@feathersjs/authentication-oauth 5.0.0-pre.2 → 5.0.0-pre.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/CHANGELOG.md +199 -0
  2. package/LICENSE +1 -1
  3. package/README.md +2 -2
  4. package/lib/express.d.ts +3 -0
  5. package/lib/express.js +46 -42
  6. package/lib/express.js.map +1 -1
  7. package/lib/index.js +12 -11
  8. package/lib/index.js.map +1 -1
  9. package/lib/strategy.d.ts +4 -3
  10. package/lib/strategy.js +99 -117
  11. package/lib/strategy.js.map +1 -1
  12. package/lib/utils.js +4 -1
  13. package/lib/utils.js.map +1 -1
  14. package/package.json +22 -22
  15. package/src/express.ts +28 -13
  16. package/src/index.ts +7 -7
  17. package/src/strategy.ts +26 -9
package/CHANGELOG.md CHANGED
@@ -3,6 +3,205 @@
3
3
  All notable changes to this project will be documented in this file.
4
4
  See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
5
5
 
6
+ # [5.0.0-pre.22](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.21...v5.0.0-pre.22) (2022-05-24)
7
+
8
+ **Note:** Version bump only for package @feathersjs/authentication-oauth
9
+
10
+
11
+
12
+
13
+
14
+ # [5.0.0-pre.21](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.20...v5.0.0-pre.21) (2022-05-23)
15
+
16
+
17
+ ### Bug Fixes
18
+
19
+ * **authentication-oauth:** Fix regression using incorrect callback and redirect_uri ([#2631](https://github.com/feathersjs/feathers/issues/2631)) ([43d8a08](https://github.com/feathersjs/feathers/commit/43d8a082d7e1807f8a431c44a1dbd9b04c3af0d2))
20
+
21
+
22
+
23
+
24
+
25
+ # [5.0.0-pre.20](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.19...v5.0.0-pre.20) (2022-05-04)
26
+
27
+
28
+ ### Bug Fixes
29
+
30
+ * **authentication-oauth:** Don't send origins in Grant's config, as it will be considered another provider ([#2617](https://github.com/feathersjs/feathers/issues/2617)) ([ae3dddd](https://github.com/feathersjs/feathers/commit/ae3dddd8a654924465512d56b4651413912c6932))
31
+ * **dependencies:** Lock monorepo package version numbers ([#2623](https://github.com/feathersjs/feathers/issues/2623)) ([5640c10](https://github.com/feathersjs/feathers/commit/5640c1020cc139994e695d658c08bad3494db507))
32
+
33
+
34
+
35
+
36
+
37
+ # [5.0.0-pre.19](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.18...v5.0.0-pre.19) (2022-05-01)
38
+
39
+
40
+ ### Bug Fixes
41
+
42
+ * **authentication-oauth:** Fix issue with overriding the default Grant configuration ([#2615](https://github.com/feathersjs/feathers/issues/2615)) ([b345857](https://github.com/feathersjs/feathers/commit/b3458578532f9750de2940aeb8afdc75cb0b46f2))
43
+ * **authentication-oauth:** Make oAuth authentication work with cookie-session ([#2614](https://github.com/feathersjs/feathers/issues/2614)) ([9f10bfc](https://github.com/feathersjs/feathers/commit/9f10bfc75083d5bcabea77cfb385aa3965cdf6d6))
44
+
45
+
46
+ ### Features
47
+
48
+ * **typescript:** Improve params and query typeability ([#2600](https://github.com/feathersjs/feathers/issues/2600)) ([df28b76](https://github.com/feathersjs/feathers/commit/df28b7619161f1df5e700326f52cca1a92dc5d28))
49
+
50
+
51
+
52
+
53
+
54
+ # [5.0.0-pre.18](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.17...v5.0.0-pre.18) (2022-04-11)
55
+
56
+ **Note:** Version bump only for package @feathersjs/authentication-oauth
57
+
58
+
59
+
60
+
61
+
62
+ # [5.0.0-pre.17](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.16...v5.0.0-pre.17) (2022-02-15)
63
+
64
+ **Note:** Version bump only for package @feathersjs/authentication-oauth
65
+
66
+
67
+
68
+
69
+
70
+ # [5.0.0-pre.16](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.15...v5.0.0-pre.16) (2022-01-12)
71
+
72
+
73
+ ### Bug Fixes
74
+
75
+ * **authentication-oauth:** OAuth redirect lost sometimes due to session store race ([#2514](https://github.com/feathersjs/feathers/issues/2514)) ([#2515](https://github.com/feathersjs/feathers/issues/2515)) ([6109c44](https://github.com/feathersjs/feathers/commit/6109c44428c6b8f6bb4e089be760ea1a4ef3d01e))
76
+
77
+
78
+
79
+
80
+
81
+ # [5.0.0-pre.15](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.14...v5.0.0-pre.15) (2021-11-27)
82
+
83
+
84
+ ### Features
85
+
86
+ * **authentication-oauth:** Allow dynamic oAuth redirect ([#2469](https://github.com/feathersjs/feathers/issues/2469)) ([b7143d4](https://github.com/feathersjs/feathers/commit/b7143d4c0fbe961e714f79512be04449b9bbd7d9))
87
+
88
+
89
+
90
+
91
+
92
+ # [5.0.0-pre.14](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.13...v5.0.0-pre.14) (2021-10-13)
93
+
94
+ **Note:** Version bump only for package @feathersjs/authentication-oauth
95
+
96
+
97
+
98
+
99
+
100
+ # [5.0.0-pre.13](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.12...v5.0.0-pre.13) (2021-10-13)
101
+
102
+ **Note:** Version bump only for package @feathersjs/authentication-oauth
103
+
104
+
105
+
106
+
107
+
108
+ # [5.0.0-pre.12](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.11...v5.0.0-pre.12) (2021-10-12)
109
+
110
+ **Note:** Version bump only for package @feathersjs/authentication-oauth
111
+
112
+
113
+
114
+
115
+
116
+ # [5.0.0-pre.11](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.10...v5.0.0-pre.11) (2021-10-06)
117
+
118
+ **Note:** Version bump only for package @feathersjs/authentication-oauth
119
+
120
+
121
+
122
+
123
+
124
+ # [5.0.0-pre.10](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.9...v5.0.0-pre.10) (2021-09-19)
125
+
126
+ **Note:** Version bump only for package @feathersjs/authentication-oauth
127
+
128
+
129
+
130
+
131
+
132
+ # [5.0.0-pre.9](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.8...v5.0.0-pre.9) (2021-08-09)
133
+
134
+ **Note:** Version bump only for package @feathersjs/authentication-oauth
135
+
136
+
137
+
138
+
139
+
140
+ # [5.0.0-pre.8](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.7...v5.0.0-pre.8) (2021-08-09)
141
+
142
+ **Note:** Version bump only for package @feathersjs/authentication-oauth
143
+
144
+
145
+
146
+
147
+
148
+ # [5.0.0-pre.7](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.6...v5.0.0-pre.7) (2021-08-09)
149
+
150
+ **Note:** Version bump only for package @feathersjs/authentication-oauth
151
+
152
+
153
+
154
+
155
+
156
+ # [5.0.0-pre.6](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.5...v5.0.0-pre.6) (2021-08-08)
157
+
158
+ **Note:** Version bump only for package @feathersjs/authentication-oauth
159
+
160
+
161
+
162
+
163
+
164
+ # [5.0.0-pre.5](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.4...v5.0.0-pre.5) (2021-06-23)
165
+
166
+
167
+ ### Bug Fixes
168
+
169
+ * **authentication-oauth:** Omit query from internal calls ([#2398](https://github.com/feathersjs/feathers/issues/2398)) ([04c7c83](https://github.com/feathersjs/feathers/commit/04c7c83eeaa6a7466c84b958071b468ed42f0b0f))
170
+ * **koa:** Use extended query parser for compatibility ([#2397](https://github.com/feathersjs/feathers/issues/2397)) ([b2944ba](https://github.com/feathersjs/feathers/commit/b2944bac3ec6d5ecc80dc518cd4e58093692db74))
171
+
172
+
173
+ ### Features
174
+
175
+ * **adapter-commons:** Add support for params.adapter option and move memory adapter to @feathersjs/memory ([#2367](https://github.com/feathersjs/feathers/issues/2367)) ([a43e7da](https://github.com/feathersjs/feathers/commit/a43e7da22b6b981a96d1321736ea9a0cb924fb4f))
176
+
177
+
178
+
179
+
180
+
181
+ # [5.0.0-pre.4](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.3...v5.0.0-pre.4) (2021-05-13)
182
+
183
+ **Note:** Version bump only for package @feathersjs/authentication-oauth
184
+
185
+
186
+
187
+
188
+
189
+ # [5.0.0-pre.3](https://github.com/feathersjs/feathers/compare/v5.0.0-pre.2...v5.0.0-pre.3) (2021-04-21)
190
+
191
+
192
+ ### Bug Fixes
193
+
194
+ * **typescript:** Improve TypeScript backwards compatibility ([#2310](https://github.com/feathersjs/feathers/issues/2310)) ([f33be73](https://github.com/feathersjs/feathers/commit/f33be73fc46a533efb15df9aab0658e3240d3897))
195
+
196
+
197
+ ### Features
198
+
199
+ * **dependencies:** Remove direct debug dependency ([#2296](https://github.com/feathersjs/feathers/issues/2296)) ([501d416](https://github.com/feathersjs/feathers/commit/501d4164d30c6a126906dc640cdfdc82207ba34a))
200
+
201
+
202
+
203
+
204
+
6
205
  # [5.0.0-pre.2](https://github.com/feathersjs/feathers/compare/v5.0.0-beta.1...v5.0.0-pre.2) (2021-04-06)
7
206
 
8
207
  **Note:** Version bump only for package @feathersjs/authentication-oauth
package/LICENSE CHANGED
@@ -1,6 +1,6 @@
1
1
  The MIT License (MIT)
2
2
 
3
- Copyright (c) 2021 Feathers
3
+ Copyright (c) 2022 Feathers
4
4
 
5
5
  Permission is hereby granted, free of charge, to any person obtaining a copy
6
6
  of this software and associated documentation files (the "Software"), to deal
package/README.md CHANGED
@@ -1,8 +1,8 @@
1
1
  # @feathersjs/authentication-oauth
2
2
 
3
3
  [![CI](https://github.com/feathersjs/feathers/workflows/CI/badge.svg)](https://github.com/feathersjs/feathers/actions?query=workflow%3ACI)
4
- [![Dependency Status](https://img.shields.io/david/feathersjs/feathers.svg?style=flat-square&path=packages/authentication-oauth)](https://david-dm.org/feathersjs/feathers?path=packages/authentication-oauth)
5
4
  [![Download Status](https://img.shields.io/npm/dm/@feathersjs/authentication-oauth.svg?style=flat-square)](https://www.npmjs.com/package/@feathersjs/authentication-oauth)
5
+ [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/qa8kez8QBx)
6
6
 
7
7
  > OAuth 1 and 2 authentication for Feathers. Powered by Grant.
8
8
 
@@ -18,6 +18,6 @@ Refer to the [Feathers oAuth authentication API documentation](https://docs.feat
18
18
 
19
19
  ## License
20
20
 
21
- Copyright (c) 2021 [Feathers contributors](https://github.com/feathersjs/feathers/graphs/contributors)
21
+ Copyright (c) 2022 [Feathers contributors](https://github.com/feathersjs/feathers/graphs/contributors)
22
22
 
23
23
  Licensed under the [MIT license](LICENSE).
package/lib/express.d.ts CHANGED
@@ -10,6 +10,9 @@ declare module 'express-session' {
10
10
  grant: {
11
11
  [key: string]: any;
12
12
  };
13
+ headers: {
14
+ [key: string]: any;
15
+ };
13
16
  }
14
17
  }
15
18
  declare const _default: (options: OauthSetupSettings) => (feathersApp: Application) => void;
package/lib/express.js CHANGED
@@ -1,34 +1,14 @@
1
1
  "use strict";
2
- var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
- function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
- return new (P || (P = Promise))(function (resolve, reject) {
5
- function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
- function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
- function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
- step((generator = generator.apply(thisArg, _arguments || [])).next());
9
- });
10
- };
11
- var __rest = (this && this.__rest) || function (s, e) {
12
- var t = {};
13
- for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
14
- t[p] = s[p];
15
- if (s != null && typeof Object.getOwnPropertySymbols === "function")
16
- for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
17
- if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
18
- t[p[i]] = s[p[i]];
19
- }
20
- return t;
21
- };
22
2
  var __importDefault = (this && this.__importDefault) || function (mod) {
23
3
  return (mod && mod.__esModule) ? mod : { "default": mod };
24
4
  };
25
5
  Object.defineProperty(exports, "__esModule", { value: true });
26
6
  const grant_1 = __importDefault(require("grant"));
27
- const debug_1 = __importDefault(require("debug"));
28
7
  const express_session_1 = __importDefault(require("express-session"));
8
+ const commons_1 = require("@feathersjs/commons");
29
9
  const express_1 = require("@feathersjs/express");
30
10
  const grantInstance = grant_1.default.express();
31
- const debug = debug_1.default('@feathersjs/authentication-oauth/express');
11
+ const debug = (0, commons_1.createDebug)('@feathersjs/authentication-oauth/express');
32
12
  exports.default = (options) => {
33
13
  return (feathersApp) => {
34
14
  const { authService, linkStrategy } = options;
@@ -39,37 +19,56 @@ exports.default = (options) => {
39
19
  return;
40
20
  }
41
21
  const { prefix } = config.defaults;
42
- const expressSession = options.expressSession || express_session_1.default({
22
+ const expressSession = options.expressSession || (0, express_session_1.default)({
43
23
  secret: Math.random().toString(36).substring(7),
44
24
  saveUninitialized: true,
45
25
  resave: true
46
26
  });
47
27
  const grantApp = grantInstance(config);
48
- const authApp = express_1.original();
28
+ const authApp = (0, express_1.original)();
49
29
  authApp.use(expressSession);
50
30
  authApp.get('/:name', (req, _res, next) => {
51
- const _a = req.query, { feathers_token, redirect } = _a, query = __rest(_a, ["feathers_token", "redirect"]);
31
+ const { feathers_token, redirect, ...query } = req.query;
52
32
  if (feathers_token) {
53
33
  debug('Got feathers_token query parameter to link accounts', feathers_token);
54
34
  req.session.accessToken = feathers_token;
55
35
  }
56
36
  req.session.redirect = redirect;
57
37
  req.session.query = query;
58
- next();
38
+ req.session.headers = req.headers;
39
+ if (typeof (req.session.save) === 'function') {
40
+ req.session.save((err) => {
41
+ if (err) {
42
+ next(`Error storing session: ${err}`);
43
+ }
44
+ else {
45
+ next();
46
+ }
47
+ });
48
+ }
49
+ else {
50
+ next();
51
+ }
59
52
  });
60
- authApp.get('/:name/authenticate', (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
53
+ authApp.get('/:name/authenticate', async (req, res, next) => {
61
54
  const { name } = req.params;
62
- const { accessToken, grant, query = {}, redirect } = req.session;
55
+ const { accessToken, grant, query = {}, redirect, headers } = req.session;
63
56
  const service = app.defaultAuthentication(authService);
64
57
  const [strategy] = service.getStrategies(name);
65
- const params = Object.assign(Object.assign({}, req.feathers), { authStrategies: [name], authentication: accessToken ? {
58
+ const params = {
59
+ ...req.feathers,
60
+ authStrategies: [name],
61
+ authentication: accessToken ? {
66
62
  strategy: linkStrategy,
67
63
  accessToken
68
- } : null, query,
69
- redirect });
70
- const sendResponse = (data) => __awaiter(void 0, void 0, void 0, function* () {
64
+ } : null,
65
+ query,
66
+ redirect,
67
+ headers
68
+ };
69
+ const sendResponse = async (data) => {
71
70
  try {
72
- const redirect = yield strategy.getRedirect(data, params);
71
+ const redirect = await strategy.getRedirect(data, params);
73
72
  if (redirect !== null) {
74
73
  res.redirect(redirect);
75
74
  }
@@ -84,28 +83,33 @@ exports.default = (options) => {
84
83
  debug('oAuth error', error);
85
84
  next(error);
86
85
  }
87
- });
86
+ };
88
87
  try {
89
88
  const payload = config.defaults.transport === 'session' ?
90
89
  grant.response : req.query;
91
- const authentication = Object.assign({ strategy: name }, payload);
92
- yield new Promise((resolve, reject) => {
93
- if (!req.session.destroy) {
90
+ const authentication = {
91
+ strategy: name,
92
+ ...payload
93
+ };
94
+ await new Promise((resolve, reject) => {
95
+ if (req.session.destroy) {
96
+ req.session.destroy((err) => err ? reject(err) : resolve());
97
+ }
98
+ else {
94
99
  req.session = null;
95
100
  resolve();
96
101
  }
97
- req.session.destroy(err => err ? reject(err) : resolve());
98
102
  });
99
103
  debug(`Calling ${authService}.create authentication with strategy ${name}`);
100
- const authResult = yield service.create(authentication, params);
104
+ const authResult = await service.create(authentication, params);
101
105
  debug('Successful oAuth authentication, sending response');
102
- yield sendResponse(authResult);
106
+ await sendResponse(authResult);
103
107
  }
104
108
  catch (error) {
105
109
  debug('Received oAuth authentication error', error.stack);
106
- yield sendResponse(error);
110
+ await sendResponse(error);
107
111
  }
108
- }));
112
+ });
109
113
  authApp.use(grantApp);
110
114
  app.set('grant', grantApp.config);
111
115
  app.use(prefix, authApp);
package/lib/express.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"express.js","sourceRoot":"","sources":["../src/express.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,kDAA0B;AAC1B,kDAA0B;AAC1B,sEAAsC;AAGtC,iDAG6B;AAI7B,MAAM,aAAa,GAAG,eAAK,CAAC,OAAO,EAAE,CAAC;AACtC,MAAM,KAAK,GAAG,eAAK,CAAC,0CAA0C,CAAC,CAAC;AAWhE,kBAAe,CAAC,OAA2B,EAAE,EAAE;IAC7C,OAAO,CAAC,WAAwB,EAAE,EAAE;QAClC,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC;QAC9C,MAAM,GAAG,GAAG,WAAiC,CAAC;QAC9C,MAAM,MAAM,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAEhC,IAAI,CAAC,MAAM,EAAE;YACX,KAAK,CAAC,4DAA4D,CAAC,CAAC;YACpE,OAAO;SACR;QAED,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC;QACnC,MAAM,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,yBAAO,CAAC;YACvD,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;YAC/C,iBAAiB,EAAE,IAAI;YACvB,MAAM,EAAE,IAAI;SACb,CAAC,CAAC;QACH,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;QACvC,MAAM,OAAO,GAAG,kBAAe,EAAE,CAAC;QAElC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAE5B,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;YACxC,MAAM,KAAyC,GAAG,CAAC,KAAK,EAAlD,EAAE,cAAc,EAAE,QAAQ,OAAwB,EAAnB,KAAK,cAApC,8BAAsC,CAAY,CAAC;YAEzD,IAAI,cAAc,EAAE;gBAClB,KAAK,CAAC,qDAAqD,EAAE,cAAc,CAAC,CAAC;gBAC7E,GAAG,CAAC,OAAO,CAAC,WAAW,GAAG,cAAwB,CAAC;aACpD;YACD,GAAG,CAAC,OAAO,CAAC,QAAQ,GAAG,QAAkB,CAAC;YAC1C,GAAG,CAAC,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC;YAE1B,IAAI,EAAE,CAAA;QACR,CAAC,CAAC,CAAC;QAEH,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,CAAO,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;YAC1D,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC,MAAM,CAAE;YAC7B,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,KAAK,GAAG,EAAE,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC;YACjE,MAAM,OAAO,GAAG,GAAG,CAAC,qBAAqB,CAAC,WAAW,CAAC,CAAC;YACvD,MAAM,CAAE,QAAQ,CAAE,GAAG,OAAO,CAAC,aAAa,CAAC,IAAI,CAAoB,CAAC;YACpE,MAAM,MAAM,mCACP,GAAG,CAAC,QAAQ,KACf,cAAc,EAAE,CAAE,IAAI,CAAE,EACxB,cAAc,EAAE,WAAW,CAAC,CAAC,CAAC;oBAC5B,QAAQ,EAAE,YAAY;oBACtB,WAAW;iBACZ,CAAC,CAAC,CAAC,IAAI,EACR,KAAK;gBACL,QAAQ,GACT,CAAC;YACF,MAAM,YAAY,GAAG,CAAO,IAAgC,EAAE,EAAE;gBAC9D,IAAI;oBACF,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,WAAW,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;oBAE1D,IAAI,QAAQ,KAAK,IAAI,EAAE;wBACrB,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;qBACxB;yBAAM,IAAI,IAAI,YAAY,KAAK,EAAE;wBAChC,MAAM,IAAI,CAAC;qBACZ;yBAAM;wBACL,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;qBAChB;iBACF;gBAAC,OAAO,KAAK,EAAE;oBACd,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;oBAC5B,IAAI,CAAC,KAAK,CAAC,CAAC;iBACb;YACH,CAAC,CAAA,CAAC;YAEF,IAAI;gBACF,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC;oBACvD,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC;gBAC7B,MAAM,cAAc,mBAClB,QAAQ,EAAE,IAAI,IACX,OAAO,CACX,CAAC;gBAEF,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;oBAC1C,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE;wBACxB,GAAG,CAAC,OAAO,GAAG,IAAI,CAAC;wBACnB,OAAO,EAAE,CAAC;qBACX;oBAED,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC5D,CAAC,CAAC,CAAC;gBAEH,KAAK,CAAC,WAAW,WAAW,wCAAwC,IAAI,EAAE,CAAC,CAAC;gBAE5E,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;gBAEhE,KAAK,CAAC,mDAAmD,CAAC,CAAC;gBAE3D,MAAM,YAAY,CAAC,UAAU,CAAC,CAAC;aAChC;YAAC,OAAO,KAAK,EAAE;gBACd,KAAK,CAAC,qCAAqC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;gBAC1D,MAAM,YAAY,CAAC,KAAK,CAAC,CAAC;aAC3B;QACH,CAAC,CAAA,CAAC,CAAC;QAEH,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAEtB,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;QAClC,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC3B,CAAC,CAAC;AACJ,CAAC,CAAC"}
1
+ {"version":3,"file":"express.js","sourceRoot":"","sources":["../src/express.ts"],"names":[],"mappings":";;;;;AAAA,kDAA0B;AAC1B,sEAAsC;AAEtC,iDAAkD;AAGlD,iDAG6B;AAI7B,MAAM,aAAa,GAAG,eAAK,CAAC,OAAO,EAAE,CAAC;AACtC,MAAM,KAAK,GAAG,IAAA,qBAAW,EAAC,0CAA0C,CAAC,CAAC;AAYtE,kBAAe,CAAC,OAA2B,EAAE,EAAE;IAC7C,OAAO,CAAC,WAAwB,EAAE,EAAE;QAClC,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC;QAC9C,MAAM,GAAG,GAAG,WAAiC,CAAC;QAC9C,MAAM,MAAM,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAEhC,IAAI,CAAC,MAAM,EAAE;YACX,KAAK,CAAC,4DAA4D,CAAC,CAAC;YACpE,OAAO;SACR;QAED,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC;QACnC,MAAM,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,IAAA,yBAAO,EAAC;YACvD,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;YAC/C,iBAAiB,EAAE,IAAI;YACvB,MAAM,EAAE,IAAI;SACb,CAAC,CAAC;QACH,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;QACvC,MAAM,OAAO,GAAG,IAAA,kBAAe,GAAE,CAAC;QAElC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAE5B,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,GAAY,EAAE,IAAc,EAAE,IAAkB,EAAE,EAAE;YACzE,MAAM,EAAE,cAAc,EAAE,QAAQ,EAAE,GAAG,KAAK,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC;YAEzD,IAAI,cAAc,EAAE;gBAClB,KAAK,CAAC,qDAAqD,EAAE,cAAc,CAAC,CAAC;gBAC7E,GAAG,CAAC,OAAO,CAAC,WAAW,GAAG,cAAwB,CAAC;aACpD;YACD,GAAG,CAAC,OAAO,CAAC,QAAQ,GAAG,QAAkB,CAAC;YAC1C,GAAG,CAAC,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC;YAC1B,GAAG,CAAC,OAAO,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC;YAClC,IAAI,OAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,UAAU,EAAE;gBAC3C,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,GAAQ,EAAE,EAAE;oBAC5B,IAAI,GAAG,EAAE;wBACP,IAAI,CAAC,0BAA0B,GAAG,EAAE,CAAC,CAAC;qBACvC;yBAAM;wBACL,IAAI,EAAE,CAAC;qBACR;gBACH,CAAC,CAAC,CAAC;aACJ;iBACI;gBACH,IAAI,EAAE,CAAC;aACR;QACH,CAAC,CAAC,CAAC;QAEH,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;YAC3F,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC,MAAM,CAAE;YAC7B,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,KAAK,GAAG,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC;YAC1E,MAAM,OAAO,GAAG,GAAG,CAAC,qBAAqB,CAAC,WAAW,CAAC,CAAC;YACvD,MAAM,CAAE,QAAQ,CAAE,GAAG,OAAO,CAAC,aAAa,CAAC,IAAI,CAAoB,CAAC;YACpE,MAAM,MAAM,GAAG;gBACb,GAAG,GAAG,CAAC,QAAQ;gBACf,cAAc,EAAE,CAAE,IAAI,CAAE;gBACxB,cAAc,EAAE,WAAW,CAAC,CAAC,CAAC;oBAC5B,QAAQ,EAAE,YAAY;oBACtB,WAAW;iBACZ,CAAC,CAAC,CAAC,IAAI;gBACR,KAAK;gBACL,QAAQ;gBACR,OAAO;aACR,CAAC;YACF,MAAM,YAAY,GAAG,KAAK,EAAE,IAAgC,EAAE,EAAE;gBAC9D,IAAI;oBACF,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,WAAW,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;oBAE1D,IAAI,QAAQ,KAAK,IAAI,EAAE;wBACrB,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;qBACxB;yBAAM,IAAI,IAAI,YAAY,KAAK,EAAE;wBAChC,MAAM,IAAI,CAAC;qBACZ;yBAAM;wBACL,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;qBAChB;iBACF;gBAAC,OAAO,KAAU,EAAE;oBACnB,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;oBAC5B,IAAI,CAAC,KAAK,CAAC,CAAC;iBACb;YACH,CAAC,CAAC;YAEF,IAAI;gBACF,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC;oBACvD,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC;gBAC7B,MAAM,cAAc,GAAG;oBACrB,QAAQ,EAAE,IAAI;oBACd,GAAG,OAAO;iBACX,CAAC;gBAEF,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;oBAC1C,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE;wBACvB,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,GAAQ,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;qBAClE;yBACI;wBACH,GAAG,CAAC,OAAO,GAAG,IAAI,CAAC;wBACnB,OAAO,EAAE,CAAC;qBACX;gBACH,CAAC,CAAC,CAAC;gBAEH,KAAK,CAAC,WAAW,WAAW,wCAAwC,IAAI,EAAE,CAAC,CAAC;gBAE5E,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;gBAEhE,KAAK,CAAC,mDAAmD,CAAC,CAAC;gBAE3D,MAAM,YAAY,CAAC,UAAU,CAAC,CAAC;aAChC;YAAC,OAAO,KAAU,EAAE;gBACnB,KAAK,CAAC,qCAAqC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;gBAC1D,MAAM,YAAY,CAAC,KAAK,CAAC,CAAC;aAC3B;QACH,CAAC,CAAC,CAAC;QAEH,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAEtB,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;QAClC,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC3B,CAAC,CAAC;AACJ,CAAC,CAAC"}
package/lib/index.js CHANGED
@@ -4,16 +4,17 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
4
4
  };
5
5
  Object.defineProperty(exports, "__esModule", { value: true });
6
6
  exports.expressOauth = exports.express = exports.setup = exports.OAuthStrategy = void 0;
7
- const debug_1 = __importDefault(require("debug"));
8
- const merge_1 = __importDefault(require("lodash/merge"));
7
+ const defaultsDeep_1 = __importDefault(require("lodash/defaultsDeep"));
9
8
  const each_1 = __importDefault(require("lodash/each"));
10
9
  const omit_1 = __importDefault(require("lodash/omit"));
10
+ const commons_1 = require("@feathersjs/commons");
11
11
  const strategy_1 = require("./strategy");
12
12
  Object.defineProperty(exports, "OAuthStrategy", { enumerable: true, get: function () { return strategy_1.OAuthStrategy; } });
13
13
  const express_1 = __importDefault(require("./express"));
14
14
  const utils_1 = require("./utils");
15
- const debug = debug_1.default('@feathersjs/authentication-oauth');
15
+ const debug = (0, commons_1.createDebug)('@feathersjs/authentication-oauth');
16
16
  const setup = (options) => (app) => {
17
+ var _a, _b, _c, _d, _e, _f;
17
18
  const service = app.defaultAuthentication ? app.defaultAuthentication(options.authService) : null;
18
19
  if (!service) {
19
20
  throw new Error('An authentication service must exist before registering @feathersjs/authentication-oauth');
@@ -36,19 +37,19 @@ const setup = (options) => (app) => {
36
37
  host += `:${port}`;
37
38
  }
38
39
  }
39
- const grant = merge_1.default({
40
+ const grant = (0, defaultsDeep_1.default)({
40
41
  defaults: {
41
42
  prefix,
42
- origin: `${protocol}://${host}`,
43
- transport: 'session',
43
+ origin: `${(_b = (_a = oauth === null || oauth === void 0 ? void 0 : oauth.defaults) === null || _a === void 0 ? void 0 : _a.protocol) !== null && _b !== void 0 ? _b : protocol}://${(_d = (_c = oauth === null || oauth === void 0 ? void 0 : oauth.defaults) === null || _c === void 0 ? void 0 : _c.host) !== null && _d !== void 0 ? _d : host}`,
44
+ transport: (_f = (_e = oauth === null || oauth === void 0 ? void 0 : oauth.defaults) === null || _e === void 0 ? void 0 : _e.transport) !== null && _f !== void 0 ? _f : 'session',
44
45
  response: ['tokens', 'raw', 'profile']
45
46
  }
46
- }, omit_1.default(oauth, 'redirect'));
47
+ }, (0, omit_1.default)(oauth, ['redirect', 'origins']));
47
48
  const getUrl = (url) => {
48
49
  const { defaults } = grant;
49
50
  return `${defaults.origin}${prefix}/${url}`;
50
51
  };
51
- each_1.default(grant, (value, name) => {
52
+ (0, each_1.default)(grant, (value, name) => {
52
53
  if (name !== 'defaults') {
53
54
  value.callback = value.callback || getUrl(`${name}/authenticate`);
54
55
  value.redirect_uri = value.redirect_uri || getUrl(`${name}/callback`);
@@ -62,9 +63,9 @@ const setup = (options) => (app) => {
62
63
  };
63
64
  exports.setup = setup;
64
65
  const express = (settings = {}) => (app) => {
65
- const options = utils_1.getDefaultSettings(app, settings);
66
- app.configure(exports.setup(options));
67
- app.configure(express_1.default(options));
66
+ const options = (0, utils_1.getDefaultSettings)(app, settings);
67
+ app.configure((0, exports.setup)(options));
68
+ app.configure((0, express_1.default)(options));
68
69
  };
69
70
  exports.express = express;
70
71
  exports.expressOauth = exports.express;
package/lib/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;AAAA,kDAA0B;AAC1B,yDAAiC;AACjC,uDAA+B;AAC/B,uDAA+B;AAE/B,yCAAyD;AAM5B,8FANpB,wBAAa,OAMoB;AAL1C,wDAAoD;AACpD,mCAAiE;AAEjE,MAAM,KAAK,GAAG,eAAK,CAAC,kCAAkC,CAAC,CAAC;AAIjD,MAAM,KAAK,GAAG,CAAC,OAA2B,EAAE,EAAE,CAAC,CAAC,GAAgB,EAAE,EAAE;IACzE,MAAM,OAAO,GAAG,GAAG,CAAC,qBAAqB,CAAC,CAAC,CAAC,GAAG,CAAC,qBAAqB,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAElG,IAAI,CAAC,OAAO,EAAE;QACZ,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAC;KAC7G;IAED,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,aAAa,CAAC;IAExC,IAAI,CAAC,KAAK,EAAE;QACV,KAAK,CAAC,qFAAqF,CAAC,CAAC;QAC7F,OAAO;KACR;IAED,MAAM,EAAE,aAAa,EAAE,GAAG,OAAO,CAAC;IAElC,0BAA0B;IAC1B,MAAM,EAAE,MAAM,GAAG,QAAQ,EAAE,GAAG,KAAK,CAAC,QAAQ,IAAI,EAAE,CAAC;IACnD,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC7B,IAAI,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC3B,IAAI,QAAQ,GAAG,OAAO,CAAC;IAEvB,sEAAsE;IACtE,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,aAAa,EAAE;QACpC,QAAQ,GAAG,MAAM,CAAC;QAClB,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE;YACzB,IAAI,IAAI,IAAI,IAAI,EAAE,CAAC;SACpB;KACF;IAED,MAAM,KAAK,GAAG,eAAK,CAAC;QAClB,QAAQ,EAAE;YACR,MAAM;YACN,MAAM,EAAE,GAAG,QAAQ,MAAM,IAAI,EAAE;YAC/B,SAAS,EAAE,SAAS;YACpB,QAAQ,EAAE,CAAC,QAAQ,EAAE,KAAK,EAAE,SAAS,CAAC;SACvC;KACF,EAAE,cAAI,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC;IAE5B,MAAM,MAAM,GAAG,CAAC,GAAW,EAAE,EAAE;QAC7B,MAAM,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC;QAC3B,OAAO,GAAG,QAAQ,CAAC,MAAM,GAAG,MAAM,IAAI,GAAG,EAAE,CAAC;IAC9C,CAAC,CAAC;IAEF,cAAI,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;QAC1B,IAAI,IAAI,KAAK,UAAU,EAAE;YACvB,KAAK,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,MAAM,CAAC,GAAG,IAAI,eAAe,CAAC,CAAC;YAClE,KAAK,CAAC,YAAY,GAAG,KAAK,CAAC,YAAY,IAAI,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,CAAC;YAEtE,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE;gBACjC,KAAK,CAAC,2CAA2C,IAAI,GAAG,CAAC,CAAC;gBAC1D,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,IAAI,wBAAa,EAAE,CAAC,CAAC;aAC7C;SACF;IACH,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;AAC1B,CAAC,CAAC;AAzDW,QAAA,KAAK,SAyDhB;AAEK,MAAM,OAAO,GAAG,CAAC,WAAwC,EAAE,EAAE,EAAE,CAAC,CAAC,GAAgB,EAAE,EAAE;IAC1F,MAAM,OAAO,GAAG,0BAAkB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IAElD,GAAG,CAAC,SAAS,CAAC,aAAK,CAAC,OAAO,CAAC,CAAC,CAAC;IAC9B,GAAG,CAAC,SAAS,CAAC,iBAAY,CAAC,OAAO,CAAC,CAAC,CAAC;AACvC,CAAC,CAAC;AALW,QAAA,OAAO,WAKlB;AAEW,QAAA,YAAY,GAAG,eAAO,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;AAAA,uEAA+C;AAC/C,uDAA+B;AAC/B,uDAA+B;AAC/B,iDAAkD;AAElD,yCAAyD;AAM5B,8FANpB,wBAAa,OAMoB;AAL1C,wDAAoD;AACpD,mCAAiE;AAEjE,MAAM,KAAK,GAAG,IAAA,qBAAW,EAAC,kCAAkC,CAAC,CAAC;AAIvD,MAAM,KAAK,GAAG,CAAC,OAA2B,EAAE,EAAE,CAAC,CAAC,GAAgB,EAAE,EAAE;;IACzE,MAAM,OAAO,GAAG,GAAG,CAAC,qBAAqB,CAAC,CAAC,CAAC,GAAG,CAAC,qBAAqB,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAElG,IAAI,CAAC,OAAO,EAAE;QACZ,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAC;KAC7G;IAED,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,aAAa,CAAC;IAExC,IAAI,CAAC,KAAK,EAAE;QACV,KAAK,CAAC,qFAAqF,CAAC,CAAC;QAC7F,OAAO;KACR;IAED,MAAM,EAAE,aAAa,EAAE,GAAG,OAAO,CAAC;IAElC,0BAA0B;IAC1B,MAAM,EAAE,MAAM,GAAG,QAAQ,EAAE,GAAG,KAAK,CAAC,QAAQ,IAAI,EAAE,CAAC;IACnD,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC7B,IAAI,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC3B,IAAI,QAAQ,GAAG,OAAO,CAAC;IAEvB,sEAAsE;IACtE,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,aAAa,EAAE;QACpC,QAAQ,GAAG,MAAM,CAAC;QAClB,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE;YACzB,IAAI,IAAI,IAAI,IAAI,EAAE,CAAC;SACpB;KACF;IAED,MAAM,KAAK,GAAG,IAAA,sBAAY,EAAC;QACzB,QAAQ,EAAE;YACR,MAAM;YACN,MAAM,EAAE,GAAG,MAAA,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,QAAQ,0CAAE,QAAQ,mCAAI,QAAQ,MAAM,MAAA,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,QAAQ,0CAAE,IAAI,mCAAI,IAAI,EAAE;YACrF,SAAS,EAAG,MAAA,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,QAAQ,0CAAE,SAAS,mCAAI,SAAS;YACnD,QAAQ,EAAE,CAAC,QAAQ,EAAE,KAAK,EAAE,SAAS,CAAC;SACvC;KACF,EAAE,IAAA,cAAI,EAAC,KAAK,EAAE,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC;IAEzC,MAAM,MAAM,GAAG,CAAC,GAAW,EAAE,EAAE;QAC7B,MAAM,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC;QAC3B,OAAO,GAAG,QAAQ,CAAC,MAAM,GAAG,MAAM,IAAI,GAAG,EAAE,CAAC;IAC9C,CAAC,CAAC;IAEF,IAAA,cAAI,EAAC,KAAK,EAAE,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;QAC1B,IAAI,IAAI,KAAK,UAAU,EAAE;YACvB,KAAK,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,MAAM,CAAC,GAAG,IAAI,eAAe,CAAC,CAAC;YAClE,KAAK,CAAC,YAAY,GAAG,KAAK,CAAC,YAAY,IAAI,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,CAAC;YAEtE,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE;gBACjC,KAAK,CAAC,2CAA2C,IAAI,GAAG,CAAC,CAAC;gBAC1D,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,IAAI,wBAAa,EAAE,CAAC,CAAC;aAC7C;SACF;IACH,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;AAC1B,CAAC,CAAC;AAzDW,QAAA,KAAK,SAyDhB;AAEK,MAAM,OAAO,GAAG,CAAC,WAAwC,EAAE,EAAE,EAAE,CAAC,CAAC,GAAgB,EAAE,EAAE;IAC1F,MAAM,OAAO,GAAG,IAAA,0BAAkB,EAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IAElD,GAAG,CAAC,SAAS,CAAC,IAAA,aAAK,EAAC,OAAO,CAAC,CAAC,CAAC;IAC9B,GAAG,CAAC,SAAS,CAAC,IAAA,iBAAY,EAAC,OAAO,CAAC,CAAC,CAAC;AACvC,CAAC,CAAC;AALW,QAAA,OAAO,WAKlB;AAEW,QAAA,YAAY,GAAG,eAAO,CAAC"}
package/lib/strategy.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { AuthenticationRequest, AuthenticationBaseStrategy, AuthenticationResult } from '@feathersjs/authentication';
1
+ import { AuthenticationRequest, AuthenticationBaseStrategy, AuthenticationResult, AuthenticationParams } from '@feathersjs/authentication';
2
2
  import { Params } from '@feathersjs/feathers';
3
3
  export interface OAuthProfile {
4
4
  id?: string | number;
@@ -15,12 +15,13 @@ export declare class OAuthStrategy extends AuthenticationBaseStrategy {
15
15
  }>;
16
16
  getProfile(data: AuthenticationRequest, _params: Params): Promise<any>;
17
17
  getCurrentEntity(params: Params): Promise<any>;
18
- getRedirect(data: AuthenticationResult | Error, params?: Params): Promise<string | null>;
18
+ getAllowedOrigin(params?: Params): Promise<any>;
19
+ getRedirect(data: AuthenticationResult | Error, params?: AuthenticationParams): Promise<string | null>;
19
20
  findEntity(profile: OAuthProfile, params: Params): Promise<any>;
20
21
  createEntity(profile: OAuthProfile, params: Params): Promise<any>;
21
22
  updateEntity(entity: any, profile: OAuthProfile, params: Params): Promise<any[]>;
22
23
  getEntity(result: any, params: Params): Promise<any>;
23
- authenticate(authentication: AuthenticationRequest, originalParams: Params): Promise<{
24
+ authenticate(authentication: AuthenticationRequest, originalParams: AuthenticationParams): Promise<{
24
25
  [x: string]: any;
25
26
  authentication: {
26
27
  strategy: string;
package/lib/strategy.js CHANGED
@@ -1,24 +1,4 @@
1
1
  "use strict";
2
- var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
- function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
- return new (P || (P = Promise))(function (resolve, reject) {
5
- function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
- function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
- function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
- step((generator = generator.apply(thisArg, _arguments || [])).next());
9
- });
10
- };
11
- var __rest = (this && this.__rest) || function (s, e) {
12
- var t = {};
13
- for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
14
- t[p] = s[p];
15
- if (s != null && typeof Object.getOwnPropertySymbols === "function")
16
- for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
17
- if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
18
- t[p[i]] = s[p[i]];
19
- }
20
- return t;
21
- };
22
2
  var __importDefault = (this && this.__importDefault) || function (mod) {
23
3
  return (mod && mod.__esModule) ? mod : { "default": mod };
24
4
  };
@@ -27,128 +7,130 @@ exports.OAuthStrategy = void 0;
27
7
  /* eslint-disable @typescript-eslint/no-unused-vars */
28
8
  // @ts-ignore
29
9
  const querystring_1 = __importDefault(require("querystring"));
30
- const debug_1 = __importDefault(require("debug"));
31
10
  const authentication_1 = require("@feathersjs/authentication");
32
11
  const errors_1 = require("@feathersjs/errors");
33
- const debug = debug_1.default('@feathersjs/authentication-oauth/strategy');
12
+ const commons_1 = require("@feathersjs/commons");
13
+ const debug = (0, commons_1.createDebug)('@feathersjs/authentication-oauth/strategy');
34
14
  class OAuthStrategy extends authentication_1.AuthenticationBaseStrategy {
35
15
  get configuration() {
36
16
  const { entity, service, entityId, oauth } = this.authentication.configuration;
37
17
  const config = oauth[this.name];
38
- return Object.assign({ entity,
18
+ return {
19
+ entity,
39
20
  service,
40
- entityId }, config);
21
+ entityId,
22
+ ...config
23
+ };
41
24
  }
42
25
  get entityId() {
43
26
  const { entityService } = this;
44
27
  return this.configuration.entityId || (entityService && entityService.id);
45
28
  }
46
- getEntityQuery(profile, _params) {
47
- return __awaiter(this, void 0, void 0, function* () {
48
- return {
49
- [`${this.name}Id`]: profile.sub || profile.id
50
- };
51
- });
29
+ async getEntityQuery(profile, _params) {
30
+ return {
31
+ [`${this.name}Id`]: profile.sub || profile.id
32
+ };
52
33
  }
53
- getEntityData(profile, _existingEntity, _params) {
54
- return __awaiter(this, void 0, void 0, function* () {
55
- return {
56
- [`${this.name}Id`]: profile.sub || profile.id
57
- };
58
- });
34
+ async getEntityData(profile, _existingEntity, _params) {
35
+ return {
36
+ [`${this.name}Id`]: profile.sub || profile.id
37
+ };
59
38
  }
60
- getProfile(data, _params) {
61
- return __awaiter(this, void 0, void 0, function* () {
62
- return data.profile;
63
- });
39
+ async getProfile(data, _params) {
40
+ return data.profile;
64
41
  }
65
- getCurrentEntity(params) {
66
- return __awaiter(this, void 0, void 0, function* () {
67
- const { authentication } = params;
68
- const { entity } = this.configuration;
69
- if (authentication && authentication.strategy) {
70
- debug('getCurrentEntity with authentication', authentication);
71
- const { strategy } = authentication;
72
- const authResult = yield this.authentication
73
- .authenticate(authentication, params, strategy);
74
- return authResult[entity];
75
- }
76
- return null;
77
- });
42
+ async getCurrentEntity(params) {
43
+ const { authentication } = params;
44
+ const { entity } = this.configuration;
45
+ if (authentication && authentication.strategy) {
46
+ debug('getCurrentEntity with authentication', authentication);
47
+ const { strategy } = authentication;
48
+ const authResult = await this.authentication
49
+ .authenticate(authentication, params, strategy);
50
+ return authResult[entity];
51
+ }
52
+ return null;
78
53
  }
79
- getRedirect(data, params) {
80
- return __awaiter(this, void 0, void 0, function* () {
81
- const queryRedirect = (params && params.redirect) || '';
82
- const { redirect } = this.authentication.configuration.oauth;
83
- if (!redirect) {
84
- return null;
54
+ async getAllowedOrigin(params) {
55
+ var _a;
56
+ const { redirect, origins } = this.authentication.configuration.oauth;
57
+ if (Array.isArray(origins)) {
58
+ const referer = ((_a = params === null || params === void 0 ? void 0 : params.headers) === null || _a === void 0 ? void 0 : _a.referer) || '';
59
+ const allowedOrigin = origins.find(current => referer.toLowerCase().startsWith(current.toLowerCase()));
60
+ if (!allowedOrigin) {
61
+ throw new errors_1.NotAuthenticated(`Referer "${referer || '[header not available]'}" not allowed.`);
85
62
  }
86
- const redirectUrl = `${redirect}${queryRedirect}`;
87
- const separator = redirect.endsWith('?') ? '' :
88
- (redirect.indexOf('#') !== -1 ? '?' : '#');
89
- const authResult = data;
90
- const query = authResult.accessToken ? {
91
- access_token: authResult.accessToken
92
- } : {
93
- error: data.message || 'OAuth Authentication not successful'
94
- };
95
- return `${redirectUrl}${separator}${querystring_1.default.stringify(query)}`;
96
- });
63
+ return allowedOrigin;
64
+ }
65
+ return redirect;
97
66
  }
98
- findEntity(profile, params) {
99
- return __awaiter(this, void 0, void 0, function* () {
100
- const query = yield this.getEntityQuery(profile, params);
101
- debug('findEntity with query', query);
102
- const result = yield this.entityService.find(Object.assign(Object.assign({}, params), { query }));
103
- const [entity = null] = result.data ? result.data : result;
104
- debug('findEntity returning', entity);
105
- return entity;
106
- });
67
+ async getRedirect(data, params) {
68
+ const queryRedirect = (params && params.redirect) || '';
69
+ const redirect = await this.getAllowedOrigin(params);
70
+ if (!redirect) {
71
+ return null;
72
+ }
73
+ const redirectUrl = `${redirect}${queryRedirect}`;
74
+ const separator = redirect.endsWith('?') ? '' :
75
+ (redirect.indexOf('#') !== -1 ? '?' : '#');
76
+ const authResult = data;
77
+ const query = authResult.accessToken ? {
78
+ access_token: authResult.accessToken
79
+ } : {
80
+ error: data.message || 'OAuth Authentication not successful'
81
+ };
82
+ return `${redirectUrl}${separator}${querystring_1.default.stringify(query)}`;
107
83
  }
108
- createEntity(profile, params) {
109
- return __awaiter(this, void 0, void 0, function* () {
110
- const data = yield this.getEntityData(profile, null, params);
111
- debug('createEntity with data', data);
112
- return this.entityService.create(data, params);
84
+ async findEntity(profile, params) {
85
+ const query = await this.getEntityQuery(profile, params);
86
+ debug('findEntity with query', query);
87
+ const result = await this.entityService.find({
88
+ ...params,
89
+ query
113
90
  });
91
+ const [entity = null] = result.data ? result.data : result;
92
+ debug('findEntity returning', entity);
93
+ return entity;
114
94
  }
115
- updateEntity(entity, profile, params) {
116
- return __awaiter(this, void 0, void 0, function* () {
117
- const id = entity[this.entityId];
118
- const data = yield this.getEntityData(profile, entity, params);
119
- debug(`updateEntity with id ${id} and data`, data);
120
- return this.entityService.patch(id, data, params);
121
- });
95
+ async createEntity(profile, params) {
96
+ const data = await this.getEntityData(profile, null, params);
97
+ debug('createEntity with data', data);
98
+ return this.entityService.create(data, commons_1._.omit(params, 'query'));
122
99
  }
123
- getEntity(result, params) {
124
- return __awaiter(this, void 0, void 0, function* () {
125
- const { entityService } = this;
126
- const { entityId = entityService.id, entity } = this.configuration;
127
- if (!entityId || result[entityId] === undefined) {
128
- throw new errors_1.NotAuthenticated('Could not get oAuth entity');
129
- }
130
- if (!params.provider) {
131
- return result;
132
- }
133
- return entityService.get(result[entityId], Object.assign(Object.assign({}, params), { [entity]: result }));
134
- });
100
+ async updateEntity(entity, profile, params) {
101
+ const id = entity[this.entityId];
102
+ const data = await this.getEntityData(profile, entity, params);
103
+ debug(`updateEntity with id ${id} and data`, data);
104
+ return this.entityService.patch(id, data, commons_1._.omit(params, 'query'));
135
105
  }
136
- authenticate(authentication, originalParams) {
137
- return __awaiter(this, void 0, void 0, function* () {
138
- const entity = this.configuration.entity;
139
- const { provider } = originalParams, params = __rest(originalParams, ["provider"]);
140
- const profile = yield this.getProfile(authentication, params);
141
- const existingEntity = (yield this.findEntity(profile, params))
142
- || (yield this.getCurrentEntity(params));
143
- debug('authenticate with (existing) entity', existingEntity);
144
- const authEntity = !existingEntity ? yield this.createEntity(profile, params)
145
- : yield this.updateEntity(existingEntity, profile, params);
146
- return {
147
- authentication: { strategy: this.name },
148
- [entity]: yield this.getEntity(authEntity, originalParams)
149
- };
106
+ async getEntity(result, params) {
107
+ const { entityService } = this;
108
+ const { entityId = entityService.id, entity } = this.configuration;
109
+ if (!entityId || result[entityId] === undefined) {
110
+ throw new errors_1.NotAuthenticated('Could not get oAuth entity');
111
+ }
112
+ if (!params.provider) {
113
+ return result;
114
+ }
115
+ return entityService.get(result[entityId], {
116
+ ...commons_1._.omit(params, 'query'),
117
+ [entity]: result
150
118
  });
151
119
  }
120
+ async authenticate(authentication, originalParams) {
121
+ const entity = this.configuration.entity;
122
+ const { provider, ...params } = originalParams;
123
+ const profile = await this.getProfile(authentication, params);
124
+ const existingEntity = await this.findEntity(profile, params)
125
+ || await this.getCurrentEntity(params);
126
+ debug('authenticate with (existing) entity', existingEntity);
127
+ const authEntity = !existingEntity ? await this.createEntity(profile, params)
128
+ : await this.updateEntity(existingEntity, profile, params);
129
+ return {
130
+ authentication: { strategy: this.name },
131
+ [entity]: await this.getEntity(authEntity, originalParams)
132
+ };
133
+ }
152
134
  }
153
135
  exports.OAuthStrategy = OAuthStrategy;
154
136
  //# sourceMappingURL=strategy.js.map
package/lib/strategy.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"strategy.js","sourceRoot":"","sources":["../src/strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,sDAAsD;AACtD,aAAa;AACb,8DAAsC;AACtC,kDAA0B;AAC1B,+DAEoC;AAEpC,+CAAsD;AAEtD,MAAM,KAAK,GAAG,eAAK,CAAC,2CAA2C,CAAC,CAAC;AAOjE,MAAa,aAAc,SAAQ,2CAA0B;IAC3D,IAAI,aAAa;QACf,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC;QAC/E,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEhC,uBACE,MAAM;YACN,OAAO;YACP,QAAQ,IACL,MAAM,EACT;IACJ,CAAC;IAED,IAAI,QAAQ;QACV,MAAM,EAAE,aAAa,EAAE,GAAG,IAAI,CAAC;QAE/B,OAAO,IAAI,CAAC,aAAa,CAAC,QAAQ,IAAI,CAAC,aAAa,IAAK,aAAqB,CAAC,EAAE,CAAC,CAAC;IACrF,CAAC;IAEK,cAAc,CAAE,OAAqB,EAAE,OAAe;;YAC1D,OAAO;gBACL,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,CAAC,EAAE,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,EAAE;aAC9C,CAAC;QACJ,CAAC;KAAA;IAEK,aAAa,CAAE,OAAqB,EAAE,eAAoB,EAAE,OAAe;;YAC/E,OAAO;gBACL,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,CAAC,EAAE,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,EAAE;aAC9C,CAAC;QACJ,CAAC;KAAA;IAEK,UAAU,CAAE,IAA2B,EAAE,OAAe;;YAC5D,OAAO,IAAI,CAAC,OAAO,CAAA;QACrB,CAAC;KAAA;IAEK,gBAAgB,CAAE,MAAc;;YACpC,MAAM,EAAE,cAAc,EAAE,GAAG,MAAM,CAAC;YAClC,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,aAAa,CAAC;YAEtC,IAAI,cAAc,IAAI,cAAc,CAAC,QAAQ,EAAE;gBAC7C,KAAK,CAAC,sCAAsC,EAAE,cAAc,CAAC,CAAC;gBAE9D,MAAM,EAAE,QAAQ,EAAE,GAAG,cAAc,CAAC;gBACpC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,cAAc;qBACzC,YAAY,CAAC,cAAc,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;gBAElD,OAAO,UAAU,CAAC,MAAM,CAAC,CAAC;aAC3B;YAED,OAAO,IAAI,CAAC;QACd,CAAC;KAAA;IAEK,WAAW,CAAE,IAAgC,EAAE,MAAe;;YAClE,MAAM,aAAa,GAAG,CAAC,MAAM,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YACxD,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,KAAK,CAAC;YAE7D,IAAI,CAAC,QAAQ,EAAE;gBACb,OAAO,IAAI,CAAC;aACb;YAED,MAAM,WAAW,GAAG,GAAG,QAAQ,GAAG,aAAa,EAAE,CAAC;YAClD,MAAM,SAAS,GAAG,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBAC7C,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YAC7C,MAAM,UAAU,GAAyB,IAAI,CAAC;YAC9C,MAAM,KAAK,GAAG,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC;gBACrC,YAAY,EAAE,UAAU,CAAC,WAAW;aACrC,CAAC,CAAC,CAAC;gBACF,KAAK,EAAE,IAAI,CAAC,OAAO,IAAI,qCAAqC;aAC7D,CAAC;YAEF,OAAO,GAAG,WAAW,GAAG,SAAS,GAAG,qBAAW,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC;QACrE,CAAC;KAAA;IAEK,UAAU,CAAE,OAAqB,EAAE,MAAc;;YACrD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAEzD,KAAK,CAAC,uBAAuB,EAAE,KAAK,CAAC,CAAC;YAEtC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,IAAI,iCACvC,MAAM,KACT,KAAK,IACL,CAAC;YACH,MAAM,CAAE,MAAM,GAAG,IAAI,CAAE,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC;YAE7D,KAAK,CAAC,sBAAsB,EAAE,MAAM,CAAC,CAAC;YAEtC,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEK,YAAY,CAAE,OAAqB,EAAE,MAAc;;YACvD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;YAE7D,KAAK,CAAC,wBAAwB,EAAE,IAAI,CAAC,CAAC;YAEtC,OAAO,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QACjD,CAAC;KAAA;IAEK,YAAY,CAAE,MAAW,EAAE,OAAqB,EAAE,MAAc;;YACpE,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACjC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;YAE/D,KAAK,CAAC,wBAAwB,EAAE,WAAW,EAAE,IAAI,CAAC,CAAC;YAEnD,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;QACpD,CAAC;KAAA;IAEK,SAAS,CAAE,MAAW,EAAE,MAAc;;YAC1C,MAAM,EAAE,aAAa,EAAE,GAAG,IAAI,CAAC;YAC/B,MAAM,EAAE,QAAQ,GAAI,aAAqB,CAAC,EAAE,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,aAAa,CAAC;YAE5E,IAAI,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,SAAS,EAAE;gBAC/C,MAAM,IAAI,yBAAgB,CAAC,4BAA4B,CAAC,CAAC;aAC1D;YAED,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE;gBACpB,OAAO,MAAM,CAAC;aACf;YAED,OAAO,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,kCACpC,MAAM,KACT,CAAC,MAAM,CAAC,EAAE,MAAM,IAChB,CAAC;QACL,CAAC;KAAA;IAEK,YAAY,CAAE,cAAqC,EAAE,cAAsB;;YAC/E,MAAM,MAAM,GAAW,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC;YACjD,MAAM,EAAE,QAAQ,KAAgB,cAAc,EAAzB,MAAM,UAAK,cAAc,EAAxC,YAAuB,CAAiB,CAAC;YAC/C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;YAC9D,MAAM,cAAc,GAAG,CAAA,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC;oBACxD,MAAM,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAA,CAAC;YAEzC,KAAK,CAAC,qCAAqC,EAAE,cAAc,CAAC,CAAC;YAE7D,MAAM,UAAU,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC;gBAC3E,CAAC,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,cAAc,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;YAE7D,OAAO;gBACL,cAAc,EAAE,EAAE,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE;gBACvC,CAAC,MAAM,CAAC,EAAE,MAAM,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,cAAc,CAAC;aAC3D,CAAC;QACJ,CAAC;KAAA;CACF;AA7ID,sCA6IC"}
1
+ {"version":3,"file":"strategy.js","sourceRoot":"","sources":["../src/strategy.ts"],"names":[],"mappings":";;;;;;AAAA,sDAAsD;AACtD,aAAa;AACb,8DAAsC;AACtC,+DAEoC;AAEpC,+CAAsD;AACtD,iDAAqD;AAErD,MAAM,KAAK,GAAG,IAAA,qBAAW,EAAC,2CAA2C,CAAC,CAAC;AAOvE,MAAa,aAAc,SAAQ,2CAA0B;IAC3D,IAAI,aAAa;QACf,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC;QAC/E,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEhC,OAAO;YACL,MAAM;YACN,OAAO;YACP,QAAQ;YACR,GAAG,MAAM;SACV,CAAC;IACJ,CAAC;IAED,IAAI,QAAQ;QACV,MAAM,EAAE,aAAa,EAAE,GAAG,IAAI,CAAC;QAE/B,OAAO,IAAI,CAAC,aAAa,CAAC,QAAQ,IAAI,CAAC,aAAa,IAAK,aAAqB,CAAC,EAAE,CAAC,CAAC;IACrF,CAAC;IAED,KAAK,CAAC,cAAc,CAAE,OAAqB,EAAE,OAAe;QAC1D,OAAO;YACL,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,CAAC,EAAE,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,EAAE;SAC9C,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,aAAa,CAAE,OAAqB,EAAE,eAAoB,EAAE,OAAe;QAC/E,OAAO;YACL,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,CAAC,EAAE,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,EAAE;SAC9C,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,UAAU,CAAE,IAA2B,EAAE,OAAe;QAC5D,OAAO,IAAI,CAAC,OAAO,CAAA;IACrB,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAE,MAAc;QACpC,MAAM,EAAE,cAAc,EAAE,GAAG,MAAM,CAAC;QAClC,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,aAAa,CAAC;QAEtC,IAAI,cAAc,IAAI,cAAc,CAAC,QAAQ,EAAE;YAC7C,KAAK,CAAC,sCAAsC,EAAE,cAAc,CAAC,CAAC;YAE9D,MAAM,EAAE,QAAQ,EAAE,GAAG,cAAc,CAAC;YACpC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,cAAc;iBACzC,YAAY,CAAC,cAAc,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;YAElD,OAAO,UAAU,CAAC,MAAM,CAAC,CAAC;SAC3B;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAE,MAAe;;QACrC,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,KAAK,CAAC;QAEtE,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE;YAC1B,MAAM,OAAO,GAAG,CAAA,MAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,OAAO,0CAAE,OAAO,KAAI,EAAE,CAAC;YAC/C,MAAM,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;YAEvG,IAAG,CAAC,aAAa,EAAE;gBACjB,MAAM,IAAI,yBAAgB,CAAC,YAAY,OAAO,IAAI,wBAAwB,gBAAgB,CAAC,CAAC;aAC7F;YAED,OAAO,aAAa,CAAC;SACtB;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,KAAK,CAAC,WAAW,CAAE,IAAgC,EAAE,MAA6B;QAChF,MAAM,aAAa,GAAG,CAAC,MAAM,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QACxD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;QAErD,IAAI,CAAC,QAAQ,EAAE;YACb,OAAO,IAAI,CAAC;SACb;QAED,MAAM,WAAW,GAAG,GAAG,QAAQ,GAAG,aAAa,EAAE,CAAC;QAClD,MAAM,SAAS,GAAG,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YAC7C,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC7C,MAAM,UAAU,GAAyB,IAAI,CAAC;QAC9C,MAAM,KAAK,GAAG,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC;YACrC,YAAY,EAAE,UAAU,CAAC,WAAW;SACrC,CAAC,CAAC,CAAC;YACF,KAAK,EAAE,IAAI,CAAC,OAAO,IAAI,qCAAqC;SAC7D,CAAC;QAEF,OAAO,GAAG,WAAW,GAAG,SAAS,GAAG,qBAAW,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC;IACrE,CAAC;IAED,KAAK,CAAC,UAAU,CAAE,OAAqB,EAAE,MAAc;QACrD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAEzD,KAAK,CAAC,uBAAuB,EAAE,KAAK,CAAC,CAAC;QAEtC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC;YAC3C,GAAG,MAAM;YACT,KAAK;SACN,CAAC,CAAC;QACH,MAAM,CAAE,MAAM,GAAG,IAAI,CAAE,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC;QAE7D,KAAK,CAAC,sBAAsB,EAAE,MAAM,CAAC,CAAC;QAEtC,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,YAAY,CAAE,OAAqB,EAAE,MAAc;QACvD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;QAE7D,KAAK,CAAC,wBAAwB,EAAE,IAAI,CAAC,CAAC;QAEtC,OAAO,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,WAAC,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAClE,CAAC;IAED,KAAK,CAAC,YAAY,CAAE,MAAW,EAAE,OAAqB,EAAE,MAAc;QACpE,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACjC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;QAE/D,KAAK,CAAC,wBAAwB,EAAE,WAAW,EAAE,IAAI,CAAC,CAAC;QAEnD,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,IAAI,EAAE,WAAC,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IACrE,CAAC;IAED,KAAK,CAAC,SAAS,CAAE,MAAW,EAAE,MAAc;QAC1C,MAAM,EAAE,aAAa,EAAE,GAAG,IAAI,CAAC;QAC/B,MAAM,EAAE,QAAQ,GAAI,aAAqB,CAAC,EAAE,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,aAAa,CAAC;QAE5E,IAAI,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,SAAS,EAAE;YAC/C,MAAM,IAAI,yBAAgB,CAAC,4BAA4B,CAAC,CAAC;SAC1D;QAED,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE;YACpB,OAAO,MAAM,CAAC;SACf;QAED,OAAO,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE;YACzC,GAAG,WAAC,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC;YAC1B,CAAC,MAAM,CAAC,EAAE,MAAM;SACjB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,YAAY,CAAE,cAAqC,EAAE,cAAoC;QAC7F,MAAM,MAAM,GAAW,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC;QACjD,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,EAAE,GAAG,cAAc,CAAC;QAC/C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;QAC9D,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC;eACxD,MAAM,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;QAEzC,KAAK,CAAC,qCAAqC,EAAE,cAAc,CAAC,CAAC;QAE7D,MAAM,UAAU,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC;YAC3E,CAAC,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,cAAc,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;QAE7D,OAAO;YACL,cAAc,EAAE,EAAE,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE;YACvC,CAAC,MAAM,CAAC,EAAE,MAAM,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,cAAc,CAAC;SAC3D,CAAC;IACJ,CAAC;CACF;AA9JD,sCA8JC"}
package/lib/utils.js CHANGED
@@ -2,7 +2,10 @@
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.getDefaultSettings = void 0;
4
4
  const getDefaultSettings = (_app, other) => {
5
- const defaults = Object.assign({ linkStrategy: 'jwt' }, other);
5
+ const defaults = {
6
+ linkStrategy: 'jwt',
7
+ ...other
8
+ };
6
9
  return defaults;
7
10
  };
8
11
  exports.getDefaultSettings = getDefaultSettings;
package/lib/utils.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":";;;AASO,MAAM,kBAAkB,GAAG,CAAC,IAAiB,EAAE,KAAmC,EAAE,EAAE;IAC3F,MAAM,QAAQ,mBACZ,YAAY,EAAE,KAAK,IAChB,KAAK,CACT,CAAC;IAEF,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AAPW,QAAA,kBAAkB,sBAO7B"}
1
+ {"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":";;;AASO,MAAM,kBAAkB,GAAG,CAAC,IAAiB,EAAE,KAAmC,EAAE,EAAE;IAC3F,MAAM,QAAQ,GAAuB;QACnC,YAAY,EAAE,KAAK;QACnB,GAAG,KAAK;KACT,CAAC;IAEF,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AAPW,QAAA,kBAAkB,sBAO7B"}
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@feathersjs/authentication-oauth",
3
3
  "description": "oAuth 1 and 2 authentication for Feathers. Powered by Grant.",
4
- "version": "5.0.0-pre.2",
4
+ "version": "5.0.0-pre.22",
5
5
  "homepage": "https://feathersjs.com",
6
6
  "main": "lib/",
7
7
  "types": "lib/",
@@ -16,7 +16,8 @@
16
16
  },
17
17
  "repository": {
18
18
  "type": "git",
19
- "url": "git://github.com/feathersjs/feathers.git"
19
+ "url": "git://github.com/feathersjs/feathers.git",
20
+ "directory": "packages/authentication-oauth"
20
21
  },
21
22
  "author": {
22
23
  "name": "Feathers contributors",
@@ -52,28 +53,27 @@
52
53
  "access": "public"
53
54
  },
54
55
  "dependencies": {
55
- "@feathersjs/authentication": "^5.0.0-pre.2",
56
- "@feathersjs/errors": "^5.0.0-pre.2",
57
- "@feathersjs/express": "^5.0.0-pre.2",
58
- "@feathersjs/feathers": "^5.0.0-pre.2",
59
- "debug": "^4.3.1",
60
- "express-session": "^1.17.1",
61
- "grant": "^5.4.12",
56
+ "@feathersjs/authentication": "^5.0.0-pre.22",
57
+ "@feathersjs/commons": "^5.0.0-pre.22",
58
+ "@feathersjs/errors": "^5.0.0-pre.22",
59
+ "@feathersjs/express": "^5.0.0-pre.22",
60
+ "@feathersjs/feathers": "^5.0.0-pre.22",
61
+ "express-session": "^1.17.2",
62
+ "grant": "^5.4.21",
62
63
  "lodash": "^4.17.21"
63
64
  },
64
65
  "devDependencies": {
65
- "@feathersjs/adapter-memory": "^5.0.0-pre.2",
66
- "@types/debug": "^4.1.5",
67
- "@types/express": "^4.17.11",
68
- "@types/express-session": "^1.17.3",
69
- "@types/lodash": "^4.14.168",
70
- "@types/mocha": "^8.2.2",
71
- "@types/node": "^14.14.37",
72
- "axios": "^0.21.1",
73
- "mocha": "^8.3.2",
74
- "shx": "^0.3.3",
75
- "ts-node": "^9.1.1",
76
- "typescript": "^4.2.3"
66
+ "@feathersjs/memory": "^5.0.0-pre.22",
67
+ "@types/express": "^4.17.13",
68
+ "@types/express-session": "^1.17.4",
69
+ "@types/lodash": "^4.14.182",
70
+ "@types/mocha": "^9.1.1",
71
+ "@types/node": "^17.0.31",
72
+ "axios": "^0.27.2",
73
+ "mocha": "^10.0.0",
74
+ "shx": "^0.3.4",
75
+ "ts-node": "^10.7.0",
76
+ "typescript": "^4.6.4"
77
77
  },
78
- "gitHead": "6e1f888dc5b612d2d77653177622e3f66245a0fb"
78
+ "gitHead": "e452e02063e6d8943a9cae2315ab585bc4f82fb6"
79
79
  }
package/src/express.ts CHANGED
@@ -1,6 +1,7 @@
1
1
  import grant from 'grant';
2
- import Debug from 'debug';
3
2
  import session from 'express-session';
3
+ import { Request, Response, NextFunction } from 'express';
4
+ import { createDebug } from '@feathersjs/commons';
4
5
  import { Application } from '@feathersjs/feathers';
5
6
  import { AuthenticationResult } from '@feathersjs/authentication';
6
7
  import {
@@ -11,7 +12,7 @@ import { OauthSetupSettings } from './utils';
11
12
  import { OAuthStrategy } from './strategy';
12
13
 
13
14
  const grantInstance = grant.express();
14
- const debug = Debug('@feathersjs/authentication-oauth/express');
15
+ const debug = createDebug('@feathersjs/authentication-oauth/express');
15
16
 
16
17
  declare module 'express-session' {
17
18
  interface SessionData {
@@ -19,6 +20,7 @@ declare module 'express-session' {
19
20
  accessToken: string;
20
21
  query: { [key: string]: any };
21
22
  grant: { [key: string]: any };
23
+ headers: { [key: string]: any };
22
24
  }
23
25
  }
24
26
 
@@ -44,7 +46,7 @@ export default (options: OauthSetupSettings) => {
44
46
 
45
47
  authApp.use(expressSession);
46
48
 
47
- authApp.get('/:name', (req, _res, next) => {
49
+ authApp.get('/:name', (req: Request, _res: Response, next: NextFunction) => {
48
50
  const { feathers_token, redirect, ...query } = req.query;
49
51
 
50
52
  if (feathers_token) {
@@ -53,13 +55,24 @@ export default (options: OauthSetupSettings) => {
53
55
  }
54
56
  req.session.redirect = redirect as string;
55
57
  req.session.query = query;
56
-
57
- next()
58
+ req.session.headers = req.headers;
59
+ if (typeof(req.session.save) === 'function') {
60
+ req.session.save((err: any) => {
61
+ if (err) {
62
+ next(`Error storing session: ${err}`);
63
+ } else {
64
+ next();
65
+ }
66
+ });
67
+ }
68
+ else {
69
+ next();
70
+ }
58
71
  });
59
72
 
60
- authApp.get('/:name/authenticate', async (req, res, next) => {
73
+ authApp.get('/:name/authenticate', async (req: Request, res: Response, next: NextFunction) => {
61
74
  const { name } = req.params ;
62
- const { accessToken, grant, query = {}, redirect } = req.session;
75
+ const { accessToken, grant, query = {}, redirect, headers } = req.session;
63
76
  const service = app.defaultAuthentication(authService);
64
77
  const [ strategy ] = service.getStrategies(name) as OAuthStrategy[];
65
78
  const params = {
@@ -70,7 +83,8 @@ export default (options: OauthSetupSettings) => {
70
83
  accessToken
71
84
  } : null,
72
85
  query,
73
- redirect
86
+ redirect,
87
+ headers
74
88
  };
75
89
  const sendResponse = async (data: AuthenticationResult|Error) => {
76
90
  try {
@@ -83,7 +97,7 @@ export default (options: OauthSetupSettings) => {
83
97
  } else {
84
98
  res.json(data);
85
99
  }
86
- } catch (error) {
100
+ } catch (error: any) {
87
101
  debug('oAuth error', error);
88
102
  next(error);
89
103
  }
@@ -98,12 +112,13 @@ export default (options: OauthSetupSettings) => {
98
112
  };
99
113
 
100
114
  await new Promise<void>((resolve, reject) => {
101
- if (!req.session.destroy) {
115
+ if (req.session.destroy) {
116
+ req.session.destroy((err: any) => err ? reject(err) : resolve());
117
+ }
118
+ else {
102
119
  req.session = null;
103
120
  resolve();
104
121
  }
105
-
106
- req.session.destroy(err => err ? reject(err) : resolve());
107
122
  });
108
123
 
109
124
  debug(`Calling ${authService}.create authentication with strategy ${name}`);
@@ -113,7 +128,7 @@ export default (options: OauthSetupSettings) => {
113
128
  debug('Successful oAuth authentication, sending response');
114
129
 
115
130
  await sendResponse(authResult);
116
- } catch (error) {
131
+ } catch (error: any) {
117
132
  debug('Received oAuth authentication error', error.stack);
118
133
  await sendResponse(error);
119
134
  }
package/src/index.ts CHANGED
@@ -1,13 +1,13 @@
1
- import Debug from 'debug';
2
- import merge from 'lodash/merge';
1
+ import defaultsDeep from 'lodash/defaultsDeep';
3
2
  import each from 'lodash/each';
4
3
  import omit from 'lodash/omit';
4
+ import { createDebug } from '@feathersjs/commons';
5
5
  import { Application } from '@feathersjs/feathers';
6
6
  import { OAuthStrategy, OAuthProfile } from './strategy';
7
7
  import { default as setupExpress } from './express';
8
8
  import { OauthSetupSettings, getDefaultSettings } from './utils';
9
9
 
10
- const debug = Debug('@feathersjs/authentication-oauth');
10
+ const debug = createDebug('@feathersjs/authentication-oauth');
11
11
 
12
12
  export { OauthSetupSettings, OAuthStrategy, OAuthProfile };
13
13
 
@@ -41,14 +41,14 @@ export const setup = (options: OauthSetupSettings) => (app: Application) => {
41
41
  }
42
42
  }
43
43
 
44
- const grant = merge({
44
+ const grant = defaultsDeep({
45
45
  defaults: {
46
46
  prefix,
47
- origin: `${protocol}://${host}`,
48
- transport: 'session',
47
+ origin: `${oauth?.defaults?.protocol ?? protocol}://${oauth?.defaults?.host ?? host}`,
48
+ transport: oauth?.defaults?.transport ?? 'session',
49
49
  response: ['tokens', 'raw', 'profile']
50
50
  }
51
- }, omit(oauth, 'redirect'));
51
+ }, omit(oauth, ['redirect', 'origins']));
52
52
 
53
53
  const getUrl = (url: string) => {
54
54
  const { defaults } = grant;
package/src/strategy.ts CHANGED
@@ -1,14 +1,14 @@
1
1
  /* eslint-disable @typescript-eslint/no-unused-vars */
2
2
  // @ts-ignore
3
3
  import querystring from 'querystring';
4
- import Debug from 'debug';
5
4
  import {
6
- AuthenticationRequest, AuthenticationBaseStrategy, AuthenticationResult
5
+ AuthenticationRequest, AuthenticationBaseStrategy, AuthenticationResult, AuthenticationParams
7
6
  } from '@feathersjs/authentication';
8
7
  import { Params } from '@feathersjs/feathers';
9
8
  import { NotAuthenticated } from '@feathersjs/errors';
9
+ import { createDebug, _ } from '@feathersjs/commons';
10
10
 
11
- const debug = Debug('@feathersjs/authentication-oauth/strategy');
11
+ const debug = createDebug('@feathersjs/authentication-oauth/strategy');
12
12
 
13
13
  export interface OAuthProfile {
14
14
  id?: string|number;
@@ -67,9 +67,26 @@ export class OAuthStrategy extends AuthenticationBaseStrategy {
67
67
  return null;
68
68
  }
69
69
 
70
- async getRedirect (data: AuthenticationResult|Error, params?: Params): Promise<string | null> {
70
+ async getAllowedOrigin (params?: Params) {
71
+ const { redirect, origins } = this.authentication.configuration.oauth;
72
+
73
+ if (Array.isArray(origins)) {
74
+ const referer = params?.headers?.referer || '';
75
+ const allowedOrigin = origins.find(current => referer.toLowerCase().startsWith(current.toLowerCase()));
76
+
77
+ if(!allowedOrigin) {
78
+ throw new NotAuthenticated(`Referer "${referer || '[header not available]'}" not allowed.`);
79
+ }
80
+
81
+ return allowedOrigin;
82
+ }
83
+
84
+ return redirect;
85
+ }
86
+
87
+ async getRedirect (data: AuthenticationResult|Error, params?: AuthenticationParams): Promise<string | null> {
71
88
  const queryRedirect = (params && params.redirect) || '';
72
- const { redirect } = this.authentication.configuration.oauth;
89
+ const redirect = await this.getAllowedOrigin(params);
73
90
 
74
91
  if (!redirect) {
75
92
  return null;
@@ -109,7 +126,7 @@ export class OAuthStrategy extends AuthenticationBaseStrategy {
109
126
 
110
127
  debug('createEntity with data', data);
111
128
 
112
- return this.entityService.create(data, params);
129
+ return this.entityService.create(data, _.omit(params, 'query'));
113
130
  }
114
131
 
115
132
  async updateEntity (entity: any, profile: OAuthProfile, params: Params) {
@@ -118,7 +135,7 @@ export class OAuthStrategy extends AuthenticationBaseStrategy {
118
135
 
119
136
  debug(`updateEntity with id ${id} and data`, data);
120
137
 
121
- return this.entityService.patch(id, data, params);
138
+ return this.entityService.patch(id, data, _.omit(params, 'query'));
122
139
  }
123
140
 
124
141
  async getEntity (result: any, params: Params) {
@@ -134,12 +151,12 @@ export class OAuthStrategy extends AuthenticationBaseStrategy {
134
151
  }
135
152
 
136
153
  return entityService.get(result[entityId], {
137
- ...params,
154
+ ..._.omit(params, 'query'),
138
155
  [entity]: result
139
156
  });
140
157
  }
141
158
 
142
- async authenticate (authentication: AuthenticationRequest, originalParams: Params) {
159
+ async authenticate (authentication: AuthenticationRequest, originalParams: AuthenticationParams) {
143
160
  const entity: string = this.configuration.entity;
144
161
  const { provider, ...params } = originalParams;
145
162
  const profile = await this.getProfile(authentication, params);