@feathersjs/authentication-oauth 5.0.0-pre.9 → 5.0.1

package/lib/utils.d.ts

@@ -1,8 +1,17 @@
-import { RequestHandler } from 'express';
-import { Application } from '@feathersjs/feathers';
+import type { RequestHandler } from 'express';
+import type { Middleware } from '@feathersjs/koa';
+import type { ServiceOptions } from '@feathersjs/feathers';
+import '@feathersjs/koa';
+import '@feathersjs/express';
+import { AuthenticationService } from '@feathersjs/authentication';
+import { GrantConfig } from 'grant';
 export interface OauthSetupSettings {
+    linkStrategy: string;
     authService?: string;
     expressSession?: RequestHandler;
-    linkStrategy: string;
+    koaSession?: Middleware;
 }
-export declare const getDefaultSettings: (_app: Application, other?: Partial<OauthSetupSettings>) => OauthSetupSettings;
+export declare const getGrantConfig: (service: AuthenticationService) => GrantConfig;
+export declare const setExpressParams: RequestHandler;
+export declare const setKoaParams: Middleware;
+export declare const authenticationServiceOptions: (service: AuthenticationService, settings: OauthSetupSettings) => ServiceOptions;

package/lib/utils.js

@@ -1,9 +1,94 @@
 "use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getDefaultSettings = void 0;
-const getDefaultSettings = (_app, other) => {
-    const defaults = Object.assign({ linkStrategy: 'jwt' }, other);
-    return defaults;
+exports.authenticationServiceOptions = exports.setKoaParams = exports.setExpressParams = exports.getGrantConfig = void 0;
+require("@feathersjs/koa");
+require("@feathersjs/express");
+const cookie_session_1 = __importDefault(require("cookie-session"));
+const koa_session_1 = __importDefault(require("koa-session"));
+const lodash_1 = require("lodash");
+const getGrantConfig = (service) => {
+    const { app, configuration: { oauth } } = service;
+    // Set up all the defaults
+    const port = app.get('port');
+    let host = app.get('host');
+    let protocol = 'https';
+    // Development environments commonly run on HTTP with an extended port
+    if (process.env.NODE_ENV !== 'production') {
+        protocol = 'http';
+        if (String(port) !== '80') {
+            host += `:${port}`;
+        }
+    }
+    const grant = (0, lodash_1.defaultsDeep)({}, (0, lodash_1.omit)(oauth, ['redirect', 'origins']), {
+        defaults: {
+            prefix: '/oauth',
+            origin: `${protocol}://${host}`,
+            transport: 'state',
+            response: ['tokens', 'raw', 'profile']
+        }
+    });
+    const getUrl = (url) => {
+        const { defaults } = grant;
+        return `${defaults.origin}${defaults.prefix}/${url}`;
+    };
+    (0, lodash_1.each)(grant, (value, name) => {
+        if (name !== 'defaults') {
+            value.redirect_uri = value.redirect_uri || getUrl(`${name}/callback`);
+        }
+    });
+    return grant;
+};
+exports.getGrantConfig = getGrantConfig;
+const setExpressParams = (req, res, next) => {
+    var _a;
+    (_a = req.session).destroy || (_a.destroy = () => {
+        req.session = null;
+    });
+    req.feathers = {
+        ...req.feathers,
+        session: req.session,
+        state: res.locals
+    };
+    next();
+};
+exports.setExpressParams = setExpressParams;
+const setKoaParams = async (ctx, next) => {
+    var _a;
+    (_a = ctx.session).destroy || (_a.destroy = () => {
+        ctx.session = null;
+    });
+    ctx.feathers = {
+        ...ctx.feathers,
+        session: ctx.session,
+        state: ctx.state
+    };
+    await next();
+};
+exports.setKoaParams = setKoaParams;
+const authenticationServiceOptions = (service, settings) => {
+    const { secret } = service.configuration;
+    const koaApp = service.app;
+    if (koaApp.context) {
+        koaApp.keys = [secret];
+        const { koaSession = (0, koa_session_1.default)({ key: 'feathers.oauth' }, koaApp) } = settings;
+        return {
+            koa: {
+                before: [koaSession, exports.setKoaParams]
+            }
+        };
+    }
+    const { expressSession = (0, cookie_session_1.default)({
+        name: 'feathers.oauth',
+        keys: [secret]
+    }) } = settings;
+    return {
+        express: {
+            before: [expressSession, exports.setExpressParams]
+        }
+    };
 };
-exports.getDefaultSettings = getDefaultSettings;
+exports.authenticationServiceOptions = authenticationServiceOptions;
 //# sourceMappingURL=utils.js.map

package/lib/utils.js.map

@@ -1 +1 @@
-{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":";;;AASO,MAAM,kBAAkB,GAAG,CAAC,IAAiB,EAAE,KAAmC,EAAE,EAAE;IAC3F,MAAM,QAAQ,mBACZ,YAAY,EAAE,KAAK,IAChB,KAAK,CACT,CAAC;IAEF,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AAPW,QAAA,kBAAkB,sBAO7B"}
+{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":";;;;;;AAKA,2BAAwB;AACxB,+BAA4B;AAC5B,oEAAiD;AACjD,8DAA0C;AAK1C,mCAAiD;AAS1C,MAAM,cAAc,GAAG,CAAC,OAA8B,EAAe,EAAE;IAC5E,MAAM,EACJ,GAAG,EACH,aAAa,EAAE,EAAE,KAAK,EAAE,EACzB,GAAG,OAAO,CAAA;IACX,0BAA0B;IAC1B,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;IAC5B,IAAI,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;IAC1B,IAAI,QAAQ,GAAG,OAAO,CAAA;IAEtB,sEAAsE;IACtE,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,EAAE;QACzC,QAAQ,GAAG,MAAM,CAAA;QACjB,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE;YACzB,IAAI,IAAI,IAAI,IAAI,EAAE,CAAA;SACnB;KACF;IAED,MAAM,KAAK,GAAgB,IAAA,qBAAY,EAAC,EAAE,EAAE,IAAA,aAAI,EAAC,KAAK,EAAE,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC,EAAE;QAChF,QAAQ,EAAE;YACR,MAAM,EAAE,QAAQ;YAChB,MAAM,EAAE,GAAG,QAAQ,MAAM,IAAI,EAAE;YAC/B,SAAS,EAAE,OAAO;YAClB,QAAQ,EAAE,CAAC,QAAQ,EAAE,KAAK,EAAE,SAAS,CAAC;SACvC;KACF,CAAC,CAAA;IAEF,MAAM,MAAM,GAAG,CAAC,GAAW,EAAE,EAAE;QAC7B,MAAM,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAA;QAC1B,OAAO,GAAG,QAAQ,CAAC,MAAM,GAAG,QAAQ,CAAC,MAAM,IAAI,GAAG,EAAE,CAAA;IACtD,CAAC,CAAA;IAED,IAAA,aAAI,EAAC,KAAK,EAAE,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;QAC1B,IAAI,IAAI,KAAK,UAAU,EAAE;YACvB,KAAK,CAAC,YAAY,GAAG,KAAK,CAAC,YAAY,IAAI,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,CAAA;SACtE;IACH,CAAC,CAAC,CAAA;IAEF,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAvCY,QAAA,cAAc,kBAuC1B;AAEM,MAAM,gBAAgB,GAAmB,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;;IACjE,MAAA,GAAG,CAAC,OAAO,EAAC,OAAO,QAAP,OAAO,GAAK,GAAG,EAAE;QAC3B,GAAG,CAAC,OAAO,GAAG,IAAI,CAAA;IACpB,CAAC,EAAA;IAED,GAAG,CAAC,QAAQ,GAAG;QACb,GAAG,GAAG,CAAC,QAAQ;QACf,OAAO,EAAE,GAAG,CAAC,OAAO;QACpB,KAAK,EAAE,GAAG,CAAC,MAAM;KAClB,CAAA;IAED,IAAI,EAAE,CAAA;AACR,CAAC,CAAA;AAZY,QAAA,gBAAgB,oBAY5B;AAEM,MAAM,YAAY,GAAe,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;;IAC1D,MAAA,GAAG,CAAC,OAAO,EAAC,OAAO,QAAP,OAAO,GAAK,GAAG,EAAE;QAC3B,GAAG,CAAC,OAAO,GAAG,IAAI,CAAA;IACpB,CAAC,EAAA;IAED,GAAG,CAAC,QAAQ,GAAG;QACb,GAAG,GAAG,CAAC,QAAQ;QACf,OAAO,EAAE,GAAG,CAAC,OAAO;QACpB,KAAK,EAAE,GAAG,CAAC,KAAK;KACV,CAAA;IAER,MAAM,IAAI,EAAE,CAAA;AACd,CAAC,CAAA;AAZY,QAAA,YAAY,gBAYxB;AAEM,MAAM,4BAA4B,GAAG,CAC1C,OAA8B,EAC9B,QAA4B,EACZ,EAAE;IAClB,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,aAAa,CAAA;IACxC,MAAM,MAAM,GAAG,OAAO,CAAC,GAAqB,CAAA;IAE5C,IAAI,MAAM,CAAC,OAAO,EAAE;QAClB,MAAM,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,CAAA;QAEtB,MAAM,EAAE,UAAU,GAAG,IAAA,qBAAgB,EAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,EAAE,MAAa,CAAC,EAAE,GAAG,QAAQ,CAAA;QAE5F,OAAO;YACL,GAAG,EAAE;gBACH,MAAM,EAAE,CAAC,UAAU,EAAE,oBAAY,CAAC;aACnC;SACF,CAAA;KACF;IAED,MAAM,EACJ,cAAc,GAAG,IAAA,wBAAoB,EAAC;QACpC,IAAI,EAAE,gBAAgB;QACtB,IAAI,EAAE,CAAC,MAAM,CAAC;KACf,CAAC,EACH,GAAG,QAAQ,CAAA;IAEZ,OAAO;QACL,OAAO,EAAE;YACP,MAAM,EAAE,CAAC,cAAc,EAAE,wBAAgB,CAAC;SAC3C;KACF,CAAA;AACH,CAAC,CAAA;AA/BY,QAAA,4BAA4B,gCA+BxC"}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@feathersjs/authentication-oauth",
   "description": "oAuth 1 and 2 authentication for Feathers. Powered by Grant.",
-  "version": "5.0.0-pre.9",
+  "version": "5.0.1",
   "homepage": "https://feathersjs.com",
   "main": "lib/",
   "types": "lib/",
@@ -16,7 +16,8 @@
   },
   "repository": {
     "type": "git",
-    "url": "git://github.com/feathersjs/feathers.git"
+    "url": "git://github.com/feathersjs/feathers.git",
+    "directory": "packages/authentication-oauth"
   },
   "author": {
     "name": "Feathers contributors",
@@ -42,7 +43,8 @@
   "scripts": {
     "start": "ts-node test/app",
     "prepublish": "npm run compile",
-    "compile": "shx rm -rf lib/ && tsc",
+    "pack": "npm pack --pack-destination ../generators/test/build",
+    "compile": "shx rm -rf lib/ && tsc && npm run pack",
     "test": "mocha --config ../../.mocharc.json --recursive test/**.test.ts test/**/*.test.ts"
   },
   "directories": {
@@ -52,27 +54,34 @@
     "access": "public"
   },
   "dependencies": {
-    "@feathersjs/authentication": "^5.0.0-pre.9",
-    "@feathersjs/commons": "^5.0.0-pre.9",
-    "@feathersjs/errors": "^5.0.0-pre.9",
-    "@feathersjs/express": "^5.0.0-pre.9",
-    "@feathersjs/feathers": "^5.0.0-pre.9",
-    "express-session": "^1.17.2",
-    "grant": "^5.4.16",
-    "lodash": "^4.17.21"
+    "@feathersjs/authentication": "^5.0.1",
+    "@feathersjs/commons": "^5.0.1",
+    "@feathersjs/errors": "^5.0.1",
+    "@feathersjs/express": "^5.0.1",
+    "@feathersjs/feathers": "^5.0.1",
+    "@feathersjs/koa": "^5.0.1",
+    "@feathersjs/schema": "^5.0.1",
+    "cookie-session": "^2.0.0",
+    "grant": "^5.4.21",
+    "koa-session": "^6.4.0",
+    "lodash": "^4.17.21",
+    "qs": "^6.11.1"
   },
   "devDependencies": {
-    "@feathersjs/memory": "^5.0.0-pre.9",
-    "@types/express": "^4.17.13",
-    "@types/express-session": "^1.17.4",
-    "@types/lodash": "^4.14.172",
-    "@types/mocha": "^9.0.0",
-    "@types/node": "^16.4.13",
-    "axios": "^0.21.1",
-    "mocha": "^9.0.3",
-    "shx": "^0.3.3",
-    "ts-node": "^10.1.0",
-    "typescript": "^4.3.5"
+    "@feathersjs/memory": "^5.0.1",
+    "@types/cookie-session": "^2.0.44",
+    "@types/express": "^4.17.17",
+    "@types/koa-session": "^5.10.6",
+    "@types/lodash": "^4.14.191",
+    "@types/mocha": "^10.0.1",
+    "@types/node": "^18.14.6",
+    "@types/tough-cookie": "^4.0.2",
+    "axios": "^1.3.4",
+    "mocha": "^10.2.0",
+    "shx": "^0.3.4",
+    "tough-cookie": "^4.1.2",
+    "ts-node": "^10.9.1",
+    "typescript": "^4.9.5"
   },
-  "gitHead": "3d1721a7286e6a7f37bbc38695fe45084023f13b"
+  "gitHead": "18b7f4ab0a8075572a81d78956ba1205a9795c91"
 }

package/src/index.ts

@@ -1,80 +1,49 @@
-import merge from 'lodash/merge';
-import each from 'lodash/each';
-import omit from 'lodash/omit';
-import { createDebug } from '@feathersjs/commons';
-import { Application } from '@feathersjs/feathers';
-import { OAuthStrategy, OAuthProfile } from './strategy';
-import { default as setupExpress } from './express';
-import { OauthSetupSettings, getDefaultSettings } from './utils';
+import { Application } from '@feathersjs/feathers'
+import { createDebug } from '@feathersjs/commons'
+import { resolveDispatch } from '@feathersjs/schema'
 
-const debug = createDebug('@feathersjs/authentication-oauth');
+import { OAuthStrategy, OAuthProfile } from './strategy'
+import { redirectHook, OAuthService } from './service'
+import { getGrantConfig, authenticationServiceOptions, OauthSetupSettings } from './utils'
 
-export { OauthSetupSettings, OAuthStrategy, OAuthProfile };
+const debug = createDebug('@feathersjs/authentication-oauth')
 
-export const setup = (options: OauthSetupSettings) => (app: Application) => {
-  const service = app.defaultAuthentication ? app.defaultAuthentication(options.authService) : null;
+export { OauthSetupSettings, OAuthStrategy, OAuthProfile }
 
-  if (!service) {
-    throw new Error('An authentication service must exist before registering @feathersjs/authentication-oauth');
-  }
-
-  const { oauth } = service.configuration;
-
-  if (!oauth) {
-    debug('No oauth configuration found in authentication configuration. Skipping oAuth setup.');
-    return;
-  }
-
-  const { strategyNames } = service;
-
-  // Set up all the defaults
-  const { prefix = '/oauth' } = oauth.defaults || {};
-  const port = app.get('port');
-  let host = app.get('host');
-  let protocol = 'https';
+export const oauth =
+  (settings: Partial<OauthSetupSettings> = {}) =>
+  (app: Application) => {
+    const authService = app.defaultAuthentication ? app.defaultAuthentication(settings.authService) : null
 
-  // Development environments commonly run on HTTP with an extended port
-  if (app.get('env') === 'development') {
-    protocol = 'http';
-    if (String(port) !== '80') {
-      host += `:${port}`;
+    if (!authService) {
+      throw new Error(
+        'An authentication service must exist before registering @feathersjs/authentication-oauth'
+      )
     }
-  }
 
-  const grant = merge({
-    defaults: {
-      prefix,
-      origin: `${protocol}://${host}`,
-      transport: 'session',
-      response: ['tokens', 'raw', 'profile']
+    if (!authService.configuration.oauth) {
+      debug('No oauth configuration found in authentication configuration. Skipping oAuth setup.')
+      return
     }
-  }, omit(oauth, 'redirect'));
-
-  const getUrl = (url: string) => {
-    const { defaults } = grant;
-    return `${defaults.origin}${prefix}/${url}`;
-  };
-
-  each(grant, (value, name) => {
-    if (name !== 'defaults') {
-      value.callback = value.callback || getUrl(`${name}/authenticate`);
-      value.redirect_uri = value.redirect_uri || getUrl(`${name}/callback`);
 
-      if (!strategyNames.includes(name)) {
-        debug(`Registering oAuth default strategy for '${name}'`);
-        service.register(name, new OAuthStrategy());
-      }
+    const oauthOptions = {
+      linkStrategy: 'jwt',
+      ...settings
     }
-  });
 
-  app.set('grant', grant);
-};
+    const grantConfig = getGrantConfig(authService)
+    const serviceOptions = authenticationServiceOptions(authService, oauthOptions)
+    const servicePath = `${grantConfig.defaults.prefix || 'oauth'}/:provider`
 
-export const express = (settings: Partial<OauthSetupSettings> = {}) => (app: Application) => {
-  const options = getDefaultSettings(app, settings);
+    app.use(servicePath, new OAuthService(authService, oauthOptions), serviceOptions)
 
-  app.configure(setup(options));
-  app.configure(setupExpress(options));
-};
+    const oauthService = app.service(servicePath)
 
-export const expressOauth = express;
+    oauthService.hooks({
+      around: { all: [resolveDispatch(), redirectHook()] }
+    })
+
+    if (typeof oauthService.publish === 'function') {
+      app.service(servicePath).publish(() => null)
+    }
+  }

package/src/service.ts

@@ -0,0 +1,179 @@
+import { createDebug } from '@feathersjs/commons'
+import { HookContext, NextFunction, Params } from '@feathersjs/feathers'
+import { FeathersError } from '@feathersjs/errors'
+// eslint-disable-next-line @typescript-eslint/ban-ts-comment
+//@ts-ignore
+import Grant from 'grant/lib/grant'
+import { AuthenticationService } from '@feathersjs/authentication'
+import { OAuthStrategy } from './strategy'
+import { getGrantConfig, OauthSetupSettings } from './utils'
+
+const debug = createDebug('@feathersjs/authentication-oauth/services')
+
+export type GrantResponse = {
+  location: string
+  session: any
+  state: any
+}
+
+export type OAuthParams = Omit<Params, 'route'> & {
+  session: any
+  state: Record<string, any>
+  route: {
+    provider: string
+  }
+}
+
+export class OAuthError extends FeathersError {
+  constructor(message: string, data: any, public location: string) {
+    super(message, 'NotAuthenticated', 401, 'not-authenticated', data)
+  }
+}
+
+export const redirectHook = () => async (context: HookContext, next: NextFunction) => {
+  try {
+    await next()
+
+    const { location } = context.result
+
+    debug(`oAuth redirect to ${location}`)
+
+    if (location) {
+      context.http = {
+        ...context.http,
+        location
+      }
+    }
+  } catch (error: any) {
+    if (error.location) {
+      context.http = {
+        ...context.http,
+        location: error.location
+      }
+      context.result = typeof error.toJSON === 'function' ? error.toJSON() : error
+    } else {
+      throw error
+    }
+  }
+}
+
+export class OAuthService {
+  grant: any
+
+  constructor(public service: AuthenticationService, public settings: OauthSetupSettings) {
+    const config = getGrantConfig(service)
+
+    this.grant = Grant({ config })
+  }
+
+  async handler(method: string, params: OAuthParams, body?: any, override?: string): Promise<GrantResponse> {
+    const {
+      session,
+      state,
+      query,
+      route: { provider }
+    } = params
+
+    const result: GrantResponse = await this.grant({
+      params: { provider, override },
+      state: state.grant,
+      session: session.grant,
+      query,
+      method,
+      body
+    })
+
+    session.grant = result.session
+    state.grant = result.state
+
+    return result
+  }
+
+  async authenticate(params: OAuthParams, result: GrantResponse) {
+    const name = params.route.provider
+    const { linkStrategy, authService } = this.settings
+    const { accessToken, grant, headers, query = {}, redirect } = params.session
+    const strategy = this.service.getStrategy(name) as OAuthStrategy
+    const authParams = {
+      ...params,
+      headers,
+      authStrategies: [name],
+      authentication: accessToken
+        ? {
+            strategy: linkStrategy,
+            accessToken
+          }
+        : null,
+      query,
+      redirect
+    }
+    const payload = grant?.response || result?.session?.response || result?.state?.response || params.query
+    const authentication = {
+      strategy: name,
+      ...payload
+    }
+
+    try {
+      debug(`Calling ${authService}.create authentication with strategy ${name}`)
+
+      const authResult = await this.service.create(authentication, authParams)
+
+      debug('Successful oAuth authentication, sending response')
+
+      const location = await strategy.getRedirect(authResult, authParams)
+
+      if (typeof params.session.destroy === 'function') {
+        await params.session.destroy()
+      }
+
+      return {
+        ...authResult,
+        location
+      }
+    } catch (error: any) {
+      const location = await strategy.getRedirect(error, authParams)
+      const e = new OAuthError(error.message, error.data, location)
+
+      if (typeof params.session.destroy === 'function') {
+        await params.session.destroy()
+      }
+
+      e.stack = error.stack
+      throw e
+    }
+  }
+
+  async find(params: OAuthParams) {
+    const { session, query, headers } = params
+    const { feathers_token, redirect, ...restQuery } = query
+    const handlerParams = {
+      ...params,
+      query: restQuery
+    }
+
+    if (feathers_token) {
+      debug('Got feathers_token query parameter to link accounts', feathers_token)
+      session.accessToken = feathers_token
+    }
+
+    session.redirect = redirect
+    session.query = restQuery
+    session.headers = headers
+
+    return this.handler('GET', handlerParams, {})
+  }
+
+  async get(override: string, params: OAuthParams) {
+    const result = await this.handler('GET', params, {}, override)
+
+    if (override === 'callback') {
+      return this.authenticate(params, result)
+    }
+
+    return result
+  }
+
+  async create(data: any, params: OAuthParams) {
+    return this.handler('POST', params, data)
+  }
+}