@friggframework/core 2.0.0--canary.397.84ecb0e.0 → 2.0.0--canary.398.bdb6d27.0

package/integrations/integration-user.js

@@ -0,0 +1,144 @@
+const bcrypt = require('bcryptjs');
+const crypto = require('crypto');
+const { get } = require('../assertions');
+const { Token } = require('../database/models/Token');
+const { IndividualUser } = require('../database/models/IndividualUser');
+const { OrganizationUser } = require('../database/models/OrganizationUser');
+const Boom = require('@hapi/boom');
+
+class User {
+    static IndividualUser = IndividualUser;
+    static OrganizationUser = OrganizationUser;
+    static Token = Token;
+    static usePassword = false
+    static primary = User.IndividualUser;
+    static individualUserRequired = true;
+    static organizationUserRequired = false;
+
+    constructor() {
+        this.user = null;
+        this.individualUser = null;
+        this.organizationUser = null;
+    }
+
+    getPrimaryUser() {
+        if (User.primary === User.OrganizationUser) {
+            return this.organizationUser;
+        }
+        return this.individualUser;
+    }
+
+    getUserId() {
+        return this.getPrimaryUser()?.id;
+    }
+
+    isLoggedIn() {
+        return Boolean(this.getUserId());
+    }
+
+    async createUserToken(minutes) {
+        const rawToken = crypto.randomBytes(20).toString('hex');
+        const createdToken = await User.Token.createTokenWithExpire(this.getUserId(), rawToken, 120);
+        const tokenBuf = User.Token.createBase64BufferToken(createdToken, rawToken);
+        return tokenBuf;
+    }
+
+    static async newUser(params={}) {
+        const user = new User();
+        const token = get(params, 'token', null);
+        if (token) {
+            const jsonToken = this.Token.getJSONTokenFromBase64BufferToken(token);
+            const sessionToken = await this.Token.validateAndGetTokenFromJSONToken(jsonToken);
+            if (this.primary === User.OrganizationUser) {
+                user.organizationUser = await this.OrganizationUser.findById(sessionToken.user);
+            } else {
+                user.individualUser = await this.IndividualUser.findById(sessionToken.user);
+            }
+        }
+        return user;
+    }
+
+    static async createIndividualUser(params) {
+        const user = await this.newUser(params);
+        let hashword;
+        if (this.usePassword) {
+            hashword = get(params, 'password');
+        }
+
+        const email = get(params, 'email', null);
+        const username = get(params, 'username', null);
+        if (!email && !username) {
+            throw Boom.badRequest('email or username is required');
+        }
+
+        const appUserId = get(params, 'appUserId', null);
+        const organizationUserId = get(params, 'organizationUserId', null);
+
+        user.individualUser = await this.IndividualUser.create({
+            email,
+            username,
+            hashword,
+            appUserId,
+            organizationUser: organizationUserId,
+        });
+        return user;
+    }
+
+    static async createOrganizationUser(params) {
+        const user = await this.newUser(params);
+        const name = get(params, 'name');
+        const appOrgId = get(params, 'appOrgId');
+        user.organizationUser = await this.OrganizationUser.create({
+            name,
+            appOrgId,
+        });
+        return user;
+    }
+
+    static async loginUser(params) {
+        const user = await this.newUser(params);
+
+        if (this.usePassword){
+            const username = get(params, 'username');
+            const password = get(params, 'password');
+
+            const individualUser = await this.IndividualUser.findOne({username});
+
+            if (!individualUser) {
+                throw Boom.unauthorized('incorrect username or password');
+            }
+
+            const isValid = await bcrypt.compareSync(password, individualUser.hashword);
+            if (!isValid) {
+                throw Boom.unauthorized('incorrect username or password');
+            }
+            user.individualUser = individualUser;
+        }
+        else {
+            const appUserId = get(params, 'appUserId', null);
+            user.individualUser = await this.IndividualUser.getUserByAppUserId(
+                appUserId
+            );
+        }
+
+        const appOrgId = get(params, 'appOrgId', null);
+        user.organizationUser = await this.OrganizationUser.getUserByAppOrgId(
+            appOrgId
+        );
+
+        if (this.individualUserRequired) {
+            if (!user.individualUser) {
+                throw Boom.unauthorized('user not found');
+            }
+        }
+
+        if (this.organizationUserRequired) {
+            if (!user.organizationUser) {
+                throw Boom.unauthorized(`org user ${appOrgId} not found`);
+            }
+        }
+        return user;
+    }
+}
+
+module.exports = User;

package/integrations/options.js

@@ -1,5 +1,5 @@
 const { RequiredPropertyError } = require('../errors');
-const { get } = require('../assertions');
+const { get, getAndVerifyType } = require('../assertions');
 
 class Options {
     constructor(params) {

package/integrations/test/integration-base.test.js

@@ -0,0 +1,144 @@
+const _ = require('lodash');
+const { mongoose } = require('../../database/mongoose');
+const { expect } = require('chai');
+const { IntegrationBase } = require("../integration-base");
+const {Credential} = require('../../module-plugin/credential');
+const {Entity} = require('../../module-plugin/entity');
+const { IntegrationMapping } = require('../integration-mapping')
+const {IntegrationModel} = require("../integration-model");
+
+describe(`Should fully test the IntegrationBase Class`, () => {
+    let integrationRecord;
+    let userId;
+    const integration = new IntegrationBase;
+
+    beforeAll(async () => {
+        await mongoose.connect(process.env.MONGO_URI);
+        userId = new mongoose.Types.ObjectId();
+        const credential = await Credential.findOneAndUpdate(
+            {
+                user: this.userId,
+            },
+            { $set: { user: this.userId } },
+            {
+                new: true,
+                upsert: true,
+                setDefaultsOnInsert: true,
+            }
+        );
+        const entity1 = await Entity.findOneAndUpdate(
+            {
+                user: this.userId,
+            },
+            {
+                $set: {
+                    credential: credential.id,
+                    user: userId,
+                },
+            },
+            {
+                new: true,
+                upsert: true,
+                setDefaultsOnInsert: true,
+            }
+        );
+        const entity2 = await Entity.findOneAndUpdate(
+            {
+                user: userId,
+            },
+            {
+                $set: {
+                    credential: credential.id,
+                    user: userId,
+                },
+            },
+            {
+                new: true,
+                upsert: true,
+                setDefaultsOnInsert: true,
+            }
+        );
+        integrationRecord = await IntegrationModel.create({
+            entities: [entity1, entity2],
+            user: userId
+        });
+        integration.record = integrationRecord;
+    });
+
+    afterAll(async () => {
+        await Entity.deleteMany();
+        await Credential.deleteMany();
+        await IntegrationMapping.deleteMany();
+        await IntegrationModel.deleteMany();
+        await mongoose.disconnect();
+    });
+
+    beforeEach(() => {
+        integration.record = integrationRecord;
+    })
+
+    describe('getIntegrationMapping()', () => {
+        it('should return null if not found', async () => {
+            const mappings = await integration.getMapping('badId');
+            expect(mappings).to.be.null;
+        });
+
+        it('should return if valid ids', async () => {
+            await integration.upsertMapping('validId', {});
+            const mapping = await integration.getMapping('validId');
+            expect(mapping).to.eql({})
+        });
+    })
+
+    describe('upsertIntegrationMapping()', () => {
+        it('should throw error if sourceId is null', async () => {
+            try {
+                await integration.upsertMapping( null, {});
+                fail('should have thrown error')
+            } catch(err) {
+                expect(err.message).to.contain('sourceId must be set');
+            }
+        });
+
+        it('should return for empty mapping', async () => {
+            const mapping = await integration.upsertMapping( 'validId2', {});
+            expect(_.pick(mapping, ['integration', 'sourceId', 'mapping'])).to.eql({
+                integration: integrationRecord._id,
+                sourceId: 'validId2',
+                mapping: {}
+            })
+        });
+
+        it('should return for filled mapping', async () => {
+            const mapping = await integration.upsertMapping('validId3', {
+                name: 'someName',
+                value: 5
+            });
+            expect(_.pick(mapping, ['integration', 'sourceId', 'mapping'])).to.eql({
+                integration: integrationRecord._id,
+                sourceId: 'validId3',
+                mapping: {
+                    name: 'someName',
+                    value: 5
+                }
+            })
+        });
+
+        it('should allow upserting to same id', async () => {
+            await integration.upsertMapping('validId4', {});
+            const mapping = await integration.upsertMapping('validId4', {
+                name: 'trustMe',
+                thisWorks: true,
+            });
+            expect(_.pick(mapping, ['integration', 'sourceId', 'mapping'])).to.eql({
+                integration: integrationRecord._id,
+                sourceId: 'validId4',
+                mapping: {
+                    name: 'trustMe',
+                    thisWorks: true,
+                }
+            })
+        });
+    })
+
+});

package/module-plugin/auther.js

@@ -0,0 +1,393 @@
+// Manages authorization and credential persistence
+// Instantiation of an API Class
+// Expects input object like this:
+// const authDef = {
+//     API: class anAPI{},
+//     moduleName: 'anAPI', //maybe not required
+//     requiredAuthMethods: {
+//         // oauth methods, how to handle these being required/not?
+//         getToken: async function(params, callbackParams, tokenResponse) {},
+//         // required for all Auth methods
+//         getEntityDetails: async function(params) {}, //probably calls api method
+//         getCredentialDetails: async function(params) {}, // might be same as above
+//         apiParamsFromCredential: function(params) {},
+//         testAuth: async function() {}, // basic request to testAuth
+//     },
+//     env: {
+//         client_id: process.env.HUBSPOT_CLIENT_ID,
+//         client_secret: process.env.HUBSPOT_CLIENT_SECRET,
+//         scope: process.env.HUBSPOT_SCOPE,
+//         redirect_uri: `${process.env.REDIRECT_URI}/an-api`,
+//     }
+// };
+
+//TODO:
+// 1. Add definition of expected params to API Class (or could just be credential?)
+// 2.
+
+const { Delegate } = require('../core');
+const { get } = require('../assertions');
+const _ = require('lodash');
+const { flushDebugLog } = require('../logs');
+const { Credential } = require('./credential');
+const { Entity } = require('./entity');
+const { mongoose } = require('../database/mongoose');
+const { ModuleConstants } = require('./ModuleConstants');
+
+class Auther extends Delegate {
+    static validateDefinition(definition) {
+        if (!definition) {
+            throw new Error('Auther definition is required');
+        }
+        if (!definition.moduleName) {
+            throw new Error('Auther definition requires moduleName');
+        }
+        if (!definition.API) {
+            throw new Error('Auther definition requires API class');
+        }
+        // if (!definition.Credential) {
+        //     throw new Error('Auther definition requires Credential class');
+        // }
+        // if (!definition.Entity) {
+        //     throw new Error('Auther definition requires Entity class');
+        // }
+        if (!definition.requiredAuthMethods) {
+            throw new Error('Auther definition requires requiredAuthMethods');
+        } else {
+            if (
+                definition.API.requesterType ===
+                    ModuleConstants.authType.oauth2 &&
+                !definition.requiredAuthMethods.getToken
+            ) {
+                throw new Error(
+                    'Auther definition requires requiredAuthMethods.getToken'
+                );
+            }
+            if (!definition.requiredAuthMethods.getEntityDetails) {
+                throw new Error(
+                    'Auther definition requires requiredAuthMethods.getEntityDetails'
+                );
+            }
+            if (!definition.requiredAuthMethods.getCredentialDetails) {
+                throw new Error(
+                    'Auther definition requires requiredAuthMethods.getCredentialDetails'
+                );
+            }
+            if (!definition.requiredAuthMethods.apiPropertiesToPersist) {
+                throw new Error(
+                    'Auther definition requires requiredAuthMethods.apiPropertiesToPersist'
+                );
+            } else if (definition.Credential) {
+                for (const prop of definition.requiredAuthMethods
+                    .apiPropertiesToPersist?.credential) {
+                    if (
+                        !definition.Credential.schema.paths.hasOwnProperty(prop)
+                    ) {
+                        throw new Error(
+                            `Auther definition requires Credential schema to have property ${prop}`
+                        );
+                    }
+                }
+            }
+            if (!definition.requiredAuthMethods.testAuthRequest) {
+                throw new Error(
+                    'Auther definition requires requiredAuthMethods.testAuth'
+                );
+            }
+        }
+    }
+
+    constructor(params) {
+        super(params);
+        this.userId = get(params, 'userId', null); // Making this non-required
+        const definition = get(params, 'definition');
+        Auther.validateDefinition(definition);
+        Object.assign(this, definition.requiredAuthMethods);
+        if (definition.getEntityOptions) {
+            this.getEntityOptions = definition.getEntityOptions;
+        }
+        if (definition.refreshEntityOptions) {
+            this.refreshEntityOptions = definition.refreshEntityOptions;
+        }
+        this.name = definition.moduleName;
+        this.modelName = definition.modelName;
+        this.apiClass = definition.API;
+        this.CredentialModel =
+            definition.Credential || this.getCredentialModel();
+        this.EntityModel = definition.Entity || this.getEntityModel();
+    }
+
+    static async getInstance(params) {
+        const instance = new this(params);
+        if (params.entityId) {
+            instance.entity = await instance.EntityModel.findById(
+                params.entityId
+            );
+            instance.credential = await instance.CredentialModel.findById(
+                instance.entity.credential
+            );
+        } else if (params.credentialId) {
+            instance.credential = await instance.CredentialModel.findById(
+                params.credentialId
+            );
+        }
+        let credential = {};
+        let entity = {};
+        if (instance.credential) {
+            credential = instance.credential.toObject();
+        }
+        if (instance.entity) {
+            entity = instance.entity.toObject();
+        }
+        const apiParams = {
+            ...params.definition.env,
+            delegate: instance,
+            ...instance.apiParamsFromCredential(credential),
+            ...instance.apiParamsFromEntity(entity),
+        };
+        instance.api = new instance.apiClass(apiParams);
+        return instance;
+    }
+
+    static getEntityModelFromDefinition(definition) {
+        const partialModule = new this({ definition });
+        return partialModule.getEntityModel();
+    }
+
+    getName() {
+        return this.name;
+    }
+
+    apiParamsFromCredential(credential) {
+        return _.pick(credential, ...this.apiPropertiesToPersist?.credential);
+    }
+
+    apiParamsFromEntity(entity) {
+        return _.pick(entity, ...this.apiPropertiesToPersist?.entity);
+    }
+
+    getEntityModel() {
+        if (!this.EntityModel) {
+            const prefix = this.modelName ?? _.upperFirst(this.getName());
+            const arrayToDefaultObject = (array, defaultValue) =>
+                _.mapValues(_.keyBy(array), () => defaultValue);
+            const schema = new mongoose.Schema(
+                arrayToDefaultObject(this.apiPropertiesToPersist.entity, {
+                    type: mongoose.Schema.Types.Mixed,
+                    trim: true,
+                })
+            );
+            const name = `${prefix}Entity`;
+            this.EntityModel =
+                Entity.discriminators?.[name] ||
+                Entity.discriminator(name, schema);
+        }
+        return this.EntityModel;
+    }
+
+    getCredentialModel() {
+        if (!this.CredentialModel) {
+            const arrayToDefaultObject = (array, defaultValue) =>
+                _.mapValues(_.keyBy(array), () => defaultValue);
+            const schema = new mongoose.Schema(
+                arrayToDefaultObject(this.apiPropertiesToPersist.credential, {
+                    type: mongoose.Schema.Types.Mixed,
+                    trim: true,
+                    lhEncrypt: true,
+                })
+            );
+            const prefix = this.modelName ?? _.upperFirst(this.getName());
+            const name = `${prefix}Credential`;
+            this.CredentialModel =
+                Credential.discriminators?.[name] ||
+                Credential.discriminator(name, schema);
+        }
+        return this.CredentialModel;
+    }
+
+    async getEntitiesForUserId(userId) {
+        // Only return non-internal fields. Leverages "select" and "options" to non-excepted fields and a pure object.
+        const list = await this.EntityModel.find(
+            { user: userId },
+            '-dateCreated -dateUpdated -user -credentials -credential -__t -__v',
+            { lean: true }
+        );
+        console.log('getEntitiesForUserId list', list, userId);
+        return list.map((entity) => ({
+            id: entity._id,
+            type: this.getName(),
+            ...entity,
+        }));
+    }
+
+    async validateAuthorizationRequirements() {
+        const requirements = await this.getAuthorizationRequirements();
+        let valid = true;
+        if (
+            ['oauth1', 'oauth2'].includes(requirements.type) &&
+            !requirements.url
+        ) {
+            valid = false;
+        }
+        return valid;
+    }
+
+    async getAuthorizationRequirements(params) {
+        // TODO: How can this be more helpful both to implement and consume
+        // this function must return a dictionary with the following format
+        // node only url key is required. Data would be used for Base Authentication
+        // let returnData = {
+        //     url: "callback url for the data or teh redirect url for login",
+        //     type: one of the types defined in modules/Constants.js
+        //     data: ["required", "fields", "we", "may", "need"]
+        // }
+        return this.api.getAuthorizationRequirements();
+    }
+
+    async testAuth(params) {
+        let validAuth = false;
+        try {
+            if (await this.testAuthRequest(this.api)) validAuth = true;
+        } catch (e) {
+            flushDebugLog(e);
+        }
+        return validAuth;
+    }
+
+    async processAuthorizationCallback(params) {
+        let tokenResponse;
+        if (this.apiClass.requesterType === ModuleConstants.authType.oauth2) {
+            tokenResponse = await this.getToken(this.api, params);
+        } else {
+            tokenResponse = await this.setAuthParams(this.api, params);
+            await this.onTokenUpdate();
+        }
+        const authRes = await this.testAuth();
+        if (!authRes) {
+            throw new Error('Authorization failed');
+        }
+        const entityDetails = await this.getEntityDetails(
+            this.api,
+            params,
+            tokenResponse,
+            this.userId
+        );
+        Object.assign(
+            entityDetails.details,
+            this.apiParamsFromEntity(this.api)
+        );
+        await this.findOrCreateEntity(entityDetails);
+        return {
+            credential_id: this.credential.id,
+            entity_id: this.entity.id,
+            type: this.getName(),
+        };
+    }
+
+    async onTokenUpdate() {
+        const credentialDetails = await this.getCredentialDetails(
+            this.api,
+            this.userId
+        );
+        Object.assign(
+            credentialDetails.details,
+            this.apiParamsFromCredential(this.api)
+        );
+        credentialDetails.details.auth_is_valid = true;
+        await this.updateOrCreateCredential(credentialDetails);
+    }
+
+    async receiveNotification(notifier, delegateString, object = null) {
+        if (delegateString === this.api.DLGT_TOKEN_UPDATE) {
+            await this.onTokenUpdate();
+        } else if (delegateString === this.api.DLGT_TOKEN_DEAUTHORIZED) {
+            await this.deauthorize();
+        } else if (delegateString === this.api.DLGT_INVALID_AUTH) {
+            await this.markCredentialsInvalid();
+        }
+    }
+
+    async getEntityOptions() {
+        throw new Error(
+            'Method getEntityOptions() is not defined in the class'
+        );
+    }
+
+    async refreshEntityOptions() {
+        throw new Error(
+            'Method refreshEntityOptions() is not defined in the class'
+        );
+    }
+
+    async findOrCreateEntity(entityDetails) {
+        const identifiers = get(entityDetails, 'identifiers');
+        const details = get(entityDetails, 'details');
+        const search = await this.EntityModel.find(identifiers);
+        if (search.length > 1) {
+            throw new Error(
+                'Multiple entities found with the same identifiers: ' +
+                    JSON.stringify(identifiers)
+            );
+        } else if (search.length === 0) {
+            this.entity = await this.EntityModel.create({
+                credential: this.credential.id,
+                ...details,
+                ...identifiers,
+            });
+        } else if (search.length === 1) {
+            this.entity = search[0];
+        }
+        if (this.entity.credential === undefined) {
+            this.entity.credential = this.credential.id;
+            await this.entity.save();
+        }
+    }
+
+    async updateOrCreateCredential(credentialDetails) {
+        const identifiers = get(credentialDetails, 'identifiers');
+        const details = get(credentialDetails, 'details');
+
+        if (!this.credential) {
+            const credentialSearch = await this.CredentialModel.find(
+                identifiers
+            );
+            if (credentialSearch.length > 1) {
+                throw new Error(
+                    `Multiple credentials found with same identifiers: ${identifiers}`
+                );
+            } else if (credentialSearch.length === 1) {
+                // found exactly one credential with these identifiers
+                this.credential = credentialSearch[0];
+            } else {
+                // found no credential with these identifiers (match none for insert)
+                this.credential = { $exists: false };
+            }
+        }
+        // update credential or create if none was found
+        this.credential = await this.CredentialModel.findOneAndUpdate(
+            { _id: this.credential },
+            { $set: { ...identifiers, ...details } },
+            { useFindAndModify: true, new: true, upsert: true }
+        );
+    }
+
+    async markCredentialsInvalid() {
+        if (this.credential) {
+            this.credential.auth_is_valid = false;
+            await this.credential.save();
+        }
+    }
+
+    async deauthorize() {
+        this.api = new this.apiClass();
+        if (this.entity?.credential) {
+            await this.CredentialModel.deleteOne({
+                _id: this.entity.credential,
+            });
+            this.entity.credential = undefined;
+            await this.entity.save();
+        }
+    }
+}
+
+module.exports = { Auther };