@cloudbase/oauth 0.0.5-alpha.0 → 0.1.1-alpha

package/src/auth/models.ts

@@ -1,178 +0,0 @@
-interface BaseRequest {
-  client_id?: string;
-}
-
-export interface SignInRequest extends BaseRequest {
-  username?: string;
-  password?: string;
-  verification_code?: string;
-  verification_token?: string;
-}
-
-export interface SignInWithProviderRequest extends BaseRequest {
-  provider_token: string;
-}
-
-export interface SignUpRequest extends BaseRequest {
-  phone_number?: string;
-  email?: string;
-
-  verification_code?: string;
-  verification_token?: string;
-  provider_token?: string;
-
-  password?: string;
-  name?: string;
-  gender?: string;
-  picture?: string;
-  locale?: string;
-}
-
-export interface GetVerificationRequest extends BaseRequest {
-  phone_number?: string;
-  email?: string;
-  target?: string | 'ANY';
-  usage?: string;
-}
-
-export interface GetVerificationResponse {
-  verification_id?: string;
-  is_user?: boolean | false;
-}
-
-export interface VerifyResponse {
-  verification_token?: string;
-}
-
-export interface VerifyRequest extends BaseRequest {
-  verification_code: string;
-  verification_id?: string;
-}
-
-export interface ProviderBindRequest {
-  provider_token: string;
-}
-
-export interface GrantProviderTokenRequest extends BaseRequest {
-  provider_id: string;
-  provider_redirect_uri?: string;
-  provider_code?: string;
-  provider_access_token?: string;
-  provider_id_token?: string;
-}
-
-export interface GrantProviderTokenResponse {
-  provider_token: string;
-  expires_in: number;
-}
-
-export interface PatchProviderTokenRequest extends BaseRequest {
-  provider_token: string;
-  provider_params: {
-    encryptedData: string;
-    iv: string;
-  };
-}
-
-export interface PatchProviderTokenResponse {
-  provider_token: string;
-  expires_in: number;
-  provider_profile: ProviderProfile;
-}
-
-export interface GenProviderRedirectUriRequest {
-  provider_id: string;
-  provider_redirect_uri: string;
-  state: string;
-  other_params?: {
-    sign_out_uri?: string;
-  };
-}
-
-export interface GenProviderRedirectUriResponse {
-  uri: string;
-  signout_uri?: string;
-}
-
-export interface BindWithProviderRequest extends BaseRequest {
-  provider_token: string;
-}
-
-export interface BindWithProviderRequest {
-  provider_token: string;
-}
-
-export interface UserProfileProvider {
-  id?: string;
-  provider_user_id?: string;
-  name?: string;
-}
-
-export interface UserProfile {
-  name?: string;
-  picture?: string;
-  avatarUrl?: string;
-  username?: string;
-  email?: string;
-  email_verified?: boolean;
-  phone_number?: string;
-  providers?: [UserProfileProvider];
-  gender?: string;
-  birthdate?: string;
-  zoneinfo?: string;
-  locale?: string;
-  created_from?: string;
-  sub?: string
-  uid?: string
-}
-
-export type UserInfo = UserProfile;
-
-export interface ProviderProfile {
-  provider_id: string;
-  phone_number?: string;
-}
-
-export interface TransByProviderRequest {
-  provider_token: string;
-}
-
-export interface GrantTokenRequest extends BaseRequest {
-  client_secret?: string;
-  code?: string;
-  grant_type?: string;
-  redirect_uri?: string;
-  nonce?: string;
-  refresh_token?: string;
-  scope?: string;
-}
-
-export interface UnbindProviderRequest extends BaseRequest {
-  provider_id: string;
-}
-
-export interface CheckPasswordrRequest extends BaseRequest {
-  password: string;
-}
-
-export interface BindPhoneRequest extends BaseRequest {
-  phone_number: string;
-  sudo_token: string;
-  verification_token: string;
-}
-
-export interface SetPasswordRequest extends BaseRequest {
-  new_password: string;
-  sudo_token: string;
-}
-
-export interface ChangeBindedProviderRequest extends BaseRequest {
-  trans_token: string;
-  provider_id: string;
-}
-
-export type ChangeBindedProviderResponse = BaseRequest
-
-export interface QueryUserProfileReq extends BaseRequest {
-  appended_params: string;
-}

package/src/captcha/captcha.ts

@@ -1,217 +0,0 @@
-import {SimpleStorage, RequestFunction} from '../oauth2client/interface';
-import {AuthClientRequestOptions} from "../oauth2client/models";
-import {defaultStorage} from "../oauth2client/oauth2client";
-
-export interface CaptchaOptions {
-    clientId: string
-    request: RequestFunction;
-    storage: SimpleStorage;
-    // 打开网页并通过URL回调获取 CaptchaToken，针对不通的平台，该函数可以自定义实现, 默认集成浏览器端认证
-    openURIWithCallback?: OpenURIWithCallbackFuction;
-}
-
-type OpenURIWithCallbackFuction = (url: string) => Promise<CaptchaToken>;
-
-export interface CaptchaToken {
-    captcha_token: string
-    expires_in: number
-    expires_at?: Date | null;
-}
-
-export interface CaptchaRequestOptions extends AuthClientRequestOptions {
-    withCaptcha?: boolean;
-}
-
-export interface GetCaptchaResponse {
-    captcha_token?: string
-    expires_in?: number
-    url?: string
-}
-
-const GET_CAPTCHA_URL = '/auth/v1/captcha/init'
-
-export class Captcha {
-    private _config: CaptchaOptions;
-    private _tokenSectionName: string;
-
-    /**
-     * constructor
-     * @param {CaptchaOptions} opts
-     */
-    constructor(opts: CaptchaOptions) {
-        if (!opts.openURIWithCallback) {
-            opts.openURIWithCallback = this._getDefaultOpenURIWithCallback()
-        }
-        if (!opts.storage) {
-            opts.storage = defaultStorage
-        }
-        this._config = opts
-        this._tokenSectionName = 'captcha_' + opts.clientId
-    }
-
-    /**
-     * request http like simple fetch api, exp:request('/v1/user/me', {withCredentials:true})
-     * @param {string} url
-     * @param {AuthClientRequestOptions} options
-     */
-    public async request<T>(
-        url: string,
-        options?: CaptchaRequestOptions,
-    ): Promise<T> {
-        if (!options) {
-            options = {};
-        }
-        if (!options.method) {
-            options.method = 'GET'
-        }
-        const state = options.method + ":" + url
-        let reqURL = url;
-        if (options.withCaptcha) {
-            reqURL = await this._appendCaptchaTokenToURL(url, state, false);
-        }
-        try {
-            return this._config.request<T>(reqURL, options)
-        } catch (err) {
-            if (err.error === 'captcha_required' || err.error === 'captcha_invalid') {
-                url = await this._appendCaptchaTokenToURL(url, state, err.error === 'captcha_invalid')
-                return this._config.request<T>(url, options)
-            } else {
-                return Promise.reject(err)
-            }
-        }
-    }
-
-    private _getDefaultOpenURIWithCallback(): OpenURIWithCallbackFuction {
-        if (window.location.search.indexOf('__captcha') > 0) {
-            document.body.style.display = 'none';
-        }
-        if (document.getElementById('captcha_panel_wrap') === null) {
-            var elementDiv = document.createElement('div');
-            elementDiv.style.cssText =
-                'background-color: rgba(0, 0, 0, 0.7);position: fixed;left: 0px;right: 0px;top: 0px;bottom: 0px;padding: 9vw 0 0 0;display: none;z-index:100;';
-            elementDiv.setAttribute('id', 'captcha_panel_wrap');
-            document.body.appendChild(elementDiv);
-        }
-        return this._defaultOpenURIWithCallback
-    }
-
-    /**
-     * 默认通过浏览器打开网页并获取回调
-     */
-    private async _defaultOpenURIWithCallback(url: string): Promise<CaptchaToken> {
-        const target = document.getElementById('captcha_panel_wrap'),
-            iframe = document.createElement('iframe')
-        target.innerHTML = '';
-        iframe.setAttribute('src', url)
-        iframe.setAttribute('id', 'review-panel-iframe')
-        iframe.style.cssText = 'min-width:355px;display:block;height:355px;margin:0 auto;background-color: rgb(255, 255, 255);border: none;';
-        target.appendChild(iframe);
-        target.style.display = 'block';
-        return new Promise<CaptchaToken>((resolve, reject) => {
-            iframe.onload = function () {
-                try {
-                    var windowLocation = window.location;
-                    var iframeLocation = iframe.contentWindow.location;
-                    if (
-                        iframeLocation.host +
-                        iframeLocation.pathname ===
-                        windowLocation.host +
-                        windowLocation.pathname
-                    ) {
-                        target.style.display = 'none';
-                        const iframeUrlParams = new URLSearchParams(iframeLocation.search);
-                        const captchToken = iframeUrlParams.get('captcha_token');
-                        if (captchToken) {
-                            return resolve({
-                                captcha_token: captchToken,
-                                expires_in: Number(iframeUrlParams.get('expires_in'))
-                            })
-                        }
-                        return reject({
-                            error: iframeUrlParams.get('error'),
-                            error_description: iframeUrlParams.get('error_description')
-                        })
-                    } else {
-                        target.style.display = 'block';
-                    }
-                } catch (error) {
-                    target.style.display = 'block';
-                }
-            };
-        })
-    }
-    /**
-     * _getCaptchaToken 获取captchaToken
-     */
-    private async _getCaptchaToken(forceNewToken: boolean, state: string): Promise<string> {
-        if (!forceNewToken) {
-            // 如果本地存在，则直接返回
-            const captchaToken = await this._findCaptchaToken()
-            if (captchaToken) {
-                return captchaToken
-            }
-        }
-        const redirectURL = window.location.origin + window.location.pathname + "?__captcha=on"
-        const captchaTokenResp = await this._config.request<GetCaptchaResponse>(GET_CAPTCHA_URL, {
-            method: 'POST',
-            body: {
-                client_id: this._config.clientId,
-                redirect_uri: redirectURL,
-                state: state
-            },
-            withCredentials: false,
-        })
-        if (captchaTokenResp.captcha_token) {
-            const captchaToken = {
-                captcha_token: captchaTokenResp.captcha_token,
-                expires_in: captchaTokenResp.expires_in,
-            }
-            this._saveCaptchaToken(captchaToken)
-            return captchaTokenResp.captcha_token
-        }
-        const captchaToken = await this._config.openURIWithCallback(captchaTokenResp.url)
-        this._saveCaptchaToken(captchaToken)
-        return captchaToken.captcha_token
-    }
-
-    private async _appendCaptchaTokenToURL(url: string, state: string, forceNewToken: boolean): Promise<string> {
-        const captchaToken = await this._getCaptchaToken(forceNewToken, state);
-        if (url.indexOf("?") > 0) {
-            url += "&captcha_token=" + captchaToken
-        } else {
-            url += "?captcha_token=" + captchaToken
-        }
-        return url
-    }
-
-    private async _saveCaptchaToken(token: CaptchaToken) {
-        token.expires_at = new Date(
-            Date.now() + (token.expires_in - 10) * 1000,
-        );
-        const tokenStr: string = JSON.stringify(token);
-        await this._config.storage.setItem(this._tokenSectionName, tokenStr);
-    }
-
-    private async _findCaptchaToken(): Promise<string> {
-        const tokenStr: string = await this._config.storage.getItem(
-            this._tokenSectionName,
-        );
-        if (tokenStr !== undefined && tokenStr !== null) {
-            try {
-                const captchaToken = JSON.parse(tokenStr);
-                if (captchaToken && captchaToken.expires_at) {
-                    captchaToken.expires_at = new Date(captchaToken.expires_at);
-                }
-                const isExpired = captchaToken.expires_at < new Date();
-                if (isExpired) {
-                    return null
-                }
-                return captchaToken.captcha_token
-            } catch (error) {
-                await this._config.storage.removeItem(this._tokenSectionName);
-                return null
-            }
-        }
-        return null
-    }
-}

package/src/index.ts

@@ -1,162 +0,0 @@
-import { ICloudbaseComponent } from '@cloudbase/types/component';
-import { ICloudbase } from '@cloudbase/types';
-import { getBaseEndPoint } from '@cloudbase/app'
-import { helpers } from '@cloudbase/utilities'
-const { stopOAuthLoginWithAuth } = helpers
-
-export { Syntax, ErrorType } from './oauth2client/consts';
-
-import { OAuth2Client } from './oauth2client/oauth2client'
-
-export {
-  defaultStorage,
-  defaultRequest,
-  ToResponseErrorOptions,
-  toResponseError,
-  generateRequestId,
-  OAuth2Client,
-} from './oauth2client/oauth2client';
-
-export { AuthClient, SimpleStorage } from './oauth2client/interface';
-
-import { Credentials } from './oauth2client/models'
-export {
-  Credentials,
-  ResponseError,
-  OAuth2ClientOptions,
-  AuthClientRequestOptions,
-} from './oauth2client/models';
-
-import { AuthOptions, Auth } from './auth/apis'
-
-export { AuthOptions, Auth } from './auth/apis';
-
-import * as authModels from './auth/models';
-export { authModels };
-
-declare const cloudbase: ICloudbase;
-
-const COMPONENT_NAME = 'oauth';
-
-class CloudbaseOAuth {
-  public oauth2client: OAuth2Client
-  public authApi: Auth
-  private _fromApp: ICloudbase
-
-  constructor(authOptions: AuthOptions) {
-    const { apiOrigin, clientId, _fromApp } = authOptions
-    this._fromApp = _fromApp
-    this.oauth2client = new OAuth2Client({
-      apiOrigin,
-      clientId
-    })
-
-    this.authApi = new Auth({
-      credentialsClient: this.oauth2client,
-      ...authOptions
-    })
-  }
-
-  public async checkFromAuthV1OrV2() {
-    const { _fromApp } = this
-    const authInstance = _fromApp.authInstance
-    const oauthInstance = _fromApp.oauthInstance || (_fromApp as any).oauth()
-    const authLogin = authInstance && await authInstance.getLoginState()
-    if (authLogin) {
-      return 'auth'
-    }
-    const oauthLogin = oauthInstance && await oauthInstance.hasLoginState()
-    if (oauthLogin) {
-      return 'oauth'
-    }
-    return ''
-  }
-
-
-  /**
-   * 登录
-   * @param {authModels.SignInRequest} params
-   * @returns {Promise<Credentials>}
-   * @memberof CloudbaseOAuth
-   */
-  @stopOAuthLoginWithAuth()
-  public async signIn(params: authModels.SignInRequest): Promise<Credentials> {
-    return this.authApi.signIn(params)
-  }
-
-  public async signOut(): Promise<any> {
-    return this.authApi.signOut()
-  }
-
-  /**
-   * check 当前是否已 oauth 登录
-   * @returns {Promise<boolean>}
-   * @memberof CloudbaseOAuth
-   */
-  public async hasLoginState(): Promise<boolean> {
-    return this.authApi.hasLoginState()
-  }
-
-  public async getUserInfo(): Promise<authModels.UserProfile> {
-    return this.authApi.getUserInfo()
-  }
-
-  /**
-   * 获取 oauth 登录态
-   * @returns {Promise<boolean>}
-   * @memberof CloudbaseOAuth
-   */
-  public async getLoginState(): Promise<Credentials> {
-    return this.authApi.getLoginState()
-  }
-
-  public hasLoginStateSync(): Credentials {
-    return this.authApi.hasLoginStateSync()
-  }
-
-  /**
-   * 匿名登录
-   * @returns {Promise<Credentials>}
-   * @memberof CloudbaseOAuth
-   */
-  @stopOAuthLoginWithAuth()
-  public async signInAnonymously(): Promise<Credentials> {
-    return this.authApi.signInAnonymously()
-  }
-}
-
-const component: ICloudbaseComponent = {
-  name: COMPONENT_NAME,
-  namespace: 'oauth',
-  entity: function () {
-
-    if (this.oauthInstance) {
-      return this.oauthInstance;
-    }
-
-    const { env } = this.config;
-    this.oauthInstance = new CloudbaseOAuth({
-      clientId: env,
-      apiOrigin: getBaseEndPoint(),
-      _fromApp: this
-    });
-    return this.oauthInstance;
-  }
-}
-
-try {
-  // 尝试自动注册至全局变量cloudbase
-  // 此行为只在浏览器环境下有效
-  cloudbase.registerComponent(component);
-} catch (e) { }
-
-/**
- * @api 手动注册至cloudbase app
- */
-export function registerOAuth(app: Pick<ICloudbase, 'registerComponent'>) {
-  try {
-    app.registerComponent(component);
-  } catch (e) {
-    console.warn(e);
-  }
-}

package/src/oauth2client/consts.ts

@@ -1,69 +0,0 @@
-export enum Syntax {
-  CLIENT_ID = 'client_id',
-  CLIENT_SECRET = 'client_secret',
-  RESPONSE_TYPE = 'response_type',
-  SCOPE = 'scope',
-  STATE = 'state',
-  REDIRECT_URI = 'redirect_uri',
-  ERROR = 'error',
-  ERROR_DESCRIPTION = 'error_description',
-  ERROR_URI = 'error_uri',
-  GRANT_TYPE = 'grant_type',
-  CODE = 'code',
-  ACCESS_TOKEN = 'access_token',
-  TOKEN_TYPE = 'token_type',
-  EXPIRES_IN = 'expires_in',
-  USERNAME = 'username',
-  PASSWORD = 'password',
-  REFRESH_TOKEN = 'refresh_token',
-}
-
-export enum ErrorType {
-  UNREACHABLE = 'unreachable',
-  LOCAL = 'local',
-  CANCELLED = 'cancelled',
-  UNKNOWN = 'unknown',
-  INVALID_ARGUMENT = 'invalid_argument',
-  DEADLINE_EXCEEDED = 'deadline_exceeded',
-  NOT_FOUND = 'not_found',
-  ALREADY_EXISTS = 'already_exists',
-  PERMISSION_DENIED = 'permission_denied',
-  UNAUTHENTICATED = 'unauthenticated',
-  RESOURCE_EXHAUSTED = 'resource_exhausted',
-  FAILED_PRECONDITION = 'failed_precondition',
-  ABORTED = 'aborted',
-  OUT_OF_RANGE = 'out_of_range',
-  UNIMPLEMENTED = 'unimplemented',
-  INTERNAL = 'internal',
-  UNAVAILABLE = 'unavailable',
-  DATA_LOSS = 'data_loss',
-  // CommonError
-  CAPTCHA_REQUIRED = 'captcha_required',
-  CAPTCHA_INVALID = 'captcha_invalid',
-  INVALID_PASSWORD = 'invalid_password',
-  INVALID_STATUS = 'invalid_status',
-  USER_PENDING = 'user_pending',
-  USER_BLOCKED = 'user_blocked',
-  INVALID_VERIFICATION_CODE = 'invalid_verification_code',
-  TWO_FACTOR_REQUIRED = 'two_factor_required',
-  INVALID_TWO_FACTOR = 'invalid_two_factor',
-  INVALID_TWO_FACTOR_RECOVERY = 'invalid_two_factor_recovery',
-  UNDER_REVIEW = 'under_review',
-  INVALID_REQUEST = 'invalid_request',
-  UNAUTHORIZED_CLIENT = 'unauthorized_client',
-  ACCESS_DENIED = 'access_denied',
-  UNSUPPORTED_RESPONSE_TYPE = 'unsupported_response_type',
-  INVALID_SCOPE = 'invalid_scope',
-  INVALID_GRANT = 'invalid_grant',
-  SERVER_ERROR = 'server_error',
-  TEMPORARILY_UNAVAILABLE = 'temporarily_unavailable',
-  INTERACTION_REQUIRED = 'interaction_required',
-  LOGIN_REQUIRED = 'login_required',
-  ACCOUNT_SELECTION_REQUIRED = 'account_selection_required',
-  CONSENT_REQUIRED = 'consent_required',
-  INVALID_REQUEST_URI = 'invalid_request_uri',
-  INVALID_REQUEST_OBJECT = 'invalid_request_object',
-  REQUEST_NOT_SUPPORTED = 'request_not_supported',
-  REQUEST_URI_NOT_SUPPORTED = 'request_uri_not_supported',
-  REGISTRATION_NOT_SUPPORTED = 'registration_not_supported',
-}

package/src/oauth2client/interface.ts

@@ -1,57 +0,0 @@
-import { Credentials, AuthClientRequestOptions } from './models';
-
-/**
- * the interface for the Oauth2Client
- */
-export abstract class AuthClient {
-  /**
-   * Sets the auth credentials.
-   */
-  abstract setCredentials(credentials?: Credentials): void;
-  /**
-   * Provides an alternative fetch api request implementation with auth credentials
-   * if options.withCredentials:true, the request will auto add Authorization: Bearer <AccessToken> in the request
-   * error:
-   *     - unreachable, the network error or response is not json
-   *     - unauthenticated: has no validate access token
-   */
-  abstract request: RequestFunction;
-
-  /**
-   * get the current accessToken from AuthClient, you can use this to detect login status
-   * error:
-   *    -  unauthenticated: has no validate access token
-   */
-  abstract getAccessToken(): Promise<string>;
-}
-
-export type RequestFunction = <T>(url: string, options?: AuthClientRequestOptions) => Promise<T>;
-
-/** An interface of the Simple  Web Storage API  */
-export interface SimpleStorage {
-  /**
-   * value = storage[key]
-   */
-  getItem(key: string): Promise<string | null>;
-  /**
-   * delete storage[key]
-   */
-  removeItem(key: string): Promise<void>;
-  /**
-   * storage[key] = value
-   */
-  setItem(key: string, value: string): Promise<void>;
-
-  /**
-   * value = storage[key]
-   */
-  getItemSync(key: string): string | null;
-  /**
-   * delete storage[key]
-   */
-  removeItemSync(key: string): void;
-  /**
-   * storage[key] = value
-   */
-  setItemSync(key: string, value: string): void;
-}