@midwayjs/passport 3.4.0-beta.1 → 3.4.0-beta.12

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2013 - Now midwayjs
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/dist/config/config.default.d.ts

@@ -1,5 +1,7 @@
 export declare const passport: {
     session: boolean;
+    assignProperty: boolean;
+    sessionUserProperty: string;
     userProperty: string;
 };
 //# sourceMappingURL=config.default.d.ts.map

package/dist/config/config.default.js

@@ -3,6 +3,8 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.passport = void 0;
 exports.passport = {
     session: true,
+    assignProperty: true,
+    sessionUserProperty: 'user',
     userProperty: 'user',
 };
 //# sourceMappingURL=config.default.js.map

package/dist/configuration.js

@@ -12,20 +12,11 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.PassportConfiguration = void 0;
 const decorator_1 = require("@midwayjs/decorator");
 const DefaultConfig = require("./config/config.default");
-const util_1 = require("./util");
 const core_1 = require("@midwayjs/core");
+const authenticator_1 = require("./passport/authenticator");
 let PassportConfiguration = class PassportConfiguration {
     async onReady(container) {
-        const passportConfig = this.configService.getConfiguration('passport');
-        const passport = (0, util_1.getPassport)();
-        this.applicationManager
-            .getApplications(['express', 'koa', 'egg', 'faas'])
-            .forEach(app => {
-            app.useMiddleware(passport.initialize());
-            if (passportConfig.session) {
-                app.useMiddleware(passport.session());
-            }
-        });
+        await container.getAsync(authenticator_1.PassportAuthenticator);
     }
 };
 __decorate([

package/dist/index.d.ts

@@ -1,4 +1,6 @@
 export { PassportConfiguration as Configuration } from './configuration';
 export * from './decorator/strategy';
-export * from './service/passport.service';
+export * from './passport/authenticator';
+export * from './passport/passport.service';
+export * from './interface';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.js

@@ -18,5 +18,7 @@ exports.Configuration = void 0;
 var configuration_1 = require("./configuration");
 Object.defineProperty(exports, "Configuration", { enumerable: true, get: function () { return configuration_1.PassportConfiguration; } });
 __exportStar(require("./decorator/strategy"), exports);
-__exportStar(require("./service/passport.service"), exports);
+__exportStar(require("./passport/authenticator"), exports);
+__exportStar(require("./passport/passport.service"), exports);
+__exportStar(require("./interface"), exports);
 //# sourceMappingURL=index.js.map

package/dist/interface.d.ts

@@ -1,5 +1,20 @@
-import * as passport from 'passport';
 import { IMiddleware } from '@midwayjs/core';
+export interface AuthenticateOptions {
+    authInfo?: boolean | undefined;
+    assignProperty?: string | undefined;
+    failureMessage?: boolean | string | undefined;
+    failureRedirect?: string | undefined;
+    session?: boolean | undefined;
+    scope?: string | string[] | undefined;
+    successMessage?: boolean | string | undefined;
+    successRedirect?: string | undefined;
+    successReturnToOrRedirect?: string | undefined;
+    state?: string | undefined;
+    pauseStream?: boolean | undefined;
+    userProperty?: string | undefined;
+    passReqToCallback?: boolean | undefined;
+    prompt?: string | undefined;
+}
 export interface IPassportStrategy {
     validate(...args: any[]): any;
     getStrategyOptions(): any;
@@ -7,16 +22,55 @@ export interface IPassportStrategy {
     deserializeUser?(id: any, done: (err: any, user?: any) => void): void;
     transformAuthInfo?(info: any, done: (err: any, info: any) => void): void;
 }
-export declare abstract class AbstractStrategy implements IPassportStrategy {
-    abstract validate(...args: any[]): any;
-    abstract getStrategyOptions(): any;
-}
 export interface IPassportMiddleware extends IMiddleware<any, any> {
-    authenticate?(options: passport.AuthenticateOptions, callback: Function): any;
+    authenticate?(options: AuthenticateOptions, callback: Function): any;
 }
 export declare abstract class AbstractPassportMiddleware implements Pick<IPassportMiddleware, 'authenticate'> {
-    abstract getAuthenticateOptions(): Promise<passport.AuthenticateOptions> | passport.AuthenticateOptions;
-    authenticate?(options: passport.AuthenticateOptions, callback?: Function): any;
+    abstract getAuthenticateOptions(): Promise<AuthenticateOptions> | AuthenticateOptions;
+    authenticate?(options: AuthenticateOptions, callback?: Function): any;
     resolve(): any;
 }
+export interface StrategyCreatedStatic {
+    /**
+     * Authenticate `user`, with optional `info`.
+     *
+     * Strategies should call this function to successfully authenticate a
+     * user.  `user` should be an object supplied by the application after it
+     * has been given an opportunity to verify credentials.  `info` is an
+     * optional argument containing additional user information.  This is
+     * useful for third-party authentication strategies to pass profile
+     * details.
+     */
+    success(user: any, info?: Record<string, any>): void;
+    /**
+     * Fail authentication, with optional `challenge` and `status`, defaulting
+     * to 401.
+     *
+     * Strategies should call this function to fail an authentication attempt.
+     */
+    fail(challenge?: string | number, status?: number): void;
+    /**
+     * Redirect to `url` with optional `status`, defaulting to 302.
+     *
+     * Strategies should call this function to redirect the user (via their
+     * user agent) to a third-party website for authentication.
+     */
+    redirect(url: string, status?: number): void;
+    /**
+     * Pass without making a success or fail decision.
+     *
+     * Under most circumstances, Strategies should not need to call this
+     * function.  It exists primarily to allow previous authentication state
+     * to be restored, for example from an HTTP session.
+     */
+    pass(): void;
+    /**
+     * Internal error while performing authentication.
+     *
+     * Strategies should call this function when an internal error occurs
+     * during the process of performing authentication; for example, if the
+     * user directory is not available.
+     */
+    error(err: any): void;
+}
 //# sourceMappingURL=interface.d.ts.map

package/dist/interface.js

@@ -1,9 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.AbstractPassportMiddleware = exports.AbstractStrategy = void 0;
-class AbstractStrategy {
-}
-exports.AbstractStrategy = AbstractStrategy;
+exports.AbstractPassportMiddleware = void 0;
 class AbstractPassportMiddleware {
     resolve() { }
 }

package/dist/passport/authenticator.d.ts

@@ -0,0 +1,125 @@
+/// <reference types="node" />
+import { AuthenticateOptions } from '../interface';
+import { Strategy } from './strategy';
+import { IMidwayContainer } from '@midwayjs/core';
+import { IncomingMessage } from 'http';
+export declare class PassportAuthenticator {
+    private strategies;
+    private userProperty;
+    private sessionUserProperty;
+    _key: string;
+    _serializers: any[];
+    _deserializers: any[];
+    _infoTransformers: any[];
+    applicationContext: IMidwayContainer;
+    passportConfig: any;
+    protected init(): void;
+    isExpressMode(): boolean;
+    isEnableSession(): boolean;
+    getUserProperty(): string;
+    getSessionUserProperty(): string;
+    use(name: string | Strategy, strategy?: Strategy): this;
+    unuse(name: string): this;
+    /**
+     * Authenticates requests.
+     *
+     * Applies the `name`ed strategy (or strategies) to the incoming request, in
+     * order to authenticate the request.  If authentication is successful, the user
+     * will be logged in and populated at `req.user` and a session will be
+     * established by default.  If authentication fails, an unauthorized response
+     * will be sent.
+     *
+     * Options:
+     *   - `session`          Save login state in session, defaults to _true_
+     *   - `successRedirect`  After successful login, redirect to given URL
+     *   - `successMessage`   True to store success message in
+     *                        req.session.messages, or a string to use as override
+     *                        message for success.
+     *   - `successFlash`     True to flash success messages or a string to use as a flash
+     *                        message for success (overrides any from the strategy itself).
+     *   - `failureRedirect`  After failed login, redirect to given URL
+     *   - `failureMessage`   True to store failure message in
+     *                        req.session.messages, or a string to use as override
+     *                        message for failure.
+     *   - `failureFlash`     True to flash failure messages or a string to use as a flash
+     *                        message for failures (overrides any from the strategy itself).
+     *   - `assignProperty`   Assign the object provided by the verify callback to given property
+     */
+    authenticate(strategies: Strategy[], options?: AuthenticateOptions): (req: any) => Promise<{
+        successResult?: {
+            user: any;
+            info: any;
+        } | undefined;
+        redirectResult?: {
+            url: string;
+            status: number;
+        } | undefined;
+        failResult?: {
+            failures: Array<{
+                challenge: string;
+                status: number;
+            }>;
+        };
+    }>;
+    serializeUser(fn: any, req?: any, done?: any): number;
+    /**
+     * Registers a function used to deserialize user objects out of the session.
+     *
+     * Examples:
+     *
+     *     passport.deserializeUser(function(id, done) {
+     *       User.findById(id, function (err, user) {
+     *         done(err, user);
+     *       });
+     *     });
+     *
+     * @api public
+     */
+    deserializeUser(fn: any, req?: any, done?: any): number;
+    /**
+     * Registers a function used to transform auth info.
+     *
+     * In some circumstances authorization details are contained in authentication
+     * credentials or loaded as part of verification.
+     *
+     * For example, when using bearer tokens for API authentication, the tokens may
+     * encode (either directly or indirectly in a database), details such as scope
+     * of access or the client to which the token was issued.
+     *
+     * Such authorization details should be enforced separately from authentication.
+     * Because Passport deals only with the latter, this is the responsiblity of
+     * middleware or routes further along the chain.  However, it is not optimal to
+     * decode the same data or execute the same database query later.  To avoid
+     * this, Passport accepts optional `info` along with the authenticated `user`
+     * in a strategy's `success()` action.  This info is set at `req.authInfo`,
+     * where said later middlware or routes can access it.
+     *
+     * Optionally, applications can register transforms to proccess this info,
+     * which take effect prior to `req.authInfo` being set.  This is useful, for
+     * example, when the info contains a client ID.  The transform can load the
+     * client from the database and include the instance in the transformed info,
+     * allowing the full set of client properties to be convieniently accessed.
+     *
+     * If no transforms are registered, `info` supplied by the strategy will be left
+     * unmodified.
+     *
+     * Examples:
+     *
+     *     passport.transformAuthInfo(function(info, done) {
+     *       Client.findById(info.clientID, function (err, client) {
+     *         info.client = client;
+     *         done(err, info);
+     *       });
+     *     });
+     *
+     * @api public
+     */
+    transformAuthInfo(fn: any, req?: any, done?: any): number;
+    logInToSession(req: IncomingMessage & {
+        session: any;
+    }, user: any): Promise<void>;
+    logOutFromSession(req: any, options?: {
+        keepSessionInfo?: boolean;
+    }): Promise<void>;
+}
+//# sourceMappingURL=authenticator.d.ts.map