@cloudbase/oauth 0.0.4-alpha.0 → 1.0.0-alpha.1

package/src/auth/models.ts

@@ -2,10 +2,11 @@ interface BaseRequest {
   client_id?: string;
 }
 
+export type GetCustomSignTicketFn = () => Promise<string>;
+
 export interface SignInRequest extends BaseRequest {
   username?: string;
   password?: string;
-  verification_code?: string;
   verification_token?: string;
 }
 
@@ -124,6 +125,18 @@ export interface UserProfile {
   created_from?: string;
   sub?: string
   uid?: string
+  address?: {
+    formatted?: string,
+    street_address?: string,
+    locality?: string,
+    region?: string,
+    postal_code?: string,
+    country?: string
+  }
+  nickName?: string // TODO:
+  province?: string // TODO:
+  country?: string // TODO:
+  city?: string // TODO:
 }
 
 export type UserInfo = UserProfile;
@@ -176,3 +189,245 @@ export type ChangeBindedProviderResponse = BaseRequest
 export interface QueryUserProfileReq extends BaseRequest {
   appended_params: string;
 }
+
+export interface SignInWithProviderRequest {
+  provider_token: string;
+  provider_id?: string;
+}
+
+export interface SignUpRequest {
+  phone_number?: string;
+  email?: string;
+
+  verification_code?: string;
+  verification_token?: string;
+  provider_token?: string;
+
+  password?: string;
+  name?: string;
+  gender?: string;
+  picture?: string;
+  locale?: string;
+}
+
+export interface GetVerificationRequest {
+  phone_number?: string;
+  email?: string;
+  // 可选 ANY，USER，NOT_USER, CUR_USER;
+  target?: string | 'ANY';
+  usage?: string;
+}
+
+export interface GetVerificationResponse {
+  verification_id?: string;
+  is_user?: boolean | false;
+}
+
+export interface VerifyResponse {
+  verification_token?: string;
+}
+
+export interface VerifyRequest {
+  verification_code: string;
+  verification_id?: string;
+}
+
+export interface ProviderBindRequest {
+  provider_token: string;
+}
+
+export interface GrantProviderTokenRequest {
+  provider_id: string;
+  provider_redirect_uri?: string;
+  provider_code?: string;
+  provider_access_token?: string;
+  provider_id_token?: string;
+}
+
+export interface GrantProviderTokenResponse {
+  provider_token: string;
+  expires_in: number;
+}
+
+export interface PatchProviderTokenRequest {
+  provider_token: string;
+  provider_params: {
+    encryptedData: string;
+    iv: string;
+  };
+}
+
+export interface PatchProviderTokenResponse {
+  provider_token: string;
+  expires_in: number;
+  provider_profile: ProviderProfile;
+}
+
+export interface GenProviderRedirectUriRequest {
+  provider_id: string;
+  provider_redirect_uri: string;
+  state: string;
+  other_params?: {
+    sign_out_uri?: string;
+  };
+}
+
+export interface GenProviderRedirectUriResponse {
+  uri: string;
+  signout_uri?: string;
+}
+
+export interface BindWithProviderRequest {
+  provider_token: string;
+}
+
+export interface BindWithProviderRequest {
+  provider_token: string;
+}
+
+export interface UserProfileProvider {
+  id?: string;
+  provider_user_id?: string;
+  name?: string;
+}
+
+export interface UserProfile {
+  name?: string;
+  picture?: string;
+  username?: string;
+  email?: string;
+  email_verified?: boolean;
+  phone_number?: string;
+  providers?: [UserProfileProvider];
+  gender?: string;
+  birthdate?: string;
+  zoneinfo?: string;
+  locale?: string;
+  created_from?: string;
+}
+
+export interface ProviderProfile {
+  provider_id: string;
+  phone_number?: string;
+}
+
+export interface TransByProviderRequest {
+  provider_token: string;
+}
+
+export interface GrantTokenRequest {
+  client_secret?: string;
+  code?: string;
+  grant_type?: string;
+  redirect_uri?: string;
+  nonce?: string;
+  refresh_token?: string;
+  scope?: string;
+}
+
+export interface UnbindProviderRequest {
+  provider_id: string;
+}
+
+export interface CheckPasswordrRequest {
+  password: string;
+}
+
+export interface BindPhoneRequest {
+  phone_number: string;
+  sudo_token: string;
+  verification_token: string;
+  conflict_resolution: string
+  // 1. DEFAULT 0, 默认提示用户手机号已被绑定
+  // 2. DELETE_ACCOUNT_TRANSFER 1, 标记原账号已被注销，并将手机换绑给自己
+  // 3. TRANSFER 2, 仅换绑手机号，不注销原有账号（换绑后原账号无法登录时，则自动注销原账号）
+}
+
+export interface BindEmailRequest {
+  email: string;
+  sudo_token: string;
+  verification_token: string;
+}
+
+export interface SetPasswordRequest {
+  new_password: string;
+  sudo_token: string;
+}
+
+
+export interface SetPasswordRequest {
+  new_password: string;
+  sudo_token: string;
+}
+
+export interface UpdatePasswordRequest {
+  old_password: string;
+  new_password: string;
+}
+
+// password 和 verification_token 而选一，如果绑定了手机号，则必须使用verification_token 进行sudo
+export interface SudoRequest {
+  password?: string;
+  verification_token?: string
+}
+
+export interface SudoResponse {
+  sudo_token?: string
+}
+
+
+export interface ChangeBoundProviderRequest {
+  trans_token: string;
+  provider_id: string;
+}
+
+export interface ChangeBoundProviderResponse {
+  client_id: string;
+}
+
+export interface QueryUserProfileRequest {
+  id?: [string];
+  username?: string;
+  email?: string;
+  phone_number?: string;
+}
+
+export interface QueryUserProfileResponse {
+  total: string;
+  data: SimpleUserProfile[]
+}
+
+export interface ResetPasswordRequest extends BaseRequest {
+  email: string
+  phone_number: string
+  new_password: string
+  verification_token: string
+}
+
+export interface DeviceAuthorizeRequest extends BaseRequest {
+  scope?: string
+}
+
+export interface DeviceAuthorizeResponse {
+  device_code: string
+  user_code: string
+  expires_in: number
+  interval: number
+  verification_url: string
+  verification_uri_complete: string
+}
+
+// 简化版用户信息
+export interface SimpleUserProfile {
+  sub: string;
+  name: string;
+  picture?: string;
+  gender?: string;
+  locale?: string;
+  email?: string;
+  phone_number?: string;
+}
+
+export interface CheckUsernameRequest {
+  username: string
+}

package/src/captcha/captcha.ts

@@ -1,217 +1,222 @@
-import {SimpleStorage, RequestFunction} from '../oauth2client/interface';
-import {AuthClientRequestOptions} from "../oauth2client/models";
-import {defaultStorage} from "../oauth2client/oauth2client";
+import { SimpleStorage, RequestFunction } from '../oauth2client/interface';
+import { AuthClientRequestOptions } from "../oauth2client/models";
+import { defaultStorage } from "../oauth2client/oauth2client";
 
 export interface CaptchaOptions {
-    clientId: string
-    request: RequestFunction;
-    storage: SimpleStorage;
-    // 打开网页并通过URL回调获取 CaptchaToken，针对不通的平台，该函数可以自定义实现, 默认集成浏览器端认证
-    openURIWithCallback?: OpenURIWithCallbackFuction;
+  clientId: string
+  request: RequestFunction;
+  storage: SimpleStorage;
+  // 打开网页并通过URL回调获取 CaptchaToken，针对不通的平台，该函数可以自定义实现, 默认集成浏览器端认证
+  openURIWithCallback?: OpenURIWithCallbackFuction;
 }
 
 type OpenURIWithCallbackFuction = (url: string) => Promise<CaptchaToken>;
 
 export interface CaptchaToken {
-    captcha_token: string
-    expires_in: number
-    expires_at?: Date | null;
+  captcha_token: string
+  expires_in: number
+  expires_at?: Date | null;
 }
 
 export interface CaptchaRequestOptions extends AuthClientRequestOptions {
-    withCaptcha?: boolean;
+  withCaptcha?: boolean;
 }
 
 export interface GetCaptchaResponse {
-    captcha_token?: string
-    expires_in?: number
-    url?: string
+  captcha_token?: string
+  expires_in?: number
+  url?: string
 }
 
 const GET_CAPTCHA_URL = '/auth/v1/captcha/init'
 
 export class Captcha {
-    private _config: CaptchaOptions;
-    private _tokenSectionName: string;
+  private _config: CaptchaOptions;
+  private _tokenSectionName: string;
 
-    /**
-     * constructor
-     * @param {CaptchaOptions} opts
-     */
-    constructor(opts: CaptchaOptions) {
-        if (!opts.openURIWithCallback) {
-            opts.openURIWithCallback = this._getDefaultOpenURIWithCallback()
-        }
-        if (!opts.storage) {
-            opts.storage = defaultStorage
-        }
-        this._config = opts
-        this._tokenSectionName = 'captcha_' + opts.clientId
+  /**
+   * constructor
+   * @param {CaptchaOptions} opts
+   */
+  constructor(opts: CaptchaOptions) {
+    if (!opts.openURIWithCallback) {
+      opts.openURIWithCallback = this._getDefaultOpenURIWithCallback()
     }
+    if (!opts.storage) {
+      opts.storage = defaultStorage
+    }
+    this._config = opts
+    this._tokenSectionName = 'captcha_' + opts.clientId
+  }
 
-    /**
-     * request http like simple fetch api, exp:request('/v1/user/me', {withCredentials:true})
-     * @param {string} url
-     * @param {AuthClientRequestOptions} options
-     */
-    public async request<T>(
-        url: string,
-        options?: CaptchaRequestOptions,
-    ): Promise<T> {
-        if (!options) {
-            options = {};
-        }
-        if (!options.method) {
-            options.method = 'GET'
-        }
-        const state = options.method + ":" + url
-        let reqURL = url;
-        if (options.withCaptcha) {
-            reqURL = await this._appendCaptchaTokenToURL(url, state, false);
-        }
-        try {
-            return this._config.request<T>(reqURL, options)
-        } catch (err) {
-            if (err.error === 'captcha_required' || err.error === 'captcha_invalid') {
-                url = await this._appendCaptchaTokenToURL(url, state, err.error === 'captcha_invalid')
-                return this._config.request<T>(url, options)
-            } else {
-                return Promise.reject(err)
-            }
-        }
+  /**
+   * request http like simple fetch api, exp:request('/v1/user/me', {withCredentials:true})
+   * @param {string} url
+   * @param {AuthClientRequestOptions} options
+   */
+  public async request<T>(
+    url: string,
+    options?: CaptchaRequestOptions,
+  ): Promise<T> {
+    if (!options) {
+      options = {};
+    }
+    if (!options.method) {
+      options.method = 'GET'
+    }
+    const state = options.method + ":" + url
+    let reqURL = url;
+    if (options.withCaptcha) {
+      reqURL = await this._appendCaptchaTokenToURL(url, state, false);
     }
 
-    private _getDefaultOpenURIWithCallback(): OpenURIWithCallbackFuction {
-        if (window.location.search.indexOf('__captcha') > 0) {
-            document.body.style.display = 'none';
-        }
-        if (document.getElementById('captcha_panel_wrap') === null) {
-            var elementDiv = document.createElement('div');
-            elementDiv.style.cssText =
-                'background-color: rgba(0, 0, 0, 0.7);position: fixed;left: 0px;right: 0px;top: 0px;bottom: 0px;padding: 9vw 0 0 0;display: none;z-index:100;';
-            elementDiv.setAttribute('id', 'captcha_panel_wrap');
-            document.body.appendChild(elementDiv);
-        }
-        return this._defaultOpenURIWithCallback
+    let resp: T;
+    try {
+      resp = await this._config.request<T>(reqURL, options)
+    } catch (err) {
+      if (err.error === 'captcha_required' || err.error === 'captcha_invalid') {
+        url = await this._appendCaptchaTokenToURL(url, state, err.error === 'captcha_invalid')
+        return this._config.request<T>(url, options)
+      } else {
+        return Promise.reject(err)
+      }
     }
+    return resp
+  }
 
-    /**
-     * 默认通过浏览器打开网页并获取回调
-     */
-    private async _defaultOpenURIWithCallback(url: string): Promise<CaptchaToken> {
-        const target = document.getElementById('captcha_panel_wrap'),
-            iframe = document.createElement('iframe')
-        target.innerHTML = '';
-        iframe.setAttribute('src', url)
-        iframe.setAttribute('id', 'review-panel-iframe')
-        iframe.style.cssText = 'min-width:355px;display:block;height:355px;margin:0 auto;background-color: rgb(255, 255, 255);border: none;';
-        target.appendChild(iframe);
-        target.style.display = 'block';
-        return new Promise<CaptchaToken>((resolve, reject) => {
-            iframe.onload = function () {
-                try {
-                    var windowLocation = window.location;
-                    var iframeLocation = iframe.contentWindow.location;
-                    if (
-                        iframeLocation.host +
-                        iframeLocation.pathname ===
-                        windowLocation.host +
-                        windowLocation.pathname
-                    ) {
-                        target.style.display = 'none';
-                        const iframeUrlParams = new URLSearchParams(iframeLocation.search);
-                        const captchToken = iframeUrlParams.get('captcha_token');
-                        if (captchToken) {
-                            return resolve({
-                                captcha_token: captchToken,
-                                expires_in: Number(iframeUrlParams.get('expires_in'))
-                            })
-                        }
-                        return reject({
-                            error: iframeUrlParams.get('error'),
-                            error_description: iframeUrlParams.get('error_description')
-                        })
-                    } else {
-                        target.style.display = 'block';
-                    }
-                } catch (error) {
-                    target.style.display = 'block';
-                }
-            };
-        })
+  private _getDefaultOpenURIWithCallback(): OpenURIWithCallbackFuction {
+    if (window.location.search.indexOf('__captcha') > 0) {
+      document.body.style.display = 'none';
     }
-    /**
-     * _getCaptchaToken 获取captchaToken
-     */
-    private async _getCaptchaToken(forceNewToken: boolean, state: string): Promise<string> {
-        if (!forceNewToken) {
-            // 如果本地存在，则直接返回
-            const captchaToken = await this._findCaptchaToken()
-            if (captchaToken) {
-                return captchaToken
-            }
-        }
-        const redirectURL = window.location.origin + window.location.pathname + "?__captcha=on"
-        const captchaTokenResp = await this._config.request<GetCaptchaResponse>(GET_CAPTCHA_URL, {
-            method: 'POST',
-            body: {
-                client_id: this._config.clientId,
-                redirect_uri: redirectURL,
-                state: state
-            },
-            withCredentials: false,
-        })
-        if (captchaTokenResp.captcha_token) {
-            const captchaToken = {
-                captcha_token: captchaTokenResp.captcha_token,
-                expires_in: captchaTokenResp.expires_in,
-            }
-            this._saveCaptchaToken(captchaToken)
-            return captchaTokenResp.captcha_token
-        }
-        const captchaToken = await this._config.openURIWithCallback(captchaTokenResp.url)
-        this._saveCaptchaToken(captchaToken)
-        return captchaToken.captcha_token
+    if (document.getElementById('captcha_panel_wrap') === null) {
+      var elementDiv = document.createElement('div');
+      elementDiv.style.cssText =
+        'background-color: rgba(0, 0, 0, 0.7);position: fixed;left: 0px;right: 0px;top: 0px;bottom: 0px;padding: 9vw 0 0 0;display: none;z-index:100;';
+      elementDiv.setAttribute('id', 'captcha_panel_wrap');
+      setTimeout(() => {
+        document.body.appendChild(elementDiv);
+      }, 0)
     }
+    return this._defaultOpenURIWithCallback
+  }
 
-    private async _appendCaptchaTokenToURL(url: string, state: string, forceNewToken: boolean): Promise<string> {
-        const captchaToken = await this._getCaptchaToken(forceNewToken, state);
-        if (url.indexOf("?") > 0) {
-            url += "&captcha_token=" + captchaToken
-        } else {
-            url += "?captcha_token=" + captchaToken
+  /**
+   * 默认通过浏览器打开网页并获取回调
+   */
+  private async _defaultOpenURIWithCallback(url: string): Promise<CaptchaToken> {
+    const target = document.getElementById('captcha_panel_wrap'),
+      iframe = document.createElement('iframe')
+    target.innerHTML = '';
+    iframe.setAttribute('src', url)
+    iframe.setAttribute('id', 'review-panel-iframe')
+    iframe.style.cssText = 'min-width:355px;display:block;height:355px;margin:0 auto;background-color: rgb(255, 255, 255);border: none;';
+    target.appendChild(iframe);
+    target.style.display = 'block';
+    return new Promise<CaptchaToken>((resolve, reject) => {
+      iframe.onload = function () {
+        try {
+          var windowLocation = window.location;
+          var iframeLocation = iframe.contentWindow.location;
+          if (
+            iframeLocation.host +
+            iframeLocation.pathname ===
+            windowLocation.host +
+            windowLocation.pathname
+          ) {
+            target.style.display = 'none';
+            const iframeUrlParams = new URLSearchParams(iframeLocation.search);
+            const captchToken = iframeUrlParams.get('captcha_token');
+            if (captchToken) {
+              return resolve({
+                captcha_token: captchToken,
+                expires_in: Number(iframeUrlParams.get('expires_in'))
+              })
+            }
+            return reject({
+              error: iframeUrlParams.get('error'),
+              error_description: iframeUrlParams.get('error_description')
+            })
+          } else {
+            target.style.display = 'block';
+          }
+        } catch (error) {
+          target.style.display = 'block';
         }
-        return url
+      };
+    })
+  }
+  /**
+   * _getCaptchaToken 获取captchaToken
+   */
+  private async _getCaptchaToken(forceNewToken: boolean, state: string): Promise<string> {
+    if (!forceNewToken) {
+      // 如果本地存在，则直接返回
+      const captchaToken = await this._findCaptchaToken()
+      if (captchaToken) {
+        return captchaToken
+      }
+    }
+    const redirectURL = window.location.origin + window.location.pathname + "?__captcha=on"
+    const captchaTokenResp = await this._config.request<GetCaptchaResponse>(GET_CAPTCHA_URL, {
+      method: 'POST',
+      body: {
+        client_id: this._config.clientId,
+        redirect_uri: redirectURL,
+        state: state
+      },
+      withCredentials: false,
+    })
+    if (captchaTokenResp.captcha_token) {
+      const captchaToken = {
+        captcha_token: captchaTokenResp.captcha_token,
+        expires_in: captchaTokenResp.expires_in,
+      }
+      this._saveCaptchaToken(captchaToken)
+      return captchaTokenResp.captcha_token
     }
+    const captchaToken = await this._config.openURIWithCallback(captchaTokenResp.url)
+    this._saveCaptchaToken(captchaToken)
+    return captchaToken.captcha_token
+  }
 
-    private async _saveCaptchaToken(token: CaptchaToken) {
-        token.expires_at = new Date(
-            Date.now() + (token.expires_in - 10) * 1000,
-        );
-        const tokenStr: string = JSON.stringify(token);
-        await this._config.storage.setItem(this._tokenSectionName, tokenStr);
+  private async _appendCaptchaTokenToURL(url: string, state: string, forceNewToken: boolean): Promise<string> {
+    const captchaToken = await this._getCaptchaToken(forceNewToken, state);
+    if (url.indexOf("?") > 0) {
+      url += "&captcha_token=" + captchaToken
+    } else {
+      url += "?captcha_token=" + captchaToken
     }
+    return url
+  }
 
-    private async _findCaptchaToken(): Promise<string> {
-        const tokenStr: string = await this._config.storage.getItem(
-            this._tokenSectionName,
-        );
-        if (tokenStr !== undefined && tokenStr !== null) {
-            try {
-                const captchaToken = JSON.parse(tokenStr);
-                if (captchaToken && captchaToken.expires_at) {
-                    captchaToken.expires_at = new Date(captchaToken.expires_at);
-                }
-                const isExpired = captchaToken.expires_at < new Date();
-                if (isExpired) {
-                    return null
-                }
-                return captchaToken.captcha_token
-            } catch (error) {
-                await this._config.storage.removeItem(this._tokenSectionName);
-                return null
-            }
+  private async _saveCaptchaToken(token: CaptchaToken) {
+    token.expires_at = new Date(
+      Date.now() + (token.expires_in - 10) * 1000,
+    );
+    const tokenStr: string = JSON.stringify(token);
+    await this._config.storage.setItem(this._tokenSectionName, tokenStr);
+  }
+
+  private async _findCaptchaToken(): Promise<string> {
+    const tokenStr: string = await this._config.storage.getItem(
+      this._tokenSectionName,
+    );
+    if (tokenStr !== undefined && tokenStr !== null) {
+      try {
+        const captchaToken = JSON.parse(tokenStr);
+        if (captchaToken?.expires_at) {
+          captchaToken.expires_at = new Date(captchaToken.expires_at);
+        }
+        const isExpired = captchaToken.expires_at < new Date();
+        if (isExpired) {
+          return null
         }
+        return captchaToken.captcha_token
+      } catch (error) {
+        await this._config.storage.removeItem(this._tokenSectionName);
         return null
+      }
     }
+    return null
+  }
 }