@mapcreator/api 3.3.6 → 5.0.0-alpha.100

package/src/oauth/OAuthToken.js

@@ -1,175 +0,0 @@
-/*
- * BSD 3-Clause License
- *
- * Copyright (c) 2020, Mapcreator
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- *  Redistributions of source code must retain the above copyright notice, this
- *   list of conditions and the following disclaimer.
- *
- *  Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- *
- *  Neither the name of the copyright holder nor the names of its
- *   contributors may be used to endorse or promote products derived from
- *   this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
- * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-import StorageManager from '../storage/StorageManager';
-import { encodeQueryString } from '../utils/requests';
-
-/**
- * Oauth token container
- */
-export default class OAuthToken {
-  /**
-   * @param {String} token - OAuth token
-   * @param {String} [type=Bearer] - token type
-   * @param {Date|Number} [expires=5 days] - expire time in seconds or Date
-   * @param {Array<string>} [scopes=[]] - Any scopes
-   */
-  constructor (token, type = 'Bearer', expires = 432000, scopes = []) {
-    this.scopes = scopes;
-    this.token = token;
-    this.type = type.toLowerCase().replace(/(\s|^)\w/g, x => x.toUpperCase());
-
-    if (typeof expires === 'number') {
-      const ms = expires * 1000;
-
-      // Expires is in seconds
-      this.expires = new Date(Date.now() + ms);
-    } else if (expires instanceof Date) {
-      this.expires = expires;
-    } else {
-      throw new TypeError('Expires not of type Date or Number');
-    }
-  }
-
-  /**
-   * String representation of the token, usable in the Authorization header
-   * @returns {string} - String representation
-   */
-  toString () {
-    return `${this.type} ${this.token}`;
-  }
-
-  /**
-   * Get equivalent OAuth response object
-   * @returns {{access_token: (String|*), token_type: String, expires_in: Number, scope: (Array.<String>|Array|*)}} - Raw response object
-   */
-  toResponseObject () {
-    return {
-      'access_token': this.token,
-      'token_type': this.type.toLowerCase(),
-      'expires_in': this.expires - Date.now(),
-      'scope': this.scopes,
-    };
-  }
-
-  /**
-   * Export oauth response query string
-   * @returns {string} - OAuth response query
-   */
-  toQueryString () {
-    return encodeQueryString(this.toResponseObject());
-  }
-
-  /**
-   * If the token has expired
-   * @returns {Boolean} - expired
-   */
-  get expired () {
-    return new Date() > this.expires;
-  }
-
-  /**
-   * Internal storage key name
-   * @returns {String} - storage name
-   * @constant
-   */
-  static get storageName () {
-    return 'api_token';
-  }
-
-  /**
-   * Build instance from response object
-   * @param {String|Object} data - object or JSON string
-   * @returns {OAuthToken} - New OAuthToken instance
-   */
-  static fromResponseObject (data) {
-    if (typeof data === 'string') {
-      data = JSON.parse(data);
-    }
-
-    // Default expires = 5 days
-    let expires = 432000;
-
-    if (typeof data['exipires_in'] !== 'undefined') {
-      expires = Number(data['expires_in']);
-    } else if (typeof data.expires === 'string') {
-      expires = new Date(data.expires);
-    }
-
-    return new OAuthToken(
-      data['access_token'],
-      data['token_type'],
-      expires,
-      data.scope || [],
-    );
-  }
-
-  /**
-   * Store the token for later recovery. Token will be stored in HTTPS cookie if possible.
-   * @param {String} name - db key name
-   * @throws {OAuthToken#recover}
-   */
-  save (name = OAuthToken.storageName) {
-    const data = {
-      token: this.token,
-      type: this.type,
-      expires: this.expires.toUTCString(),
-      scopes: this.scopes,
-    };
-
-    // Third parameter is only used when we're using cookies
-    StorageManager.secure.set(name, JSON.stringify(data), this.expires);
-  }
-
-  /**
-   * Recover a token by looking through the HTTPS cookies and localStorage
-   * @param {String} name - Storage key name
-   * @returns {OAuthToken|null} - null if none could be recovered
-   * @throws {OAuthToken#save}
-   */
-  static recover (name = OAuthToken.storageName) {
-    const data = StorageManager.secure.get(name);
-
-    if (!data) {
-      return null;
-    }
-
-    const obj = JSON.parse(data);
-    const instance = new OAuthToken(obj.token, obj.type, new Date(obj.expires), obj.scopes || []);
-
-    if (instance.expired) {
-      return null;
-    }
-
-    return instance;
-  }
-}

package/src/oauth/PasswordFlow.js

@@ -1,164 +0,0 @@
-/*
- * BSD 3-Clause License
- *
- * Copyright (c) 2020, Mapcreator
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- *  Redistributions of source code must retain the above copyright notice, this
- *   list of conditions and the following disclaimer.
- *
- *  Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- *
- *  Neither the name of the copyright holder nor the names of its
- *   contributors may be used to endorse or promote products derived from
- *   this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
- * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-import ky from 'ky-universal';
-import OAuthError from '../errors/OAuthError';
-import { isNode } from '../utils/node';
-import OAuth from './OAuth';
-import OAuthToken from './OAuthToken';
-import { makeCancelable } from '../utils/helpers';
-
-
-/**
- * Password authentication flow
- */
-export default class PasswordFlow extends OAuth {
-  /**
-   * @param {string} clientId - OAuth client id
-   * @param {string} secret - OAuth secret
-   * @param {string} username - Valid username (email)
-   * @param {string} password - Valid password
-   * @param {Array<string>} scopes - A list of required scopes
-   */
-  constructor (clientId, secret, username, password, scopes = ['*']) {
-    super(clientId, scopes);
-
-    this._secret = secret;
-    this._username = username;
-    this._password = password;
-
-    this._path = '/oauth/token';
-
-    // Because the client requires a secret HTTPS is highly recommended
-    if (!isNode()) {
-      console.warn('Using PasswordFlow in the browser is unrecommended');
-
-      if (window.location.protocol !== 'https:') {
-        console.warn('Page was not loaded using https. You\'re most likely leaking secrets right now');
-      }
-    }
-  }
-
-  /**
-   * it's a secret :o (client secret)
-   * @returns {String} - secret
-   */
-  get secret () {
-    return this._secret;
-  }
-
-  /**
-   * Set client secret
-   * @param {String} value - secret
-   */
-  set secret (value) {
-    this._secret = value;
-  }
-
-  /**
-   * Get the username for authentication
-   * @returns {String} - Username (email)
-   */
-  get username () {
-    return this._username;
-  }
-
-  /**
-   * Get the username for authentication
-   * @param {String} value - Username (email)
-   */
-  set username (value) {
-    this._username = value;
-  }
-
-  /**
-   * Get the password
-   * @returns {String} - Password
-   */
-  get password () {
-    return this._password;
-  }
-
-  /**
-   * Set the password
-   * @param {String} value - password
-   */
-  set password (value) {
-    this._password = value;
-  }
-
-  /**
-   * OAuth path
-   * @returns {String} - OAuth path
-   */
-  get path () {
-    return this._path;
-  }
-
-  /**
-   * OAuth path
-   * @param {String} value - OAuth path
-   */
-  set path (value) {
-    this._path = value;
-  }
-
-  /**
-   * Authenticate
-   * @returns {CancelablePromise<OAuthToken>} - Response token
-   * @throws {OAuthError}
-   */
-  authenticate () {
-    const url = this.host + this.path;
-    const json = {
-      'grant_type': 'password',
-      'client_id': this.clientId,
-      'client_secret': this._secret,
-      'username': this.username,
-      'password': this.password,
-      'scope': this.scopes.join(' '),
-    };
-
-    return makeCancelable(async signal => {
-      const data = await ky.post(url, { json, signal }).json();
-
-      if (data.error) {
-        throw new OAuthError(data.error, data.message);
-      }
-
-      this.token = OAuthToken.fromResponseObject(data);
-      this.token.scopes = this.scopes;
-
-      return this.token;
-    });
-  }
-}

package/src/oauth/StateContainer.js

@@ -1,111 +0,0 @@
-/*
- * BSD 3-Clause License
- *
- * Copyright (c) 2020, Mapcreator
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- *  Redistributions of source code must retain the above copyright notice, this
- *   list of conditions and the following disclaimer.
- *
- *  Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- *
- *  Neither the name of the copyright holder nor the names of its
- *   contributors may be used to endorse or promote products derived from
- *   this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
- * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-import StorageManager from '../storage/StorageManager';
-import StaticClass from '../utils/StaticClass';
-import Uuid from '../utils/uuid';
-
-/**
- * State container for keeping track of OAuth states (crsf tokens)
- * @static
- * @private
- */
-export default class StateContainer extends StaticClass {
-  /**
-   * LocalStorage key prefix
-   * @returns {String} - prefix
-   * @constant
-   */
-  static get prefix () {
-    return 'oauth_state_';
-  }
-
-  /**
-   * Generate and store a state that can be checked at a later point
-   * @returns {string} - state
-   */
-  static generate () {
-    const uuid = Uuid.uuid4();
-    const key = StateContainer.prefix + uuid;
-
-    StorageManager.best.set(key, Date.now());
-
-    return uuid;
-  }
-
-  /**
-   * Validate a state
-   * @param {String} state - state to validate
-   * @param {Boolean} purge - remove from state db after validation
-   * @returns {Boolean} - if the state is valid
-   */
-  static validate (state, purge = true) {
-    const storage = StorageManager.best;
-    const key = StateContainer.prefix + state;
-    const found = typeof storage.get(key) !== 'undefined';
-
-    if (purge && found) {
-      storage.remove(key);
-    }
-
-    return found;
-  }
-
-  /**
-   * Remove all states from the state db
-   */
-  static clean () {
-    const tokens = Object.keys(this.list());
-
-    for (const token of tokens) {
-      StorageManager.best.remove(StateContainer.prefix + token);
-    }
-  }
-
-  /**
-   * Get states with their corresponding state db key
-   * @returns {Object<String, String>} - List of stored states
-   */
-  static list () {
-    const storage = StorageManager.best;
-
-    return storage
-      .keys()
-      .filter(x => x.startsWith(StateContainer.prefix))
-      .map(x => x.replace(StateContainer.prefix, ''))
-      .reduce((out, key) => {
-        out[key] = storage.get(key);
-
-        return out;
-      }, {});
-  }
-}

package/src/proxy/GeoResourceProxy.js

@@ -1,137 +0,0 @@
-/*
- * BSD 3-Clause License
- *
- * Copyright (c) 2020, Mapcreator
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- *  Redistributions of source code must retain the above copyright notice, this
- *   list of conditions and the following disclaimer.
- *
- *  Redistributions in binary form must reproduce the above copyright notice,
- *   this list of conditions and the following disclaimer in the documentation
- *   and/or other materials provided with the distribution.
- *
- *  Neither the name of the copyright holder nor the names of its
- *   contributors may be used to endorse or promote products derived from
- *   this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
- * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-import GeoError from '../errors/GeoError';
-import RequestParameters from '../RequestParameters';
-import { GeoBoundary, GeoPoint } from '../utils/geo';
-import ResourceProxy from './ResourceProxy';
-import { makeCancelable } from '../utils/helpers';
-
-export default class GeoResourceProxy extends ResourceProxy {
-  /**
-   * @param {Mapcreator} api - Instance of the api
-   * @param {ResourceBase} Target - Target to wrap
-   * @param {?string} [altUrl=null] - Internal use, Optional alternative url for more complex routing
-   * @param {object} seedData - Internal use, used for seeding ::new
-   * @param {object} options - instance options
-   * @param {boolean} [options.hasForPoint=true] - If the endpoint supports for-point
-   * @param {boolean} [options.hasForBoundary=true] - If the endpoint supports for-boundary
-   */
-  constructor (api, Target, altUrl = null, seedData = {}, { hasForPoint = true, hasForBoundary = true } = {}) {
-    super(api, Target, altUrl, seedData);
-    this._hasForPoint = hasForPoint;
-    this._hasForBoundary = hasForBoundary;
-  }
-
-  /**
-   * If the proxy supports for-point operations
-   * @returns {boolean} - If it supports the operations
-   */
-  get hasForPoint () {
-    return this._hasForPoint;
-  }
-
-  /**
-   * If the proxy supports for-point operations
-   * @returns {boolean} - If it supports the operations
-   */
-  get hasForBoundary () {
-    return this._hasForBoundary;
-  }
-
-  // noinspection JSCommentMatchesSignature
-  /**
-   * Get an array of results for boundary
-   * @param {Object} boundary - boundary to search within
-   * @param {Object} boundary.topLeft - top left corner of the boundary
-   * @param {Number} boundary.topLeft.lat - top left corner latitude
-   * @param {Number} boundary.topLeft.lng - top left corner longitude
-   * @param {Object} boundary.bottomRight - bottom right corner of the boundary
-   * @param {Number} boundary.bottomRight.lat - bottom right corner latitude
-   * @param {Number} boundary.bottomRight.lng - bottom right corner longitude
-   * @param {Number} limit - maximum amount of results, can't be larger then RequestParameters.maxPerPage
-   * @returns {CancelablePromise<ResourceBase[]>} - target resource for boundary
-   * @throws {ApiError} - If the api returns errors
-   * @throws TypeError
-   * @throws GeoError
-   */
-  forBoundary ({ topLeft, bottomRight }, limit = RequestParameters.perPage) {
-    if (!this.hasForBoundary) {
-      throw new GeoError(`${this.Target.name} does not support the operation forBoundary`);
-    }
-
-    const boundary = new GeoBoundary(topLeft, bottomRight);
-
-    if (limit > RequestParameters.maxPerPage) {
-      throw new TypeError(`Invalid resource limit ${limit}, maximum allowed is ${RequestParameters.maxPerPage}`);
-    }
-
-    const url = `${this.new().baseUrl}/for-boundary?per_page=${limit}`;
-
-    return makeCancelable(async signal => {
-      const { data } = await this.api.ky.post(url, { json: { boundary }, signal }).json();
-
-      return data.map(r => this.new(r));
-    });
-  }
-
-  /**
-   * Get an array of results for point
-   * @param {Object} point - point to search at
-   * @param {Number} point.lat - top left corner latitude
-   * @param {Number} point.lng - top left corner longitude
-   * @param {Number} limit - maximum amount of results, can't be larger then RequestParameters.maxPerPage
-   * @returns {CancelablePromise<ResourceBase[]>} - target resource for boundary
-   * @throws {ApiError} - If the api returns errors
-   * @throws TypeError
-   * @throws GeoError
-   */
-  forPoint ({ lat, lng }, limit = RequestParameters.perPage) {
-    if (!this.hasForPoint) {
-      throw new GeoError(`${this.Target.name} does not support the operation forPoint`);
-    }
-
-    const point = new GeoPoint(lat, lng);
-
-    if (limit > RequestParameters.maxPerPage) {
-      throw new TypeError(`Invalid resource limit ${limit}, maximum allowed is ${RequestParameters.maxPerPage}`);
-    }
-
-    const url = `${this.new().baseUrl}/for-point?per_page=${limit}`;
-
-    return makeCancelable(async signal => {
-      const { data } = await this.api.ky.post(url, { json: { limit, point }, signal }).json();
-
-      return data.map(r => this.new(r));
-    });
-  }
-}