = ({ node, options }) => {
    *  {boolean} res.blocked
    *  {boolean} res.authenticated
    *  {boolean} res.authorized
+   *  {boolean} res.ignored
+   *  {string} res.payable
    */
   const checkAuth = async ({ req } = {}) => {
     const config = (await req.getServiceConfig(NODE_SERVICES.AUTH)) || {};
@@ -100,32 +102,39 @@ const init = ({ node, options }) => {
 
     const shouldIgnore = shouldIgnoreUrl(req.url, ignoreUrls);
     if (shouldIgnore) {
-      return {};
+      return { ignored: true };
     }
 
+    const teamDid = req.getBlockletDid();
+
     if (!config.whoCanAccess || config.whoCanAccess === WHO_CAN_ACCESS.ALL) {
       if (config.blockUnauthenticated && !req.user) {
         return { blocked: true, authenticated: false };
       }
     } else if (!req.user) {
-      return { blocked: true, authenticated: false };
+      const rbac = await node.getRBAC(teamDid);
+      const allRoles = await rbac.getRoles(teamDid);
+      const payableRole = allRoles.find((x) => x.extra?.acquire?.pay);
+      return { blocked: true, authenticated: false, payable: payableRole?.extra?.acquire?.pay };
     } else if (config.whoCanAccess === WHO_CAN_ACCESS.OWNER && req.user.role !== ROLES.OWNER) {
       return { blocked: true, authenticated: true, authorized: false };
     } else if (config.whoCanAccess.startsWith(WHO_CAN_ACCESS_PREFIX_ROLES)) {
       const roles = getRolesFromAuthConfig(config);
       if (!roles.includes(req.user.role)) {
-        return { blocked: true, authenticated: true, authorized: false };
+        const rbac = await node.getRBAC(teamDid);
+        const allRoles = await rbac.getRoles(teamDid);
+        const payableRole = allRoles.find((x) => roles.includes(x.name) && x.extra?.acquire?.pay);
+        return { blocked: true, authenticated: true, authorized: false, payable: payableRole?.extra?.acquire?.pay };
       }
     }
 
     if (!config.blockUnauthorized) {
-      return {};
+      return { ignored: true };
     }
 
     const rule = await req.getRoutingRule();
     if (rule.to && rule.to.interfaceName) {
       const permissionName = genPermissionName(rule.to.interfaceName);
-      const teamDid = req.getBlockletDid();
       const rbac = await node.getRBAC(teamDid);
 
       if (await rbac.can(req.user.role, ...permissionName.split('_'))) {
@@ -245,12 +254,12 @@ const init = ({ node, options }) => {
   };
 
   middlewares.checkAuth = async (req, res, next) => {
-    const { blocked, authenticated, authorized } = await checkAuth({ req });
+    const { blocked, authenticated, authorized, payable } = await checkAuth({ req });
 
     if (blocked) {
       if (!authenticated) {
         if (req.accepts(['html', 'json']) === 'html') {
-          res.redirect(getRedirectUrl({ req, pagePath: '/login' }));
+          res.redirect(getRedirectUrl({ req, pagePath: '/login', params: { payable } }));
         } else {
           // Security principles: user should not known the reason
           res.status(404).json({ code: 404, error: REASON_404 });
@@ -260,7 +269,7 @@ const init = ({ node, options }) => {
 
       if (!authorized) {
         if (req.accepts(['html', 'json']) === 'html') {
-          res.redirect(getRedirectUrl({ req, pagePath: '/login' }));
+          res.redirect(getRedirectUrl({ req, pagePath: '/login', params: { authenticated: 1, payable } }));
         } else {
           // Security principles: user should not known the reason
           res.status(404).json({ code: 404, error: REASON_404 });

package/api/services/image/index.js

@@ -28,6 +28,11 @@ const createImageService = ({ node }) => {
               status: res.statusCode,
             });
 
+            if (res.statusCode && res.statusCode >= 400) {
+              reject(new Error(`unexpected upstream response status: ${res.statusCode}`));
+              return;
+            }
+
             const [type, extension] = (res.headers['content-type'] || '').split('/');
             if (type !== 'image') {
               reject(new Error(`unexpected response type from upstream: ${type}, expected image`));

package/api/util/index.js

@@ -81,7 +81,7 @@ const ensureProxyUrl = async (req) => {
   return { target };
 };
 
-const getRedirectUrl = ({ req, pagePath }) => {
+const getRedirectUrl = ({ req, pagePath, params = {} }) => {
   const groupPrefix = getGroupPrefix(req);
   const componentPrefix = getComponentPrefix(req);
   const redirectPrefix = groupPrefix === componentPrefix ? groupPrefix : componentPrefix;
@@ -136,6 +136,13 @@ const getRedirectUrl = ({ req, pagePath }) => {
     url.searchParams.set('chainHost', chainHost);
   }
 
+  Object.keys(params).forEach((key) => {
+    if (params[key] === undefined) {
+      return;
+    }
+    url.searchParams.set(key, params[key]);
+  });
+
   return `${url.pathname}${url.search}`;
 };
 

package/build/asset-manifest.json

@@ -1,8 +1,8 @@
 {
   "files": {
     "main.css": "/.well-known/service/static/static/css/main.7ea79dc8.css",
-    "main.js": "/.well-known/service/static/static/js/main.9c5b4fb1.js",
-    "static/js/4716.4a231f60.chunk.js": "/.well-known/service/static/static/js/4716.4a231f60.chunk.js",
+    "main.js": "/.well-known/service/static/static/js/main.3cf7fedb.js",
+    "static/js/4716.1ecc2bb6.chunk.js": "/.well-known/service/static/static/js/4716.1ecc2bb6.chunk.js",
     "static/js/4076.e73cb63a.chunk.js": "/.well-known/service/static/static/js/4076.e73cb63a.chunk.js",
     "static/js/6658.0a27e04e.chunk.js": "/.well-known/service/static/static/js/6658.0a27e04e.chunk.js",
     "static/js/3025.e2b1dac4.chunk.js": "/.well-known/service/static/static/js/3025.e2b1dac4.chunk.js",
@@ -107,8 +107,8 @@
     "index.html": "/.well-known/service/static/index.html",
     "static/media/space-connected.svg": "/.well-known/service/static/static/media/space-connected.9a4e18fd2bc7d065191b0d241a131c28.svg",
     "main.7ea79dc8.css.map": "/.well-known/service/static/static/css/main.7ea79dc8.css.map",
-    "main.9c5b4fb1.js.map": "/.well-known/service/static/static/js/main.9c5b4fb1.js.map",
-    "4716.4a231f60.chunk.js.map": "/.well-known/service/static/static/js/4716.4a231f60.chunk.js.map",
+    "main.3cf7fedb.js.map": "/.well-known/service/static/static/js/main.3cf7fedb.js.map",
+    "4716.1ecc2bb6.chunk.js.map": "/.well-known/service/static/static/js/4716.1ecc2bb6.chunk.js.map",
     "4076.e73cb63a.chunk.js.map": "/.well-known/service/static/static/js/4076.e73cb63a.chunk.js.map",
     "6658.0a27e04e.chunk.js.map": "/.well-known/service/static/static/js/6658.0a27e04e.chunk.js.map",
     "3025.e2b1dac4.chunk.js.map": "/.well-known/service/static/static/js/3025.e2b1dac4.chunk.js.map",
@@ -192,6 +192,6 @@
   },
   "entrypoints": [
     "static/css/main.7ea79dc8.css",
-    "static/js/main.9c5b4fb1.js"
+    "static/js/main.3cf7fedb.js"
   ]
 }

package/build/index.html

@@ -1 +1 @@
-<!doctype html><html lang="en"><head><meta charset="utf-8"/><link rel="icon" href="/favicon.ico?imageFilter=resize&w=32"/><meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1,user-scalable=0"/><meta name="theme-color" content="#000000"/><title>Blocklet Service</title><link rel="manifest" href="/.well-known/service/manifest.json"/><script src="/.well-known/service/api/env"></script><script src="/__blocklet__.js"></script><script defer="defer" src="/.well-known/service/static/static/js/main.9c5b4fb1.js"></script><link href="/.well-known/service/static/static/css/main.7ea79dc8.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div></body></html>
+<!doctype html><html lang="en"><head><meta charset="utf-8"/><link rel="icon" href="/favicon.ico?imageFilter=resize&w=32"/><meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1,user-scalable=0"/><meta name="theme-color" content="#000000"/><title>Blocklet Service</title><link rel="manifest" href="/.well-known/service/manifest.json"/><script src="/.well-known/service/api/env"></script><script src="/__blocklet__.js"></script><script defer="defer" src="/.well-known/service/static/static/js/main.3cf7fedb.js"></script><link href="/.well-known/service/static/static/css/main.7ea79dc8.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div></body></html>