@plusscommunities/pluss-core-aws 2.0.5-auth.0 → 2.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/helper/auth/getSessionUser.js +60 -87
  2. package/helper/getUserPreviewFromReq.js +22 -0
  3. package/helper/opengraph/getOpenGraph.js +2 -10
  4. package/package.json +2 -8
  5. package/helper/auth/context/AuthenticationContext.js +0 -50
  6. package/helper/auth/context/AuthenticationStrategy.js +0 -20
  7. package/helper/auth/context/auth0/Strategy.js +0 -12
  8. package/helper/auth/context/auth0/functions/decodeAccessToken.js +0 -45
  9. package/helper/auth/context/auth0/functions/getSessionUser.js +0 -21
  10. package/helper/auth/context/boltonclarke/Strategy.js +0 -10
  11. package/helper/auth/context/cognito/Strategy.js +0 -12
  12. package/helper/auth/context/cognito/functions/getSessionUser.js +0 -76
package/helper/auth/getSessionUser.js CHANGED
@@ -1,90 +1,63 @@
1
- // const https = require("https");
2
- // const jose = require("node-jose");
3
- // const { app_client_id, keys_url } = require("../../../config");
4
- // const isUserDisabled = require("./isUserDisabled");
5
- const { log } = require("..");
6
- const AuthenticationContext = require("./context/AuthenticationContext");
1
+ const https = require("https");
2
+ const jose = require("node-jose");
3
+ const { getConfig } = require("../../config");
7
4
 
8
5
  module.exports = async (token) => {
9
- const logId = log("getSessionUser", "Start", true);
10
- const userId = await AuthenticationContext.getSessionUser(token);
11
- log("getSessionUser", "Result", userId, logId);
12
- return userId;
13
- // return new Promise((resolve, reject) => {
14
- // if (!token) {
15
- // return resolve(null);
16
- // }
17
- // var sections = token.split(".");
18
- // // get the kid from the headers prior to verification
19
- // var header = jose.util.base64url.decode(sections[0]);
20
- // header = JSON.parse(header);
21
- // var kid = header.kid;
22
- // // download the public keys
23
- // https.get(keys_url, async (response) => {
24
- // if (response.statusCode == 200) {
25
- // response.on("data", async (body) => {
26
- // var keys = JSON.parse(body)["keys"];
27
- // // search for the kid in the downloaded public keys
28
- // var key_index = -1;
29
- // for (var i = 0; i < keys.length; i++) {
30
- // if (kid == keys[i].kid) {
31
- // key_index = i;
32
- // break;
33
- // }
34
- // }
35
- // if (key_index == -1) {
36
- // reject();
37
- // return;
38
- // }
39
- // // construct the public key
40
- // jose.JWK.asKey(keys[key_index])
41
- // .then(async (result) => {
42
- // // verify the signature
43
- // jose.JWS.createVerify(result)
44
- // .verify(token)
45
- // .then(async (result2) => {
46
- // // now we can use the claims
47
- // var claims = JSON.parse(result2.payload);
48
- // // additionally we can verify the token expiration
49
- // var current_ts = Math.floor(new Date() / 1000);
50
- // if (current_ts > claims.exp) {
51
- // console.log("Token is expired");
52
- // reject("Token is expired");
53
- // return;
54
- // }
55
-
56
- // /* --=- Optional audience stuff we dont use.
57
- // // and the Audience (use claims.client_id if verifying an access token)
58
- // if (claims.aud != app_client_id) {
59
- // console.log('Token was not issued for this audience')
60
- // return;
61
- // }
62
- // */
63
-
64
- // const isDisabled = await isUserDisabled(claims.username);
65
-
66
- // if (isDisabled) {
67
- // console.log("User is disabled");
68
- // reject("User is disabled");
69
- // return;
70
- // }
71
-
72
- // resolve(claims.username);
73
- // })
74
- // .catch(async (error) => {
75
- // console.log("Signature verification failed", error);
76
- // reject("Signature verification failed");
77
- // });
78
- // })
79
- // .catch(async (error) => {
80
- // console.log("failed JWK.asKey", error);
81
- // reject(error);
82
- // });
83
- // });
84
- // } else {
85
- // console.log("failed on response", response);
86
- // reject(response);
87
- // }
88
- // });
89
- // });
6
+ return new Promise((resolve, reject) => {
7
+ var sections = token.split(".");
8
+ // get the kid from the headers prior to verification
9
+ var header = jose.util.base64url.decode(sections[0]);
10
+ header = JSON.parse(header);
11
+ var kid = header.kid;
12
+ // download the public keys
13
+ https.get(getConfig().keys_url, function (response) {
14
+ if (response.statusCode == 200) {
15
+ response.on("data", function (body) {
16
+ var keys = JSON.parse(body)["keys"];
17
+ // search for the kid in the downloaded public keys
18
+ var key_index = -1;
19
+ for (var i = 0; i < keys.length; i++) {
20
+ if (kid == keys[i].kid) {
21
+ key_index = i;
22
+ break;
23
+ }
24
+ }
25
+ if (key_index == -1) {
26
+ reject();
27
+ return;
28
+ }
29
+ // construct the public key
30
+ jose.JWK.asKey(keys[key_index])
31
+ .then(function (result) {
32
+ // verify the signature
33
+ jose.JWS.createVerify(result)
34
+ .verify(token)
35
+ .then(function (result2) {
36
+ // now we can use the claims
37
+ var claims = JSON.parse(result2.payload);
38
+ // additionally we can verify the token expiration
39
+ var current_ts = Math.floor(new Date() / 1000);
40
+ if (current_ts > claims.exp) {
41
+ console.log("Token is expired");
42
+ reject("Token is expired");
43
+ return;
44
+ }
45
+ resolve(claims.username);
46
+ })
47
+ .catch(function (error) {
48
+ console.log("Signature verification failed", error);
49
+ reject("Signature verification failed");
50
+ });
51
+ })
52
+ .catch(function (error) {
53
+ console.log("failed JWK.asKey", error);
54
+ reject(error);
55
+ });
56
+ });
57
+ } else {
58
+ console.log("failed on response", response);
59
+ reject(response);
60
+ }
61
+ });
62
+ });
90
63
  };
package/helper/getUserPreviewFromReq.js ADDED
@@ -0,0 +1,22 @@
1
+ const getSessionUserFromReqAuthKey = require("./auth/getSessionUserFromReqAuthKey");
2
+ const getUserPreview = require("./getUserPreview");
3
+
4
+ module.exports = async (req, includeType, inlcudeSite, options) => {
5
+ return new Promise((resolve, reject) => {
6
+ getSessionUserFromReqAuthKey(req)
7
+ .then((uid) => {
8
+ getUserPreview(uid, includeType, inlcudeSite, options)
9
+ .then((user) => {
10
+ resolve(user);
11
+ })
12
+ .catch((error) => {
13
+ console.log("failed to get user preview", uid);
14
+ reject(error);
15
+ });
16
+ })
17
+ .catch((error) => {
18
+ console.log("failed to get session user", authkey);
19
+ reject(error);
20
+ });
21
+ });
22
+ };
package/helper/opengraph/getOpenGraph.js CHANGED
@@ -1,19 +1,11 @@
1
1
  const axios = require("axios");
2
+ const { getConfig } = require("../../config");
2
3
 
3
4
  module.exports = async (url) => {
4
5
  return new Promise(async (resolve, reject) => {
5
6
  const request = {
6
7
  method: "GET",
7
- url: `https://opengraph-io.p.rapidapi.com/api/1.1/sites?url=${decodeURI(
8
- url
9
- ).replace(
10
- "%3A",
11
- ":"
12
- )}&accept_lang=en-US,en;q=0.9&max_cache_age=432000000`,
13
- headers: {
14
- "x-rapidapi-host": "opengraph-io.p.rapidapi.com",
15
- "x-rapidapi-key": "3941bc0a39msh60f09652e936b3dp1afe26jsn4163bac965cc",
16
- },
8
+ url: `https://opengraph.io/api/1.1/site/${encodeURIComponent(url)}?app_id=${getConfig().thirdPartyAPIKeys.openGraph}`,
17
9
  };
18
10
 
19
11
  try {
package/package.json CHANGED
@@ -1,15 +1,12 @@
1
1
  {
2
2
  "name": "@plusscommunities/pluss-core-aws",
3
- "version": "2.0.5-auth.0",
3
+ "version": "2.0.5",
4
4
  "description": "Core extension package for Pluss Communities platform",
5
5
  "scripts": {
6
6
  "betapatch": "npm version prepatch --preid=beta",
7
7
  "patch": "npm version patch",
8
8
  "betaupload": "npm i && npm i && npm publish --access public --tag beta",
9
9
  "betaupload:p": "npm run betapatch && npm run betaupload",
10
- "authpatch": "npm version prepatch --preid=auth",
11
- "authupload": "npm i && npm i && npm publish --access public --tag auth",
12
- "authupload:p": "npm run authpatch && npm run authupload",
13
10
  "upload": "npm i && npm i && npm publish --access public",
14
11
  "upload:p": "npm run patch && npm run upload"
15
12
  },
@@ -21,13 +18,10 @@
21
18
  "axios": "^1.6.8",
22
19
  "aws-sdk": "^2.1591.0",
23
20
  "expo-server-sdk": "^3.0.1",
24
- "get-image-colors": "^1.8.1",
25
21
  "html-entities": "^2.3.2",
26
22
  "https": "^1.0.0",
27
- "jsonwebtoken": "^9.0.2",
28
- "jwks-rsa": "^3.1.0",
29
23
  "lodash": "^4.17.10",
30
- "moment": "^2.22.2",
24
+ "moment": "^2.30.1",
31
25
  "node-fetch": "^2.2.0",
32
26
  "node-jose": "^1.0.0",
33
27
  "nodemailer": "^6.9.12",
package/helper/auth/context/AuthenticationContext.js DELETED
@@ -1,50 +0,0 @@
1
- const Auth0Strategy = require("./auth0/Strategy");
2
- const CognitoStrategy = require("./cognito/Strategy");
3
- const BoltonClarkeStrategy = require("./boltonclarke/Strategy");
4
- const { getConfig } = require("../../../config");
5
-
6
- class AuthenticationContext {
7
- static strategy = null;
8
-
9
- static initialiseStrategy() {
10
- switch (getConfig().authConfig.provider) {
11
- case "auth0":
12
- AuthenticationContext.strategy = new Auth0Strategy();
13
- break;
14
- case "boltonclarke":
15
- AuthenticationContext.strategy = new BoltonClarkeStrategy();
16
- break;
17
- case "cognito":
18
- AuthenticationContext.strategy = new CognitoStrategy();
19
- break;
20
- default:
21
- throw new Error("Invalid authentication provider specified");
22
- }
23
- }
24
-
25
- static getSessionUser = async (token) => {
26
- if (!AuthenticationContext.strategy) {
27
- AuthenticationContext.initialiseStrategy();
28
- }
29
- return AuthenticationContext.strategy.getSessionUser(token);
30
- };
31
-
32
- static populateUser = async (token) => {
33
- if (!AuthenticationContext.strategy) {
34
- AuthenticationContext.initialiseStrategy();
35
- }
36
- return AuthenticationContext.strategy.populateUser(token);
37
- };
38
-
39
- static updateIdentityAttributes = async (input, userId) => {
40
- if (!AuthenticationContext.strategy) {
41
- AuthenticationContext.initialiseStrategy();
42
- }
43
- return AuthenticationContext.strategy.updateIdentityAttributes(
44
- input,
45
- userId
46
- );
47
- };
48
- }
49
-
50
- module.exports = AuthenticationContext;
package/helper/auth/context/AuthenticationStrategy.js DELETED
@@ -1,20 +0,0 @@
1
- // Authentication Strategy Interface
2
- class AuthenticationStrategy {
3
- constructor() {}
4
-
5
- getSessionUser(token) {
6
- throw new Error("Method 'getSessionUser()' must be implemented.");
7
- }
8
-
9
- // optional function to populate user data based on a token
10
- populateUser(token) {
11
- return;
12
- }
13
-
14
- // optional function to save attributes to identity provider
15
- updateIdentityAttributes = async (input, userId) => {
16
- return;
17
- };
18
- }
19
-
20
- module.exports = AuthenticationStrategy;
package/helper/auth/context/auth0/Strategy.js DELETED
@@ -1,12 +0,0 @@
1
- // auth0Strategy.js
2
- const AuthenticationStrategy = require("../AuthenticationStrategy");
3
- const getSessionUser = require("./functions/getSessionUser");
4
-
5
- class Auth0Strategy extends AuthenticationStrategy {
6
- constructor() {
7
- super();
8
- this.getSessionUser = getSessionUser;
9
- }
10
- }
11
-
12
- module.exports = Auth0Strategy;
package/helper/auth/context/auth0/functions/decodeAccessToken.js DELETED
@@ -1,45 +0,0 @@
1
- const jwt = require("jsonwebtoken");
2
- const jwksClient = require("jwks-rsa");
3
-
4
- const { getConfig } = require("../../../../../config");
5
-
6
- // Function to retrieve the signing key from Auth0 JWKS
7
- const getKey = (header, callback) => {
8
- // Initialize JWKS client
9
- const client = jwksClient({
10
- jwksUri: `https://${getConfig().auth0Config.domain}/.well-known/jwks.json`,
11
- });
12
-
13
- client.getSigningKey(header.kid, (err, key) => {
14
- if (err) {
15
- callback(err, null);
16
- } else {
17
- const signingKey = key.publicKey || key.rsaPublicKey;
18
- callback(null, signingKey);
19
- }
20
- });
21
- };
22
-
23
- // Function to validate the token and extract user information
24
- const decodeAccessToken = async (token) => {
25
- return new Promise((resolve, reject) => {
26
- jwt.verify(
27
- token,
28
- getKey,
29
- {
30
- audience: getConfig().auth0Config.audience,
31
- issuer: `https://${getConfig().auth0Config.domain}/`,
32
- algorithms: ["RS256"],
33
- },
34
- (err, decoded) => {
35
- if (err) {
36
- reject(err);
37
- } else {
38
- resolve(decoded); // 'sub' contains the user ID
39
- }
40
- }
41
- );
42
- });
43
- };
44
-
45
- module.exports = decodeAccessToken;
package/helper/auth/context/auth0/functions/getSessionUser.js DELETED
@@ -1,21 +0,0 @@
1
- const decodeAccessToken = require("./decodeAccessToken");
2
- const { getConfig } = require("../../../../../config");
3
-
4
- // Function to validate the token and extract user information
5
- const getSessionUser = async (token) => {
6
- return new Promise((resolve, reject) => {
7
- decodeAccessToken(token)
8
- .then((claims) => {
9
- return resolve(
10
- claims[getConfig().auth0Config.residentIdClaim] ||
11
- claims[getConfig().auth0Config.staffIdClaim] ||
12
- claims[getConfig().auth0Config.userIdClaim]
13
- );
14
- })
15
- .catch((err) => {
16
- reject(err);
17
- });
18
- });
19
- };
20
-
21
- module.exports = getSessionUser;
package/helper/auth/context/boltonclarke/Strategy.js DELETED
@@ -1,10 +0,0 @@
1
- // auth0Strategy.js
2
- const Auth0Strategy = require("../auth0/Strategy");
3
-
4
- class BoltonClarkeStrategy extends Auth0Strategy {
5
- constructor() {
6
- super();
7
- }
8
- }
9
-
10
- module.exports = BoltonClarkeStrategy;
package/helper/auth/context/cognito/Strategy.js DELETED
@@ -1,12 +0,0 @@
1
- // cognitoStrategy.js
2
- const AuthenticationStrategy = require("../AuthenticationStrategy");
3
- const getSessionUser = require("./functions/getSessionUser");
4
-
5
- class CognitoStrategy extends AuthenticationStrategy {
6
- constructor() {
7
- super();
8
- this.getSessionUser = getSessionUser;
9
- }
10
- }
11
-
12
- module.exports = CognitoStrategy;
package/helper/auth/context/cognito/functions/getSessionUser.js DELETED
@@ -1,76 +0,0 @@
1
- const https = require("https");
2
- const jose = require("node-jose");
3
-
4
- const { getConfig } = require("../../../../../config");
5
-
6
- module.exports = async (token) => {
7
- return new Promise((resolve, reject) => {
8
- if (!token) {
9
- return resolve(null);
10
- }
11
- var sections = token.split(".");
12
- // get the kid from the headers prior to verification
13
- var header = jose.util.base64url.decode(sections[0]);
14
- header = JSON.parse(header);
15
- var kid = header.kid;
16
- // download the public keys
17
- https.get(getConfig().keys_url, async (response) => {
18
- if (response.statusCode == 200) {
19
- response.on("data", async (body) => {
20
- var keys = JSON.parse(body)["keys"];
21
- // search for the kid in the downloaded public keys
22
- var key_index = -1;
23
- for (var i = 0; i < keys.length; i++) {
24
- if (kid == keys[i].kid) {
25
- key_index = i;
26
- break;
27
- }
28
- }
29
- if (key_index == -1) {
30
- reject();
31
- return;
32
- }
33
- // construct the public key
34
- jose.JWK.asKey(keys[key_index])
35
- .then(async (result) => {
36
- // verify the signature
37
- jose.JWS.createVerify(result)
38
- .verify(token)
39
- .then(async (result2) => {
40
- // now we can use the claims
41
- var claims = JSON.parse(result2.payload);
42
- // additionally we can verify the token expiration
43
- var current_ts = Math.floor(new Date() / 1000);
44
- if (current_ts > claims.exp) {
45
- console.log("Token is expired");
46
- reject("Token is expired");
47
- return;
48
- }
49
-
50
- // const isDisabled = await isUserDisabled(claims.username);
51
-
52
- // if (isDisabled) {
53
- // console.log("User is disabled");
54
- // reject("User is disabled");
55
- // return;
56
- // }
57
-
58
- resolve(claims.username);
59
- })
60
- .catch(async (error) => {
61
- console.log("Signature verification failed", error);
62
- reject("Signature verification failed");
63
- });
64
- })
65
- .catch(async (error) => {
66
- console.log("failed JWK.asKey", error);
67
- reject(error);
68
- });
69
- });
70
- } else {
71
- console.log("failed on response", response);
72
- reject(response);
73
- }
74
- });
75
- });
76
- };