@cloudbase/oauth 0.0.4-alpha.0 → 1.0.0-alpha.1

package/CHANGELOG.md

@@ -0,0 +1,30 @@
+## 更新日志
+
+
+### 1.3.3beta
+
+1. 三方登录开放 `provider_access_token` 和 `provider_id_token`
+
+
+### 1.2.3
+
+1. OAuth2Client 增加 hasCredentials 方法，判断是否存在 credentials（不校验有限性也不触发 refresh token）
+2. 增加 LocalCredentials 管理 credentials， 简化 OAuth2Client 代码逻辑
+
+### 1.1.3
+
+1. 修复 getAccessToken 方法获取不到 refresh 之后的 token 的 bug
+2. 增加 SinglePromise 模块
+
+### 1.0.12
+
+1. 添加 ErrorType enum
+
+### 1.0.11
+
+1. OAuth2Client 中 refresh token，如果请求返回的 error 为 invalid_grant 时，删除本地 token
+2. OAuth2Client 中，对 defaultRequest 的 options 数据进行拷贝，避免修改了传入的参数数据
+
+### 1.0.9
+
+1. 代码格式化

package/Dockerfile

@@ -0,0 +1,15 @@
+# FROM base_npm:latest
+
+# # ARG NPM_TOKEN
+# RUN mkdir -p /usr/src/app
+# WORKDIR /usr/src/app/
+
+# COPY package.json  .
+# ADD . /usr/src/app
+# RUN npm set registry https://npm.xbase.xyz
+# RUN npm install
+# RUN npm run build
+
+# # @todo use semantic-release with gitlab ci to auto release with branch
+# # RUN npm view @xbase/sdk version
+# RUN npm publish 

package/README.md

@@ -14,8 +14,170 @@ Auth 登录相关模块
 
 ```typescript
 const authOptions = {
-  apiOrigin: '服务域名',
-  clientId: '客户端ID',
+	apiOrigin: "服务域名",
+	clientId: "客户端ID"
+}
+const auth = new Auth(authOptions)
+```
+
+```typescript
+import { initializeClient } from "@xbasesdk/xbase"
+const config = {
+	env: "xbase-4gh5dh6nf62145a9"
+}
+const client = initializeClient(config)
+// 调用API
+const loginState = await client.auth.hasLoginState()
+// 获取 accessToken
+const accessToken = await client.oAuth2Client.getAccessToken()
+
+// 用 OIDC Token 用自己的API
+export interface ExampleData {
+	result?: string
+}
+const data = await client.oAuth2Client.request<ExampleData>(
+	"https://example.com",
+	{ withCredentials: true }
+)
+console.log(data.result)
+
+
+
+import {initializeApp} from '@clodbasesdk/oauth/app';
+import {getAuth} from '@clodbasesdk/oauth/auth';
+export const config = {
+    env: 'env-4gh5dh6nf62145a9'
 };
-const auth = new Auth(authOptions);
+const app = initializeApp(config)
+const auth = getAuth(app)
+// 调用API
+const loginState = await auth.hasLoginState()
+```
+
+### 账号登录
+
+```typescript
+auth.signIn({
+	username: "test",
+	password: "test"
+})
 ```
+
+### 手机验证码登录/注册
+
+```typescript
+const phoneNumber = "10012341234"
+// 短信验证码
+const verificationCode = "******"
+const verification = await auth.getVerification({
+	phone_number: "+86 " + phoneNumber,
+	target: "ANY"
+})
+
+let verifyResult = await auth.verify({
+	verification_code: verificationCode,
+	verification_id: verification ? verification.verification_id : ""
+})
+let isUser = verification ? verification.is_user : false
+
+let result
+if (isUser) {
+	result = await auth.signIn({
+		username: "+86 " + phoneNumber,
+		verification_code: verificationCode,
+		verification_token: verifyResult.verification_token
+	})
+} else {
+	result = await auth.signUp({
+		phone_number: "+86 " + phoneNumber,
+		password: "*******",
+		verification_code: verificationCode,
+		verification_token: verifyResult.verification_token,
+		local: "zh-cn",
+		name: "100****1234"
+	})
+}
+```
+
+### 错误处理
+
+```typescript
+try {
+	await auth.verify({
+		verification_code: verificationCode,
+		verification_id: verification ? verification.verification_id : ""
+	})
+} catch (error) {
+	if (error && error.error_uri === "/v1/auth/verification/verify") {
+		switch (error.error) {
+			case "not_found": {
+				result = i18n.translate("error", "User Not Found")
+				break
+			}
+			case "invalid_password": {
+				if (error.details !== undefined && error.details.length > 0) {
+					result =
+						i18n.translate("error", "Certification failed, you still have") +
+						error.details[0].limit_remaining +
+						i18n.translate("error", "chances. You can also") +
+						"" +
+						i18n.translate("error", "Reset Login Password") +
+						"</a>"
+				} else {
+					result = i18n.translate("error", "Password does not match")
+				}
+				break
+			}
+			case "user_pending": {
+				result = i18n.translate("error", "The account is not activated")
+				break
+			}
+			case "user_blocked": {
+				result = i18n.translate("error", "Account has been disabled")
+				break
+			}
+			case "invalid_status": {
+				if (error.details !== undefined && error.details.length > 0) {
+					let s = error.details[0].retry_delay
+					s = s.substring(0, s.length - 1)
+					s = parseInt(s)
+					result =
+						i18n.translate(
+							"error",
+							"The password input error has reached the upper limit and the account will be locked "
+						) +
+						(s < 3600
+							? s / 60 + i18n.translate("error", "minute")
+							: s / 3600 + i18n.translate("error", "hour"))
+				} else {
+					result = i18n.translate(
+						"error",
+						"Account has been temporarily locked"
+					)
+				}
+				break
+			}
+			case "invalid_two_factor": {
+				result = i18n.translate(
+					"error",
+					"Secondary authentication code does not match or has expired"
+				)
+				break
+			}
+			case "invalid_two_factor_recovery": {
+				result = i18n.translate(
+					"error",
+					"Recovery code does not match or has expired"
+				)
+				break
+			}
+			default: {
+				result = i18n.translate("error", "unknown")
+				break
+			}
+		}
+	}
+}
+```
+
+## [更新日志](./CHANGELOG.md)

package/_exmaple/assets/scripts/function/function.ts

@@ -0,0 +1,99 @@
+import { App } from "@xbasesdk/xbase/app";
+import { getOAuthClient, AuthClient, ErrorType } from "@xbasesdk/xbase/oauthclient";
+import { uuidv4 } from "@xbasesdk/xbase/utils/uuid";
+
+export interface FunctionOptions {
+  credentialsClient: AuthClient;
+  env: string
+}
+
+/**
+ * Returns the existing `Auth` instance that is associated with the app
+ */
+export function getFunction(app: App): Function {
+  const credentialsClient = getOAuthClient(app)
+  return new Function({
+    credentialsClient: credentialsClient,
+    env: app.options.clientId
+  })
+}
+
+
+export class Function {
+
+  private _config: FunctionOptions;
+
+  /**
+   * constructor
+   * @param {AuthOptions} opts
+   */
+  constructor(opts: FunctionOptions) {
+    this._config = {
+      credentialsClient: opts.credentialsClient,
+      env: opts.env,
+    }
+  }
+  /**
+   * callFunction call function
+   * @param {SignInRequest} params A SignInRequest Object.
+   * @return {Promise<Credentials>} A Promise<Credentials> object.
+   */
+  public async callFunction(params: FunctionRequest): Promise<FunctionResponse> {
+    let accessToken: string
+    try {
+      accessToken = await this._config.credentialsClient.getAccessToken()
+    } catch (e) {
+      if (e.error === ErrorType.UNAUTHENTICATED) {
+        accessToken = ""
+      } else {
+        return Promise.reject(e)
+      }
+    }
+    const requestId = uuidv4()
+    var reqBody = {
+      "action": "functions.invokeFunction",
+      "dataVersion": "2020-01-10",
+      "env": this._config.env,
+      "function_name": params.name,
+      "request_data": JSON.stringify(params.data),
+      "seqId": requestId,
+      "access_token": accessToken
+    }
+    const url = "/web?env=" + this._config.env
+    const resp = await this._config.credentialsClient.request<functionHTTPResponse>(url, {
+      method: 'POST',
+      body: reqBody,
+      headers: {
+        'content-type': 'application/json'
+      }
+    })
+    if (resp.code) {
+      return Promise.reject({
+        error: resp.code,
+        error_description: resp.message
+      })
+    }
+    return {
+      requestId: resp.requestId,
+      result: resp.data.response_data,
+    }
+  }
+}
+
+
+export interface FunctionRequest {
+  name: string;
+  data: any;
+}
+
+export interface FunctionResponse {
+  requestId: string;
+  result: any;
+}
+
+export interface functionHTTPResponse {
+  requestId: string;
+  data: any
+  code: string
+  message: string
+}

package/_exmaple/assets/scripts/index.ts

@@ -0,0 +1,101 @@
+import { client, fn } from "./request";
+
+async function init() {
+  try {
+    signInWithUserNameAndPassword()
+  } catch (error) {
+    // 获取用户信息失败
+    console.log('test  error: ', error);
+  }
+
+  // try {
+  //     console.log("rest password")
+  //     const verificationToken = await client.auth.getVerification({
+  //         phone_number: "+86 16622002084",
+  //     })
+  //     console.log(verificationToken.verification_id, verificationToken.is_user)
+  // } catch (error) {
+  //     // 获取用户信息失败
+  //     console.log('发送失败  error: ', error);
+  // }
+  try {
+    signInWithProviderToken()
+  } catch (error) {
+    // 获取用户信息失败
+    console.log('grant error  error: ', error);
+  }
+
+  const resp = await fn.callFunction({
+    name: "test", data: {
+      name: "ok"
+    }
+  })
+  console.log(resp.result)
+}
+
+init();
+
+
+
+async function signInWithUserNameAndPassword(): Promise<void> {
+  // 判断是否已经登录过了
+  const loginState = await client.auth.hasLoginState()
+  if (!loginState) {
+    // 用户名密码登录
+    await client.auth.signIn({
+      username: "leenanxi",
+      password: "qw0000"
+    })
+  }
+  // 获取用户信息，相当于 auth.signInWithUsernameAndPassword
+  const userInfoA = await client.auth.getUserProfile()
+  console.log(userInfoA)
+
+  // 修改密码
+
+}
+
+
+async function signInWithProviderToken(): Promise<void> {
+  // 判断是否已经登录过了
+  const loginState = await client.auth.hasLoginState()
+
+  console.log("test", loginState)
+
+  return
+
+  // if (!loginState) {
+  //     const crd = await  client.auth.signInAnonymously()
+  //     console.log(crd)
+  // }
+
+  const userInfoA = await client.auth.getUserProfile()
+  console.log(userInfoA)
+  //
+  // // 获取provider token
+  // const providerToken = await client.auth.grantProviderToken({
+  //     provider_id: "weda",
+  //     provider_access_token: "ya29.a0ARrdaM8nNGa2g3eNWok38QWChn5hcOMZIXIbV48LxcEIt7lSfOt2ERLVRMQh9-iOxMy9anVtVV20ONWWyIHKxeA68D8FlpSZIazLfscLDOY8X1IjzF7kfhLiQwVbPYVeVsj7prOacREaICaaYO632za8bLSp2RU",
+  // });
+  // // 用provider token 登录
+  // client.auth.signInWithProvider({
+  //     provider_token: providerToken.provider_token,
+  // })
+
+  // 调用云函数
+
+
+
+  // 登录成功后，获取用户信息
+  const userInfo = await client.auth.getUserProfile()
+  console.log(userInfo)
+  // 获取 accessToken
+  const accessToken = await client.auth.credentialsClient.getAccessToken();
+  console.log(accessToken)
+  // 用 OIDC 请求信息
+  // export interface ExampleData {
+  //     result?: string;
+  // }
+  // const data = await client.oAuth2Client.request<ExampleData>("https://example.com", {withCredentials:true})
+  // console.log(data.result)
+}

package/_exmaple/assets/scripts/request.ts

@@ -0,0 +1,11 @@
+import {initializeClient} from '@cloudbase/cloudbase';
+import {getFunction} from './function/function';
+
+export const config = {
+    apiOrigin: "https://xbase-4gh5dh6nf62145a9.ap-shanghai.tcb-api.tencentcloudapi.com",
+    clientId: "xbase-4gh5dh6nf62145a9",
+};
+const client = initializeClient(config);
+const fn = getFunction(client.app);
+
+export {client, fn}

package/_exmaple/index.html

@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta http-equiv="Pragma" content="no-cache">
+    <meta http-equiv="Cache-Control" content="no-cache">
+    <meta http-equiv="Expires" content="0">
+    <title>Demo</title>
+</head>
+<body>
+<div>loading...</div>
+<div>test</div>
+</body>
+</html>

package/_exmaple/package.json

@@ -0,0 +1,33 @@
+{
+  "name": "device",
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "build": "cross-env NODE_ENV=production webpack",
+    "start": "cross-env NODE_ENV=development webpack-dev-server"
+  },
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "@types/qs": "^6.9.1",
+    "@xbasesdk/xbase": "file://Users/nx/Documents/go/xbase/src/gitlab.xunlei.cn/xbase/sdk/xbasesdk/dist",
+    "cross-env": "^7.0.2",
+    "firebase": "^9.0.2",
+    "qs": "^6.9.3",
+    "webpack": "^4.39.3",
+    "webpack-cli": "^4.8.0"
+  },
+  "devDependencies": {
+    "@babel/cli": "^7.14.8",
+    "@babel/core": "^7.15.0",
+    "clean-webpack-plugin": "^4.0.0-alpha.0",
+    "copy-webpack-plugin": "^9.0.1",
+    "html-webpack-plugin": "^3.2.0",
+    "ts-loader": "^6.1.0",
+    "typescript": "^3.8.3",
+    "webpack-cli": "^4.8.0",
+    "webpack-dev-server": "^4.1.0"
+  }
+}

package/_exmaple/tsconfig.json

@@ -0,0 +1,71 @@
+{
+  "compilerOptions": {
+    /* Basic Options */
+    // "incremental": true,                   /* Enable incremental compilation */
+    "target": "es2020",                          /* Specify ECMAScript target version: 'ES3' (default), 'ES5', 'ES2015', 'ES2016', 'ES2017', 'ES2018', 'ES2019' or 'ESNEXT'. */
+    "module": "es2020",                     /* Specify module code generation: 'none', 'commonjs', 'amd', 'system', 'umd', 'es2015', or 'ESNext'. */
+    // "lib": [],                             /* Specify library files to be included in the compilation. */
+    "allowJs": true,                       /* Allow javascript files to be compiled. */
+    // "checkJs": true,                       /* Report errors in .js files. */
+    // "jsx": "preserve",                     /* Specify JSX code generation: 'preserve', 'react-native', or 'react'. */
+    // "declaration": true,                   /* Generates corresponding '.d.ts' file. */
+    // "declarationMap": true,                /* Generates a sourcemap for each corresponding '.d.ts' file. */
+    // "sourceMap": true,                     /* Generates corresponding '.map' file. */
+    // "outFile": "./",                       /* Concatenate and emit output to single file. */
+    "outDir": "./dist/",                        /* Redirect output structure to the directory. */
+    // "rootDir": "./",                       /* Specify the root directory of input files. Use to control the output directory structure with --outDir. */
+    // "composite": true,                     /* Enable project compilation */
+    // "tsBuildInfoFile": "./",               /* Specify file to store incremental compilation information */
+    // "removeComments": true,                /* Do not emit comments to output. */
+    // "noEmit": true,                        /* Do not emit outputs. */
+    // "importHelpers": true,                 /* Import emit helpers from 'tslib'. */
+    // "downlevelIteration": true,            /* Provide full support for iterables in 'for-of', spread, and destructuring when targeting 'ES5' or 'ES3'. */
+    // "isolatedModules": true,               /* Transpile each file as a separate module (similar to 'ts.transpileModule'). */
+
+    /* Strict Type-Checking Options */
+    "strict": true,                           /* Enable all strict type-checking options. */
+    "noImplicitAny": true,                 /* Raise error on expressions and declarations with an implied 'any' type. */
+    // "strictNullChecks": true,              /* Enable strict null checks. */
+    // "strictFunctionTypes": true,           /* Enable strict checking of function types. */
+    // "strictBindCallApply": true,           /* Enable strict 'bind', 'call', and 'apply' methods on functions. */
+    // "strictPropertyInitialization": true,  /* Enable strict checking of property initialization in classes. */
+    // "noImplicitThis": true,                /* Raise error on 'this' expressions with an implied 'any' type. */
+    // "alwaysStrict": true,                  /* Parse in strict mode and emit "use strict" for each source file. */
+
+    /* Additional Checks */
+    // "noUnusedLocals": true,                /* Report errors on unused locals. */
+    // "noUnusedParameters": true,            /* Report errors on unused parameters. */
+    // "noImplicitReturns": true,             /* Report error when not all code paths in function return a value. */
+    // "noFallthroughCasesInSwitch": true,    /* Report errors for fallthrough cases in switch statement. */
+
+    /* Module Resolution Options */
+    "moduleResolution": "node",            /* Specify module resolution strategy: 'node' (Node.js) or 'classic' (TypeScript pre-1.6). */
+    // "baseUrl": "./",                       /* Base directory to resolve non-absolute module names. */
+    // "paths": {},                           /* A series of entries which re-map imports to lookup locations relative to the 'baseUrl'. */
+    // "rootDirs": [],                        /* List of root folders whose combined content represents the structure of the project at runtime. */
+    // "typeRoots": [],                       /* List of folders to include type definitions from. */
+    // "types": [],                           /* Type declaration files to be included in compilation. */
+    // "allowSyntheticDefaultImports": true,  /* Allow default imports from modules with no default export. This does not affect code emit, just typechecking. */
+    "esModuleInterop": true,                   /* Enables emit interoperability between CommonJS and ES Modules via creation of namespace objects for all imports. Implies 'allowSyntheticDefaultImports'. */
+    // "preserveSymlinks": true,              /* Do not resolve the real path of symlinks. */
+    // "allowUmdGlobalAccess": true,          /* Allow accessing UMD globals from modules. */
+
+    /* Source Map Options */
+    // "sourceRoot": "",                      /* Specify the location where debugger should locate TypeScript files instead of source locations. */
+    // "mapRoot": "",                         /* Specify the location where debugger should locate map files instead of generated locations. */
+    // "inlineSourceMap": true,               /* Emit a single file with source maps instead of having a separate file. */
+    // "inlineSources": true,                 /* Emit the source alongside the sourcemaps within a single file; requires '--inlineSourceMap' or '--sourceMap' to be set. */
+
+    /* Experimental Options */
+    // "experimentalDecorators": true,        /* Enables experimental support for ES7 decorators. */
+    // "emitDecoratorMetadata": true,         /* Enables experimental support for emitting type metadata for decorators. */
+
+
+
+    "strictPropertyInitialization": false,
+    "experimentalDecorators": true,
+    "strictNullChecks": false,
+    "noUnusedLocals": true,
+    "declaration": true
+  }
+}

package/_exmaple/webpack.config.js

@@ -0,0 +1,42 @@
+const path = require('path');
+const { CleanWebpackPlugin } = require('clean-webpack-plugin');
+const CopyPlugin = require('copy-webpack-plugin');
+const HtmlWebpackPlugin = require('html-webpack-plugin');
+
+const mode = process.env.NODE_ENV;
+
+console.log('环境：', mode);
+
+module.exports = {
+  entry: {
+    main: './assets/scripts/index.ts',
+  },
+  mode,
+  devServer: {
+    contentBase: path.join(__dirname, 'dist'),
+    port: 4000,
+    hot: true,
+  },
+  module: {
+    rules: [
+      {
+        test: /\.tsx?$/,
+        use: 'ts-loader',
+        exclude: /node_modules/
+      }
+    ]
+  },
+  resolve: {
+    extensions: [ '.ts', '.tsx', '.js' ]
+  },
+  output: {
+    filename: '[name].[hash:5].js',
+    path: path.resolve(__dirname, 'dist')
+  },
+  plugins: [
+    new CleanWebpackPlugin(),
+    new HtmlWebpackPlugin({
+      template: "./index.html"
+    })
+  ],
+};

package/dist/auth/apis.d.ts

@@ -1,22 +1,21 @@
-import { GetVerificationRequest, GetVerificationResponse, UserProfile, UserInfo, SignInRequest, SignUpRequest, VerifyRequest, VerifyResponse, GenProviderRedirectUriRequest, GenProviderRedirectUriResponse, GrantProviderTokenRequest, GrantProviderTokenResponse, PatchProviderTokenRequest, PatchProviderTokenResponse, SignInWithProviderRequest, BindWithProviderRequest, TransByProviderRequest, GrantTokenRequest, UserProfileProvider, UnbindProviderRequest, CheckPasswordrRequest, BindPhoneRequest, SetPasswordRequest, ChangeBindedProviderRequest, ChangeBindedProviderResponse, QueryUserProfileReq } from './models';
+import { GetVerificationRequest, GetVerificationResponse, UserProfile, UserInfo, SignInRequest, SignUpRequest, VerifyRequest, VerifyResponse, GenProviderRedirectUriRequest, GenProviderRedirectUriResponse, GrantProviderTokenRequest, GrantProviderTokenResponse, PatchProviderTokenRequest, PatchProviderTokenResponse, SignInWithProviderRequest, BindWithProviderRequest, TransByProviderRequest, GrantTokenRequest, UserProfileProvider, UnbindProviderRequest, CheckPasswordrRequest, BindPhoneRequest, BindEmailRequest, SetPasswordRequest, ChangeBindedProviderRequest, ChangeBindedProviderResponse, UpdatePasswordRequest, SudoResponse, SudoRequest, GetCustomSignTicketFn, QueryUserProfileRequest, QueryUserProfileResponse, ResetPasswordRequest, DeviceAuthorizeRequest, DeviceAuthorizeResponse, CheckUsernameRequest } from './models';
 import { SimpleStorage, RequestFunction } from '../oauth2client/interface';
 import { OAuth2Client } from '../oauth2client/oauth2client';
 import { Credentials } from '../oauth2client/models';
-import { ICloudbase } from '@cloudbase/types';
 export interface AuthOptions {
     apiOrigin: string;
     clientId: string;
     credentialsClient?: OAuth2Client;
     request?: RequestFunction;
     storage?: SimpleStorage;
-    _fromApp?: ICloudbase;
 }
 export declare class Auth {
     private _config;
+    private _getCustomSignTicketFn?;
     constructor(opts: AuthOptions);
     signIn(params: SignInRequest): Promise<Credentials>;
     signInAnonymously(): Promise<Credentials>;
-    protected signUp(params: SignUpRequest): Promise<Credentials>;
+    signUp(params: SignUpRequest): Promise<Credentials>;
     signOut(): Promise<any>;
     getVerification(params: GetVerificationRequest): Promise<GetVerificationResponse>;
     verify(params: VerifyRequest): Promise<VerifyResponse>;
@@ -36,9 +35,18 @@ export declare class Auth {
     unbindProvider(params: UnbindProviderRequest): Promise<void>;
     checkPassword(params: CheckPasswordrRequest): Promise<void>;
     bindPhone(params: BindPhoneRequest): Promise<void>;
+    bindEmail(params: BindEmailRequest): Promise<void>;
     setPassword(params: SetPasswordRequest): Promise<void>;
+    updatePasswordByOld(params: UpdatePasswordRequest): Promise<void>;
+    sudo(params: SudoRequest): Promise<SudoResponse>;
     getCurUserVerification(params: GetVerificationRequest): Promise<GetVerificationResponse>;
     changeBindedProvider(params: ChangeBindedProviderRequest): Promise<ChangeBindedProviderResponse>;
     setUserProfile(params: UserProfile): Promise<UserProfile>;
-    queryUserProfile(appended_params: QueryUserProfileReq): Promise<UserProfile>;
+    queryUserProfile(params: QueryUserProfileRequest): Promise<QueryUserProfileResponse>;
+    setCustomSignFunc(getTickFn: GetCustomSignTicketFn): void;
+    signInWithCustomTicket(): Promise<Credentials>;
+    resetPassword(params: ResetPasswordRequest): Promise<void>;
+    deviceAuthorize(params: DeviceAuthorizeRequest): Promise<DeviceAuthorizeResponse>;
+    checkUsername(params: CheckUsernameRequest): Promise<void>;
+    loginScope(): Promise<string>;
 }