@feathersjs/authentication-oauth 5.0.0-pre.9 → 5.0.0

package/src/strategy.ts

@@ -1,159 +1,176 @@
-/* eslint-disable @typescript-eslint/no-unused-vars */
-// @ts-ignore
-import querystring from 'querystring';
 import {
-  AuthenticationRequest, AuthenticationBaseStrategy, AuthenticationResult
-} from '@feathersjs/authentication';
-import { Params } from '@feathersjs/feathers';
-import { NotAuthenticated } from '@feathersjs/errors';
-import { createDebug, _ } from '@feathersjs/commons';
-
-const debug = createDebug('@feathersjs/authentication-oauth/strategy');
+  AuthenticationRequest,
+  AuthenticationBaseStrategy,
+  AuthenticationResult,
+  AuthenticationParams
+} from '@feathersjs/authentication'
+import { Params } from '@feathersjs/feathers'
+import { NotAuthenticated } from '@feathersjs/errors'
+import { createDebug, _ } from '@feathersjs/commons'
+import qs from 'qs'
+
+const debug = createDebug('@feathersjs/authentication-oauth/strategy')
 
 export interface OAuthProfile {
-  id?: string|number;
-  [key: string]: any;
+  id?: string | number
+  [key: string]: any
 }
 
 export class OAuthStrategy extends AuthenticationBaseStrategy {
-  get configuration () {
-    const { entity, service, entityId, oauth } = this.authentication.configuration;
-    const config = oauth[this.name];
+  get configuration() {
+    const { entity, service, entityId, oauth } = this.authentication.configuration
+    const config = oauth[this.name] as any
 
     return {
       entity,
       service,
       entityId,
       ...config
-    };
+    }
   }
 
-  get entityId (): string {
-    const { entityService } = this;
+  get entityId(): string {
+    const { entityService } = this
 
-    return this.configuration.entityId || (entityService && (entityService as any).id);
+    return this.configuration.entityId || (entityService && (entityService as any).id)
   }
 
-  async getEntityQuery (profile: OAuthProfile, _params: Params) {
+  async getEntityQuery(profile: OAuthProfile, _params: Params) {
     return {
       [`${this.name}Id`]: profile.sub || profile.id
-    };
+    }
   }
 
-  async getEntityData (profile: OAuthProfile, _existingEntity: any, _params: Params) {
+  async getEntityData(profile: OAuthProfile, _existingEntity: any, _params: Params) {
     return {
       [`${this.name}Id`]: profile.sub || profile.id
-    };
+    }
   }
 
-  async getProfile (data: AuthenticationRequest, _params: Params) {
+  async getProfile(data: AuthenticationRequest, _params: Params) {
     return data.profile
   }
 
-  async getCurrentEntity (params: Params) {
-    const { authentication } = params;
-    const { entity } = this.configuration;
+  async getCurrentEntity(params: Params) {
+    const { authentication } = params
+    const { entity } = this.configuration
 
     if (authentication && authentication.strategy) {
-      debug('getCurrentEntity with authentication', authentication);
+      debug('getCurrentEntity with authentication', authentication)
 
-      const { strategy } = authentication;
-      const authResult = await this.authentication
-        .authenticate(authentication, params, strategy);
+      const { strategy } = authentication
+      const authResult = await this.authentication.authenticate(authentication, params, strategy)
 
-      return authResult[entity];
+      return authResult[entity]
     }
 
-    return null;
+    return null
   }
 
-  async getRedirect (data: AuthenticationResult|Error, params?: Params): Promise<string | null> {
-    const queryRedirect = (params && params.redirect) || '';
-    const { redirect } = this.authentication.configuration.oauth;
+  async getAllowedOrigin(params?: Params) {
+    const { redirect, origins = this.app.get('origins') } = this.authentication.configuration.oauth
+
+    if (Array.isArray(origins)) {
+      const referer = params?.headers?.referer || origins[0]
+      const allowedOrigin = origins.find((current) => referer.toLowerCase().startsWith(current.toLowerCase()))
+
+      if (!allowedOrigin) {
+        throw new NotAuthenticated(`Referer "${referer}" is not allowed.`)
+      }
+
+      return allowedOrigin
+    }
+
+    return redirect
+  }
+
+  async getRedirect(
+    data: AuthenticationResult | Error,
+    params?: AuthenticationParams
+  ): Promise<string | null> {
+    const queryRedirect = (params && params.redirect) || ''
+    const redirect = await this.getAllowedOrigin(params)
 
     if (!redirect) {
-      return null;
+      return null
     }
 
-    const redirectUrl = `${redirect}${queryRedirect}`;
-    const separator = redirect.endsWith('?') ? '' :
-      (redirect.indexOf('#') !== -1 ? '?' : '#');
-    const authResult: AuthenticationResult = data;
-    const query = authResult.accessToken ? {
-      access_token: authResult.accessToken
-    } : {
-      error: data.message || 'OAuth Authentication not successful'
-    };
-
-    return `${redirectUrl}${separator}${querystring.stringify(query)}`;
+    const redirectUrl = `${redirect}${queryRedirect}`
+    const separator = redirect.endsWith('?') ? '' : redirect.indexOf('#') !== -1 ? '?' : '#'
+    const authResult: AuthenticationResult = data
+    const query = authResult.accessToken
+      ? { access_token: authResult.accessToken }
+      : { error: data.message || 'OAuth Authentication not successful' }
+
+    return `${redirectUrl}${separator}${qs.stringify(query)}`
   }
 
-  async findEntity (profile: OAuthProfile, params: Params) {
-    const query = await this.getEntityQuery(profile, params);
+  async findEntity(profile: OAuthProfile, params: Params) {
+    const query = await this.getEntityQuery(profile, params)
 
-    debug('findEntity with query', query);
+    debug('findEntity with query', query)
 
     const result = await this.entityService.find({
       ...params,
       query
-    });
-    const [ entity = null ] = result.data ? result.data : result;
+    })
+    const [entity = null] = result.data ? result.data : result
 
-    debug('findEntity returning', entity);
+    debug('findEntity returning', entity)
 
-    return entity;
+    return entity
   }
 
-  async createEntity (profile: OAuthProfile, params: Params) {
-    const data = await this.getEntityData(profile, null, params);
+  async createEntity(profile: OAuthProfile, params: Params) {
+    const data = await this.getEntityData(profile, null, params)
 
-    debug('createEntity with data', data);
+    debug('createEntity with data', data)
 
-    return this.entityService.create(data, _.omit(params, 'query'));
+    return this.entityService.create(data, _.omit(params, 'query'))
   }
 
-  async updateEntity (entity: any, profile: OAuthProfile, params: Params) {
-    const id = entity[this.entityId];
-    const data = await this.getEntityData(profile, entity, params);
+  async updateEntity(entity: any, profile: OAuthProfile, params: Params) {
+    const id = entity[this.entityId]
+    const data = await this.getEntityData(profile, entity, params)
 
-    debug(`updateEntity with id ${id} and data`, data);
+    debug(`updateEntity with id ${id} and data`, data)
 
-    return this.entityService.patch(id, data, _.omit(params, 'query'));
+    return this.entityService.patch(id, data, _.omit(params, 'query'))
   }
 
-  async getEntity (result: any, params: Params) {
-    const { entityService } = this;
-    const { entityId = (entityService as any).id, entity } = this.configuration;
+  async getEntity(result: any, params: Params) {
+    const { entityService } = this
+    const { entityId = (entityService as any).id, entity } = this.configuration
 
     if (!entityId || result[entityId] === undefined) {
-      throw new NotAuthenticated('Could not get oAuth entity');
+      throw new NotAuthenticated('Could not get oAuth entity')
     }
 
     if (!params.provider) {
-      return result;
+      return result
     }
 
     return entityService.get(result[entityId], {
       ..._.omit(params, 'query'),
       [entity]: result
-    });
+    })
   }
 
-  async authenticate (authentication: AuthenticationRequest, originalParams: Params) {
-    const entity: string = this.configuration.entity;
-    const { provider, ...params } = originalParams;
-    const profile = await this.getProfile(authentication, params);
-    const existingEntity = await this.findEntity(profile, params)
-      || await this.getCurrentEntity(params);
+  async authenticate(authentication: AuthenticationRequest, originalParams: AuthenticationParams) {
+    const entity: string = this.configuration.entity
+    const { provider, ...params } = originalParams
+    const profile = await this.getProfile(authentication, params)
+    const existingEntity = (await this.findEntity(profile, params)) || (await this.getCurrentEntity(params))
 
-    debug('authenticate with (existing) entity', existingEntity);
+    debug('authenticate with (existing) entity', existingEntity)
 
-    const authEntity = !existingEntity ? await this.createEntity(profile, params)
-      : await this.updateEntity(existingEntity, profile, params);
+    const authEntity = !existingEntity
+      ? await this.createEntity(profile, params)
+      : await this.updateEntity(existingEntity, profile, params)
 
     return {
       authentication: { strategy: this.name },
       [entity]: await this.getEntity(authEntity, originalParams)
-    };
+    }
   }
 }

package/src/utils.ts

@@ -1,17 +1,123 @@
-import { RequestHandler } from 'express';
-import { Application } from '@feathersjs/feathers';
+import type { RequestHandler } from 'express'
+import type { Middleware, Application as KoaApplication } from '@feathersjs/koa'
+
+import type { ServiceOptions } from '@feathersjs/feathers'
+
+import '@feathersjs/koa'
+import '@feathersjs/express'
+import expressCookieSession from 'cookie-session'
+import koaCookieSession from 'koa-session'
+
+import { AuthenticationService } from '@feathersjs/authentication'
+import { GrantConfig } from 'grant'
+
+import { defaultsDeep, each, omit } from 'lodash'
 
 export interface OauthSetupSettings {
-  authService?: string;
-  expressSession?: RequestHandler;
-  linkStrategy: string;
+  linkStrategy: string
+  authService?: string
+  expressSession?: RequestHandler
+  koaSession?: Middleware
+}
+
+export const getGrantConfig = (service: AuthenticationService): GrantConfig => {
+  const {
+    app,
+    configuration: { oauth }
+  } = service
+  // Set up all the defaults
+  const port = app.get('port')
+  let host = app.get('host')
+  let protocol = 'https'
+
+  // Development environments commonly run on HTTP with an extended port
+  if (process.env.NODE_ENV !== 'production') {
+    protocol = 'http'
+    if (String(port) !== '80') {
+      host += `:${port}`
+    }
+  }
+
+  const grant: GrantConfig = defaultsDeep({}, omit(oauth, ['redirect', 'origins']), {
+    defaults: {
+      prefix: '/oauth',
+      origin: `${protocol}://${host}`,
+      transport: 'state',
+      response: ['tokens', 'raw', 'profile']
+    }
+  })
+
+  const getUrl = (url: string) => {
+    const { defaults } = grant
+    return `${defaults.origin}${defaults.prefix}/${url}`
+  }
+
+  each(grant, (value, name) => {
+    if (name !== 'defaults') {
+      value.redirect_uri = value.redirect_uri || getUrl(`${name}/callback`)
+    }
+  })
+
+  return grant
+}
+
+export const setExpressParams: RequestHandler = (req, res, next) => {
+  req.session.destroy ||= () => {
+    req.session = null
+  }
+
+  req.feathers = {
+    ...req.feathers,
+    session: req.session,
+    state: res.locals
+  }
+
+  next()
+}
+
+export const setKoaParams: Middleware = async (ctx, next) => {
+  ctx.session.destroy ||= () => {
+    ctx.session = null
+  }
+
+  ctx.feathers = {
+    ...ctx.feathers,
+    session: ctx.session,
+    state: ctx.state
+  } as any
+
+  await next()
 }
 
-export const getDefaultSettings = (_app: Application, other?: Partial<OauthSetupSettings>) => {
-  const defaults: OauthSetupSettings = {
-    linkStrategy: 'jwt',
-    ...other
-  };
+export const authenticationServiceOptions = (
+  service: AuthenticationService,
+  settings: OauthSetupSettings
+): ServiceOptions => {
+  const { secret } = service.configuration
+  const koaApp = service.app as KoaApplication
+
+  if (koaApp.context) {
+    koaApp.keys = [secret]
+
+    const { koaSession = koaCookieSession({ key: 'feathers.oauth' }, koaApp as any) } = settings
 
-  return defaults;
-};
+    return {
+      koa: {
+        before: [koaSession, setKoaParams]
+      }
+    }
+  }
+
+  const {
+    expressSession = expressCookieSession({
+      name: 'feathers.oauth',
+      keys: [secret]
+    })
+  } = settings
+
+  return {
+    express: {
+      before: [expressSession, setExpressParams]
+    }
+  }
+}

package/lib/express.d.ts

@@ -1,16 +0,0 @@
-import { Application } from '@feathersjs/feathers';
-import { OauthSetupSettings } from './utils';
-declare module 'express-session' {
-    interface SessionData {
-        redirect: string;
-        accessToken: string;
-        query: {
-            [key: string]: any;
-        };
-        grant: {
-            [key: string]: any;
-        };
-    }
-}
-declare const _default: (options: OauthSetupSettings) => (feathersApp: Application) => void;
-export default _default;

package/lib/express.js

@@ -1,114 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __rest = (this && this.__rest) || function (s, e) {
-    var t = {};
-    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
-        t[p] = s[p];
-    if (s != null && typeof Object.getOwnPropertySymbols === "function")
-        for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
-            if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
-                t[p[i]] = s[p[i]];
-        }
-    return t;
-};
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const grant_1 = __importDefault(require("grant"));
-const express_session_1 = __importDefault(require("express-session"));
-const commons_1 = require("@feathersjs/commons");
-const express_1 = require("@feathersjs/express");
-const grantInstance = grant_1.default.express();
-const debug = commons_1.createDebug('@feathersjs/authentication-oauth/express');
-exports.default = (options) => {
-    return (feathersApp) => {
-        const { authService, linkStrategy } = options;
-        const app = feathersApp;
-        const config = app.get('grant');
-        if (!config) {
-            debug('No grant configuration found, skipping Express oAuth setup');
-            return;
-        }
-        const { prefix } = config.defaults;
-        const expressSession = options.expressSession || express_session_1.default({
-            secret: Math.random().toString(36).substring(7),
-            saveUninitialized: true,
-            resave: true
-        });
-        const grantApp = grantInstance(config);
-        const authApp = express_1.original();
-        authApp.use(expressSession);
-        authApp.get('/:name', (req, _res, next) => {
-            const _a = req.query, { feathers_token, redirect } = _a, query = __rest(_a, ["feathers_token", "redirect"]);
-            if (feathers_token) {
-                debug('Got feathers_token query parameter to link accounts', feathers_token);
-                req.session.accessToken = feathers_token;
-            }
-            req.session.redirect = redirect;
-            req.session.query = query;
-            next();
-        });
-        authApp.get('/:name/authenticate', (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
-            const { name } = req.params;
-            const { accessToken, grant, query = {}, redirect } = req.session;
-            const service = app.defaultAuthentication(authService);
-            const [strategy] = service.getStrategies(name);
-            const params = Object.assign(Object.assign({}, req.feathers), { authStrategies: [name], authentication: accessToken ? {
-                    strategy: linkStrategy,
-                    accessToken
-                } : null, query,
-                redirect });
-            const sendResponse = (data) => __awaiter(void 0, void 0, void 0, function* () {
-                try {
-                    const redirect = yield strategy.getRedirect(data, params);
-                    if (redirect !== null) {
-                        res.redirect(redirect);
-                    }
-                    else if (data instanceof Error) {
-                        throw data;
-                    }
-                    else {
-                        res.json(data);
-                    }
-                }
-                catch (error) {
-                    debug('oAuth error', error);
-                    next(error);
-                }
-            });
-            try {
-                const payload = config.defaults.transport === 'session' ?
-                    grant.response : req.query;
-                const authentication = Object.assign({ strategy: name }, payload);
-                yield new Promise((resolve, reject) => {
-                    if (!req.session.destroy) {
-                        req.session = null;
-                        resolve();
-                    }
-                    req.session.destroy((err) => err ? reject(err) : resolve());
-                });
-                debug(`Calling ${authService}.create authentication with strategy ${name}`);
-                const authResult = yield service.create(authentication, params);
-                debug('Successful oAuth authentication, sending response');
-                yield sendResponse(authResult);
-            }
-            catch (error) {
-                debug('Received oAuth authentication error', error.stack);
-                yield sendResponse(error);
-            }
-        }));
-        authApp.use(grantApp);
-        app.set('grant', grantApp.config);
-        app.use(prefix, authApp);
-    };
-};
-//# sourceMappingURL=express.js.map

package/lib/express.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"express.js","sourceRoot":"","sources":["../src/express.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,kDAA0B;AAC1B,sEAAsC;AAEtC,iDAAkD;AAGlD,iDAG6B;AAI7B,MAAM,aAAa,GAAG,eAAK,CAAC,OAAO,EAAE,CAAC;AACtC,MAAM,KAAK,GAAG,qBAAW,CAAC,0CAA0C,CAAC,CAAC;AAWtE,kBAAe,CAAC,OAA2B,EAAE,EAAE;IAC7C,OAAO,CAAC,WAAwB,EAAE,EAAE;QAClC,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC;QAC9C,MAAM,GAAG,GAAG,WAAiC,CAAC;QAC9C,MAAM,MAAM,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAEhC,IAAI,CAAC,MAAM,EAAE;YACX,KAAK,CAAC,4DAA4D,CAAC,CAAC;YACpE,OAAO;SACR;QAED,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC;QACnC,MAAM,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,yBAAO,CAAC;YACvD,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;YAC/C,iBAAiB,EAAE,IAAI;YACvB,MAAM,EAAE,IAAI;SACb,CAAC,CAAC;QACH,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;QACvC,MAAM,OAAO,GAAG,kBAAe,EAAE,CAAC;QAElC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAE5B,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,GAAY,EAAE,IAAc,EAAE,IAAkB,EAAE,EAAE;YACzE,MAAM,KAAyC,GAAG,CAAC,KAAK,EAAlD,EAAE,cAAc,EAAE,QAAQ,OAAwB,EAAnB,KAAK,cAApC,8BAAsC,CAAY,CAAC;YAEzD,IAAI,cAAc,EAAE;gBAClB,KAAK,CAAC,qDAAqD,EAAE,cAAc,CAAC,CAAC;gBAC7E,GAAG,CAAC,OAAO,CAAC,WAAW,GAAG,cAAwB,CAAC;aACpD;YACD,GAAG,CAAC,OAAO,CAAC,QAAQ,GAAG,QAAkB,CAAC;YAC1C,GAAG,CAAC,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC;YAE1B,IAAI,EAAE,CAAA;QACR,CAAC,CAAC,CAAC;QAEH,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,CAAO,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;YAC3F,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC,MAAM,CAAE;YAC7B,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,KAAK,GAAG,EAAE,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC;YACjE,MAAM,OAAO,GAAG,GAAG,CAAC,qBAAqB,CAAC,WAAW,CAAC,CAAC;YACvD,MAAM,CAAE,QAAQ,CAAE,GAAG,OAAO,CAAC,aAAa,CAAC,IAAI,CAAoB,CAAC;YACpE,MAAM,MAAM,mCACP,GAAG,CAAC,QAAQ,KACf,cAAc,EAAE,CAAE,IAAI,CAAE,EACxB,cAAc,EAAE,WAAW,CAAC,CAAC,CAAC;oBAC5B,QAAQ,EAAE,YAAY;oBACtB,WAAW;iBACZ,CAAC,CAAC,CAAC,IAAI,EACR,KAAK;gBACL,QAAQ,GACT,CAAC;YACF,MAAM,YAAY,GAAG,CAAO,IAAgC,EAAE,EAAE;gBAC9D,IAAI;oBACF,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,WAAW,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;oBAE1D,IAAI,QAAQ,KAAK,IAAI,EAAE;wBACrB,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;qBACxB;yBAAM,IAAI,IAAI,YAAY,KAAK,EAAE;wBAChC,MAAM,IAAI,CAAC;qBACZ;yBAAM;wBACL,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;qBAChB;iBACF;gBAAC,OAAO,KAAK,EAAE;oBACd,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;oBAC5B,IAAI,CAAC,KAAK,CAAC,CAAC;iBACb;YACH,CAAC,CAAA,CAAC;YAEF,IAAI;gBACF,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC;oBACvD,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC;gBAC7B,MAAM,cAAc,mBAClB,QAAQ,EAAE,IAAI,IACX,OAAO,CACX,CAAC;gBAEF,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;oBAC1C,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE;wBACxB,GAAG,CAAC,OAAO,GAAG,IAAI,CAAC;wBACnB,OAAO,EAAE,CAAC;qBACX;oBAED,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,GAAQ,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;gBACnE,CAAC,CAAC,CAAC;gBAEH,KAAK,CAAC,WAAW,WAAW,wCAAwC,IAAI,EAAE,CAAC,CAAC;gBAE5E,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;gBAEhE,KAAK,CAAC,mDAAmD,CAAC,CAAC;gBAE3D,MAAM,YAAY,CAAC,UAAU,CAAC,CAAC;aAChC;YAAC,OAAO,KAAK,EAAE;gBACd,KAAK,CAAC,qCAAqC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;gBAC1D,MAAM,YAAY,CAAC,KAAK,CAAC,CAAC;aAC3B;QACH,CAAC,CAAA,CAAC,CAAC;QAEH,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAEtB,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;QAClC,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC3B,CAAC,CAAC;AACJ,CAAC,CAAC"}

package/src/express.ts

@@ -1,128 +0,0 @@
-import grant from 'grant';
-import session from 'express-session';
-import { Request, Response, NextFunction } from 'express';
-import { createDebug } from '@feathersjs/commons';
-import { Application } from '@feathersjs/feathers';
-import { AuthenticationResult } from '@feathersjs/authentication';
-import {
-  Application as ExpressApplication,
-  original as originalExpress
-} from '@feathersjs/express';
-import { OauthSetupSettings } from './utils';
-import { OAuthStrategy } from './strategy';
-
-const grantInstance = grant.express();
-const debug = createDebug('@feathersjs/authentication-oauth/express');
-
-declare module 'express-session' {
-  interface SessionData {
-      redirect: string;
-      accessToken: string;
-      query: { [key: string]: any };
-      grant: { [key: string]: any };
-  }
-}
-
-export default (options: OauthSetupSettings) => {
-  return (feathersApp: Application) => {
-    const { authService, linkStrategy } = options;
-    const app = feathersApp as ExpressApplication;
-    const config = app.get('grant');
-
-    if (!config) {
-      debug('No grant configuration found, skipping Express oAuth setup');
-      return;
-    }
-
-    const { prefix } = config.defaults;
-    const expressSession = options.expressSession || session({
-      secret: Math.random().toString(36).substring(7),
-      saveUninitialized: true,
-      resave: true
-    });
-    const grantApp = grantInstance(config);
-    const authApp = originalExpress();
-
-    authApp.use(expressSession);
-
-    authApp.get('/:name', (req: Request, _res: Response, next: NextFunction) => {
-      const { feathers_token, redirect, ...query } = req.query;
-
-      if (feathers_token) {
-        debug('Got feathers_token query parameter to link accounts', feathers_token);
-        req.session.accessToken = feathers_token as string;
-      }
-      req.session.redirect = redirect as string;
-      req.session.query = query;
-
-      next()
-    });
-
-    authApp.get('/:name/authenticate', async (req: Request, res: Response, next: NextFunction) => {
-      const { name } = req.params ;
-      const { accessToken, grant, query = {}, redirect } = req.session;
-      const service = app.defaultAuthentication(authService);
-      const [ strategy ] = service.getStrategies(name) as OAuthStrategy[];
-      const params = {
-        ...req.feathers,
-        authStrategies: [ name ],
-        authentication: accessToken ? {
-          strategy: linkStrategy,
-          accessToken
-        } : null,
-        query,
-        redirect
-      };
-      const sendResponse = async (data: AuthenticationResult|Error) => {
-        try {
-          const redirect = await strategy.getRedirect(data, params);
-
-          if (redirect !== null) {
-            res.redirect(redirect);
-          } else if (data instanceof Error) {
-            throw data;
-          } else {
-            res.json(data);
-          }
-        } catch (error) {
-          debug('oAuth error', error);
-          next(error);
-        }
-      };
-
-      try {
-        const payload = config.defaults.transport === 'session' ?
-          grant.response : req.query;
-        const authentication = {
-          strategy: name,
-          ...payload
-        };
-
-        await new Promise<void>((resolve, reject) => {
-          if (!req.session.destroy) {
-            req.session = null;
-            resolve();
-          }
-
-          req.session.destroy((err: any) => err ? reject(err) : resolve());
-        });
-
-        debug(`Calling ${authService}.create authentication with strategy ${name}`);
-
-        const authResult = await service.create(authentication, params);
-
-        debug('Successful oAuth authentication, sending response');
-
-        await sendResponse(authResult);
-      } catch (error) {
-        debug('Received oAuth authentication error', error.stack);
-        await sendResponse(error);
-      }
-    });
-
-    authApp.use(grantApp);
-
-    app.set('grant', grantApp.config);
-    app.use(prefix, authApp);
-  };
-};