@friggframework/core 0.2.31-v1-alpha-package-update.0 → 1.0.1-v1-alpha-package-update.1

package/module-plugin/auther.js

@@ -0,0 +1,342 @@
+// Manages authorization and credential persistence
+// Instantiation of an API Class
+// Expects input object like this:
+// const authDef = {
+//     API: class anAPI{},
+//     moduleName: 'anAPI', //maybe not required
+//     requiredAuthMethods: {
+//         // oauth methods, how to handle these being required/not?
+//         getToken: async function(params, callbackParams, tokenResponse) {},
+//         // required for all Auth methods
+//         getEntityDetails: async function(params) {}, //probably calls api method
+//         getCredentialDetails: async function(params) {}, // might be same as above
+//         apiParamsFromCredential: function(params) {},
+//         testAuth: async function() {}, // basic request to testAuth
+//     },
+//     env: {
+//         client_id: process.env.HUBSPOT_CLIENT_ID,
+//         client_secret: process.env.HUBSPOT_CLIENT_SECRET,
+//         scope: process.env.HUBSPOT_SCOPE,
+//         redirect_uri: `${process.env.REDIRECT_URI}/an-api`,
+//     }
+// };
+
+//TODO:
+// 1. Add definition of expected params to API Class (or could just be credential?)
+// 2.
+
+
+const { Delegate } = require('../core');
+const { get } = require('../assertions');
+const _ = require('lodash');
+const {flushDebugLog} = require('../logs');
+const { Credential } = require('./credential');
+const { Entity } = require('./entity');
+const { mongoose } = require('../database/mongoose');
+const {ModuleConstants} = require("./ModuleConstants");
+
+class Auther extends Delegate {
+    static validateDefinition(definition) {
+        if (!definition) {
+            throw new Error('Auther definition is required');
+        }
+        if (!definition.moduleName) {
+            throw new Error('Auther definition requires moduleName');
+        }
+        if (!definition.API) {
+            throw new Error('Auther definition requires API class');
+        }
+        // if (!definition.Credential) {
+        //     throw new Error('Auther definition requires Credential class');
+        // }
+        // if (!definition.Entity) {
+        //     throw new Error('Auther definition requires Entity class');
+        // }
+        if (!definition.requiredAuthMethods) {
+            throw new Error('Auther definition requires requiredAuthMethods');
+        } else {
+            if (definition.API.requesterType === ModuleConstants.authType.oauth2 &&
+                !definition.requiredAuthMethods.getToken) {
+                throw new Error('Auther definition requires requiredAuthMethods.getToken');
+            }
+            if (!definition.requiredAuthMethods.getEntityDetails) {
+                throw new Error('Auther definition requires requiredAuthMethods.getEntityDetails');
+            }
+            if (!definition.requiredAuthMethods.getCredentialDetails) {
+                throw new Error('Auther definition requires requiredAuthMethods.getCredentialDetails');
+            }
+            if (!definition.requiredAuthMethods.apiPropertiesToPersist) {
+                throw new Error('Auther definition requires requiredAuthMethods.apiPropertiesToPersist');
+            } else if (definition.Credential){
+                for (const prop of definition.requiredAuthMethods.apiPropertiesToPersist?.credential) {
+                    if (!definition.Credential.schema.paths.hasOwnProperty(prop)) {
+                        throw new Error(
+                            `Auther definition requires Credential schema to have property ${prop}`
+                        );
+                    }
+                }
+            }
+            if (!definition.requiredAuthMethods.testAuthRequest) {
+                throw new Error('Auther definition requires requiredAuthMethods.testAuth');
+            }
+        }
+    }
+
+    constructor(params) {
+        super(params);
+        this.userId = get(params, 'userId', null); // Making this non-required
+        const definition = get(params, 'definition');
+        Auther.validateDefinition(definition);
+        Object.assign(this, definition.requiredAuthMethods);
+        this.name = definition.moduleName;
+        this.modelName = definition.modelName;
+        this.apiClass = definition.API;
+        this.CredentialModel = definition.Credential || this.getCredentialModel();
+        this.EntityModel = definition.Entity || this.getEntityModel();
+    }
+
+    static async getInstance(params) {
+        const instance = new this(params);
+        if (params.entityId) {
+            instance.entity = await instance.EntityModel.findById(params.entityId);
+            instance.credential = await instance.CredentialModel.findById(
+                instance.entity.credential
+            );
+        } else if (params.credentialId) {
+            instance.credential = await instance.CredentialModel.findById(
+                params.credentialId
+            );
+        }
+        let credential = {};
+        let entity = {};
+        if (instance.credential) {
+            credential = instance.credential.toObject();
+        }
+        if (instance.entity) {
+            entity = instance.entity.toObject();
+        }
+        const apiParams = {
+            ...params.definition.env,
+            delegate: instance,
+            ...instance.apiParamsFromCredential(credential),
+            ...instance.apiParamsFromEntity(entity),
+        };
+        instance.api = new instance.apiClass(apiParams);
+        return instance;
+    }
+
+    static getEntityModelFromDefinition(definition) {
+        const partialModule = new this({definition});
+        return partialModule.getEntityModel();
+    }
+
+    getName() {
+        return this.name;
+    }
+
+    apiParamsFromCredential(credential) {
+        return _.pick(credential, ...this.apiPropertiesToPersist?.credential);
+    }
+
+    apiParamsFromEntity(entity) {
+        return _.pick(entity, ...this.apiPropertiesToPersist?.entity);
+    }
+
+    getEntityModel() {
+        if (!this.EntityModel) {
+            const prefix = this.modelName ?? _.upperFirst(this.getName());
+            const arrayToDefaultObject = (array, defaultValue) => _.mapValues(_.keyBy(array), () => defaultValue);
+            const schema = new mongoose.Schema(arrayToDefaultObject(this.apiPropertiesToPersist.entity, {
+                type: mongoose.Schema.Types.Mixed,
+                trim: true,
+            }));
+            const name = `${prefix}Entity`;
+            this.EntityModel =
+                Entity.discriminators?.[name] || Entity.discriminator(name, schema);
+        }
+        return this.EntityModel;
+    }
+
+    getCredentialModel() {
+        if (!this.CredentialModel) {
+            const arrayToDefaultObject = (array, defaultValue) => _.mapValues(_.keyBy(array), () => defaultValue);
+            const schema = new mongoose.Schema(arrayToDefaultObject(this.apiPropertiesToPersist.credential, {
+                type: mongoose.Schema.Types.Mixed,
+                trim: true,
+                lhEncrypt: true
+            }));
+            const prefix = this.modelName ?? _.upperFirst(this.getName());
+            const name = `${prefix}Credential`;
+            this.CredentialModel =
+                Credential.discriminators?.[name] || Credential.discriminator(name, schema);
+        }
+        return this.CredentialModel;
+    }
+
+    async getEntitiesForUserId(userId) {
+        // Only return non-internal fields. Leverages "select" and "options" to non-excepted fields and a pure object.
+        const list = await this.EntityModel.find(
+            { user: userId },
+            '-dateCreated -dateUpdated -user -credentials -credential -__t -__v',
+            { lean: true }
+        );
+        console.log('getEntitiesForUserId list', list, userId);
+        return list.map((entity) => ({
+            id: entity._id,
+            type: this.getName(),
+            ...entity,
+        }));
+    }
+
+    async validateAuthorizationRequirements() {
+        const requirements = await this.getAuthorizationRequirements();
+        let valid = true;
+        if (['oauth1', 'oauth2'].includes(requirements.type) && !requirements.url) {
+            valid = false;
+        }
+        return valid;
+    }
+
+    getAuthorizationRequirements(params) {
+        // TODO: How can this be more helpful both to implement and consume
+        // this function must return a dictionary with the following format
+        // node only url key is required. Data would be used for Base Authentication
+        // let returnData = {
+        //     url: "callback url for the data or teh redirect url for login",
+        //     type: one of the types defined in modules/Constants.js
+        //     data: ["required", "fields", "we", "may", "need"]
+        // }
+        return this.api.getAuthorizationRequirements();
+    }
+
+    async testAuth(params) {
+        let validAuth = false;
+        try {
+            if (await this.testAuthRequest(this.api)) validAuth = true;
+        } catch (e) {
+            flushDebugLog(e);
+        }
+        return validAuth;
+    }
+
+    async processAuthorizationCallback(params) {
+        let tokenResponse;
+        if (this.apiClass.requesterType === ModuleConstants.authType.oauth2) {
+            tokenResponse = await this.getToken(this.api, params);
+        } else {
+            tokenResponse = await this.setAuthParams(this.api, params);
+            await this.onTokenUpdate();
+        }
+        const authRes = await this.testAuth();
+        if (!authRes) {
+            throw new Error('Authorization failed');
+        }
+        const entityDetails = await this.getEntityDetails(
+            this.api, params, tokenResponse, this.userId
+        );
+        Object.assign(entityDetails.details, this.apiParamsFromEntity(this.api));
+        await this.findOrCreateEntity(entityDetails);
+        return {
+            credential_id: this.credential.id,
+            entity_id: this.entity.id,
+            type: this.getName(),
+        }
+    }
+
+    async onTokenUpdate() {
+        const credentialDetails = await this.getCredentialDetails(this.api, this.userId);
+        Object.assign(credentialDetails.details, this.apiParamsFromCredential(this.api));
+        credentialDetails.details.auth_is_valid = true;
+        await this.updateOrCreateCredential(credentialDetails);
+    }
+
+    async receiveNotification(notifier, delegateString, object = null) {
+        if (delegateString === this.api.DLGT_TOKEN_UPDATE) {
+            await this.onTokenUpdate();
+        }
+        else if (delegateString === this.api.DLGT_TOKEN_DEAUTHORIZED) {
+            await this.deauthorize();
+        }
+        else if (delegateString === this.api.DLGT_INVALID_AUTH) {
+            await this.markCredentialsInvalid();
+        }
+    }
+
+    async getEntityOptions() {
+        // May not be needed if the callback already creates the entity, such as in situations
+        // like HubSpot where the account is determined in the authorization flow.
+        // This should only be used in situations such as FreshBooks where the user needs to make
+        // an account decision on the front end.
+        throw new Error(
+            'Entity requirement method getEntityOptions() is not defined in the class'
+        );
+    }
+
+    async findOrCreateEntity(entityDetails) {
+        const identifiers = get(entityDetails, 'identifiers');
+        const details = get(entityDetails, 'details');
+        const search = await this.EntityModel.find(identifiers);
+        if (search.length > 1) {
+            throw new Error(
+                'Multiple entities found with the same identifiers: ' + JSON.stringify(identifiers)
+            );
+        }
+        else if (search.length === 0) {
+            this.entity = await this.EntityModel.create({
+                credential: this.credential.id,
+                ...details,
+                ...identifiers,
+            });
+        } else if (search.length === 1) {
+            this.entity = search[0];
+        }
+        if (this.entity.credential === undefined) {
+            this.entity.credential = this.credential.id;
+            await this.entity.save();
+        }
+    }
+
+    async updateOrCreateCredential(credentialDetails) {
+        const identifiers = get(credentialDetails, 'identifiers');
+        const details = get(credentialDetails, 'details');
+
+        if (!this.credential){
+            const credentialSearch = await this.CredentialModel.find(identifiers);
+            if (credentialSearch.length > 1) {
+                throw new Error(`Multiple credentials found with same identifiers: ${identifiers}`);
+            }
+            else if (credentialSearch.length === 1) {
+                // found exactly one credential with these identifiers
+                this.credential = credentialSearch[0];
+            }
+            else {
+                // found no credential with these identifiers (match none for insert)
+                this.credential = {$exists: false};
+            }
+        }
+        // update credential or create if none was found
+        this.credential = await this.CredentialModel.findOneAndUpdate(
+            {_id: this.credential},
+            {$set: {...identifiers, ...details}},
+            {useFindAndModify: true, new: true, upsert: true}
+        );
+    }
+
+    async markCredentialsInvalid() {
+        if (this.credential) {
+            this.credential.auth_is_valid = false;
+            await this.credential.save();
+        }
+    }
+
+    async deauthorize() {
+        this.api = new this.apiClass();
+        if (this.entity?.credential) {
+            await this.CredentialModel.deleteOne({ _id: this.entity.credential });
+            this.entity.credential = undefined;
+            await this.entity.save();
+        }
+    }
+}
+
+module.exports = { Auther };

package/module-plugin/credential.js

@@ -0,0 +1,22 @@
+const { mongoose } = require('../database/mongoose');
+const { Encrypt } = require('../encrypt');
+
+const schema = new mongoose.Schema(
+    {
+        user: {
+            type: mongoose.Schema.Types.ObjectId,
+            ref: 'User',
+            required: false,
+        },
+        subType: { type: String },
+        auth_is_valid: { type: Boolean },
+        externalId: { type: String }, // Used for lookups, identifying the owner of the credential
+    },
+    { timestamps: true }
+);
+
+schema.plugin(Encrypt);
+
+const Credential =
+    mongoose.models.Credential || mongoose.model('Credential', schema);
+module.exports = { Credential };

package/module-plugin/entity-manager.js

@@ -0,0 +1,70 @@
+const { loadInstalledModules, Delegate } = require('../core');
+
+const { Entity } = require('./entity');
+const { ModuleManager } = require('./manager');
+
+class EntityManager {
+    static primaryEntityClass = null; //primaryEntity;
+
+    static entityManagerClasses = loadInstalledModules().map(
+        (m) => m.EntityManager
+    );
+
+    static entityTypes = EntityManager.entityManagerClasses.map(
+        (ManagerClass) => ManagerClass.getName()
+    );
+
+    static async getEntitiesForUser(userId) {
+        const results = [];
+        for (const Manager of this.entityManagerClasses) {
+            results.push(...(await Manager.getEntitiesForUserId(userId)));
+        }
+        return results;
+    }
+
+    static checkIsValidType(entityType) {
+        const indexOfEntity = EntityManager.entityTypes.indexOf(entityType);
+        return indexOfEntity >= 0;
+    }
+
+    static getEntityManagerClass(entityType = '') {
+        const normalizedType = entityType.toLowerCase();
+
+        const indexOfEntityType =
+            EntityManager.entityTypes.indexOf(normalizedType);
+        if (!EntityManager.checkIsValidType(normalizedType)) {
+            throw new Error(
+                `Error: Invalid entity type of ${normalizedType}, options are ${EntityManager.entityTypes.join(
+                    ', '
+                )}`
+            );
+        }
+
+        const managerClass =
+            EntityManager.entityManagerClasses[indexOfEntityType];
+
+        if (!(managerClass.prototype instanceof ModuleManager)) {
+            throw new Error('The Entity is not an instance of ModuleManager');
+        }
+
+        return managerClass;
+    }
+
+    static async getEntityManagerInstanceFromEntityId(entityId, userId) {
+        const entityMO = new Entity();
+        const entity = await entityMO.get(entityId);
+        let entityManagerClass;
+        for (const Manager of this.entityManagerClasses) {
+            if (entity instanceof Manager.Entity.Model) {
+                entityManagerClass = Manager;
+            }
+        }
+        const instance = await entityManagerClass.getInstance({
+            userId,
+            entityId,
+        });
+        return instance;
+    }
+}
+
+module.exports = { EntityManager };

package/module-plugin/entity.js

@@ -0,0 +1,46 @@
+const { mongoose } = require('../database/mongoose');
+const schema = new mongoose.Schema(
+    {
+        credential: {
+            type: mongoose.Schema.Types.ObjectId,
+            ref: 'Credential',
+            required: false,
+        },
+        subType: { type: String },
+        user: {
+            type: mongoose.Schema.Types.ObjectId,
+            ref: 'User',
+            required: false,
+        },
+        name: { type: String },
+        externalId: { type: String },
+    },
+    { timestamps: true }
+);
+
+schema.static({
+    findByUserId: async function (userId) {
+        const entities = await this.find({ user: userId });
+        if (entities.length === 0) {
+            return null;
+        } else if (entities.length === 1) {
+            return entities[0];
+        } else {
+            throw new Error('multiple entities with same userId');
+        }
+    },
+    findAllByUserId(userId) {
+        return this.find({ user: userId });
+    },
+    upsert: async function (filter, obj) {
+        return this.findOneAndUpdate(filter, obj, {
+            new: true,
+            upsert: true,
+            setDefaultsOnInsert: true,
+        });
+    },
+});
+
+const Entity = mongoose.models.Entity || mongoose.model('Entity', schema);
+
+module.exports = { Entity };

package/module-plugin/index.js

@@ -0,0 +1,25 @@
+const { Credential } = require('./credential');
+const { EntityManager } = require('./entity-manager');
+const { Entity } = require('./entity');
+const { ModuleManager } = require('./manager');
+const { ApiKeyRequester } = require('./requester/api-key');
+const { BasicAuthRequester } = require('./requester/basic');
+const { OAuth2Requester } = require('./requester/oauth-2');
+const { Requester } = require('./requester/requester');
+const { ModuleConstants } = require('./ModuleConstants');
+const { ModuleFactory } = require('./module-factory');
+const { Auther } = require('./auther');
+
+module.exports = {
+    Credential,
+    EntityManager,
+    Entity,
+    ModuleManager,
+    ApiKeyRequester,
+    BasicAuthRequester,
+    OAuth2Requester,
+    Requester,
+    ModuleConstants,
+    ModuleFactory,
+    Auther
+};

package/module-plugin/jest-setup.js

@@ -0,0 +1,3 @@
+require('dotenv').config();
+const { globalSetup } = require('../test-environment');
+module.exports = globalSetup;

package/module-plugin/jest-teardown.js

@@ -0,0 +1,2 @@
+const { globalTeardown } = require('../test-environment');
+module.exports = globalTeardown;

package/module-plugin/jest.config.js

@@ -0,0 +1,20 @@
+/*
+ * For a detailed explanation regarding each configuration property, visit:
+ * https://jestjs.io/docs/configuration
+ */
+module.exports = {
+    // preset: '@friggframework/test-environment',
+    coverageThreshold: {
+        global: {
+            statements: 13,
+            branches: 0,
+            functions: 1,
+            lines: 13,
+        },
+    },
+    // A path to a module which exports an async function that is triggered once before all test suites
+    globalSetup: './jest-setup.js',
+
+    // A path to a module which exports an async function that is triggered once after all test suites
+    globalTeardown: './jest-teardown.js',
+};