@solidxai/core 0.1.9-beta.8 → 0.1.10-beta.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +89 -0
- package/README.md +3 -1
- package/dist/passport-strategies/facebook-oauth.strategy.d.ts +5 -3
- package/dist/passport-strategies/facebook-oauth.strategy.d.ts.map +1 -1
- package/dist/passport-strategies/facebook-oauth.strategy.js +41 -18
- package/dist/passport-strategies/facebook-oauth.strategy.js.map +1 -1
- package/dist/seeders/seed-data/solid-core-metadata.json +1 -1
- package/dist/services/authentication.service.d.ts +12 -13
- package/dist/services/authentication.service.d.ts.map +1 -1
- package/dist/services/authentication.service.js +40 -16
- package/dist/services/authentication.service.js.map +1 -1
- package/dist/services/settings/default-settings-provider.service.d.ts +16 -0
- package/dist/services/settings/default-settings-provider.service.d.ts.map +1 -1
- package/dist/services/settings/default-settings-provider.service.js +75 -12
- package/dist/services/settings/default-settings-provider.service.js.map +1 -1
- package/dist/services/user.service.d.ts +10 -8
- package/dist/services/user.service.d.ts.map +1 -1
- package/dist/services/user.service.js +85 -46
- package/dist/services/user.service.js.map +1 -1
- package/package.json +2 -2
- package/src/passport-strategies/facebook-oauth.strategy.ts +82 -31
- package/src/seeders/seed-data/solid-core-metadata.json +1 -1
- package/src/services/authentication.service.ts +217 -141
- package/src/services/settings/default-settings-provider.service.ts +80 -17
- package/src/services/user.service.ts +149 -77
- package/dev-grooming-docs/ozzy-prompts.txt +0 -70
package/LICENSE
ADDED
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
Business Source License 1.1
|
|
2
|
+
|
|
3
|
+
License text copyright (c) 2024 MariaDB plc, All Rights Reserved.
|
|
4
|
+
"Business Source License" is a trademark of MariaDB plc.
|
|
5
|
+
|
|
6
|
+
Parameters:
|
|
7
|
+
|
|
8
|
+
Licensor: Logicloop Ventures Limited
|
|
9
|
+
Licensed Work: SolidX Core Module (@solidxai/core)
|
|
10
|
+
Additional Use Grant: Individuals and organizations with total annual revenue
|
|
11
|
+
(including funding) of less than $1,000,000 USD may use
|
|
12
|
+
the Licensed Work for any purpose, including commercial
|
|
13
|
+
production use. Organizations with total annual revenue
|
|
14
|
+
(including funding) of $1,000,000 USD or more must obtain
|
|
15
|
+
a commercial Enterprise License before using the Licensed
|
|
16
|
+
Work in production. Contact https://solidxai.com/contact
|
|
17
|
+
for licensing.
|
|
18
|
+
|
|
19
|
+
"Production use" means any use of the Licensed Work other
|
|
20
|
+
than development, debugging, evaluation, or testing.
|
|
21
|
+
|
|
22
|
+
Change Date: None
|
|
23
|
+
Change License: Apache 2.0
|
|
24
|
+
|
|
25
|
+
Notice:
|
|
26
|
+
|
|
27
|
+
In consideration of the right to use this License's text and the
|
|
28
|
+
"Business Source License" name and trademark, Licensor covenants to MariaDB,
|
|
29
|
+
and to all other recipients of the Licensed Work, that Licensor will:
|
|
30
|
+
|
|
31
|
+
1. Specify as the Change License the Apache License, Version 2.0 or any
|
|
32
|
+
later version, or a license that is compatible with GPL Version 2.0 or
|
|
33
|
+
a later version, where "compatible" means that software provided under
|
|
34
|
+
the Change License can be included in a program with software provided
|
|
35
|
+
under GPL Version 2.0 or a later version. Licensor may specify
|
|
36
|
+
additional Change Licenses without limitation.
|
|
37
|
+
|
|
38
|
+
2. Specify an additional grant of rights to use that does not impose any
|
|
39
|
+
additional restriction on the rights granted in this License, as the
|
|
40
|
+
Additional Use Grant.
|
|
41
|
+
|
|
42
|
+
3. Not modify this License in any other way.
|
|
43
|
+
|
|
44
|
+
Terms
|
|
45
|
+
|
|
46
|
+
The Licensor hereby grants you the right to copy, modify, create derivative
|
|
47
|
+
works, redistribute, and make non-production use of the Licensed Work. The
|
|
48
|
+
Licensor may make an Additional Use Grant, above, permitting limited
|
|
49
|
+
production use.
|
|
50
|
+
|
|
51
|
+
Effective on the Change Date, or the fourth anniversary of the first
|
|
52
|
+
publicly available distribution of a specific version of the Licensed Work
|
|
53
|
+
under this License, whichever comes first, the Licensor hereby grants you
|
|
54
|
+
rights under the terms of the Change License, and the rights granted in the
|
|
55
|
+
paragraph above terminate.
|
|
56
|
+
|
|
57
|
+
If your use of the Licensed Work does not comply with the requirements
|
|
58
|
+
currently in effect as described in this License, you must purchase a
|
|
59
|
+
commercial license from the Licensor, its affiliated entities, or authorized
|
|
60
|
+
resellers, or you must refrain from using the Licensed Work.
|
|
61
|
+
|
|
62
|
+
All copies of the original and modified Licensed Work, and derivative works
|
|
63
|
+
of the Licensed Work, are subject to this License. This License applies
|
|
64
|
+
separately for each version of the Licensed Work and the Change Date may
|
|
65
|
+
vary for each version of the Licensed Work released by Licensor.
|
|
66
|
+
|
|
67
|
+
You must conspicuously display this License on each original or modified copy
|
|
68
|
+
of the Licensed Work. If you receive the Licensed Work in original or
|
|
69
|
+
modified form from a third party, the terms and conditions set forth in this
|
|
70
|
+
License apply to your use of that work.
|
|
71
|
+
|
|
72
|
+
Any use of the Licensed Work in violation of this License will automatically
|
|
73
|
+
terminate your rights under this License for the current and all other
|
|
74
|
+
versions of the Licensed Work.
|
|
75
|
+
|
|
76
|
+
This License does not grant you any right in any trademark or logo of
|
|
77
|
+
Licensor or its affiliates (provided that you may use a trademark or logo of
|
|
78
|
+
Licensor as expressly required by this License).
|
|
79
|
+
|
|
80
|
+
TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
|
|
81
|
+
AN "AS IS" BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
|
|
82
|
+
EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
|
|
83
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
|
|
84
|
+
TITLE.
|
|
85
|
+
|
|
86
|
+
For complete terms and conditions, see https://solidxai.com/terms.
|
|
87
|
+
|
|
88
|
+
For questions about licensing, contact support@solidxai.com or visit
|
|
89
|
+
https://solidxai.com/contact.
|
package/README.md
CHANGED
|
@@ -5,8 +5,9 @@
|
|
|
5
5
|
`@solidxai/core` is the backend engine that powers every [SolidX](https://solidxai.com) application. It is a global NestJS module that wires up a complete, production-ready backend infrastructure — authentication, security, metadata-driven CRUD APIs, notifications, queues, storage providers, dashboards, and more — so you can focus on your business logic rather than rebuilding the same plumbing from scratch.
|
|
6
6
|
|
|
7
7
|
[](https://www.npmjs.com/package/@solidxai/core)
|
|
8
|
-
[](https://
|
|
8
|
+
[](https://mariadb.com/bsl11/)
|
|
9
9
|
[](https://docs.solidxai.com/docs)
|
|
10
|
+
[](https://discord.gg/ATQW4CEksA)
|
|
10
11
|
|
|
11
12
|
|
|
12
13
|
## Why @solidxai/core?
|
|
@@ -188,6 +189,7 @@ The output is not locked into a proprietary runtime. It runs on the same stack y
|
|
|
188
189
|
|---|---|
|
|
189
190
|
| Website | [solidxai.com](https://solidxai.com) |
|
|
190
191
|
| Documentation | [docs.solidxai.com](https://docs.solidxai.com/docs) |
|
|
192
|
+
| Discord | [discord.gg/ATQW4CEksA](https://discord.gg/ATQW4CEksA) |
|
|
191
193
|
| Support | support@solidxai.com |
|
|
192
194
|
|
|
193
195
|
---
|
|
@@ -1,13 +1,15 @@
|
|
|
1
|
-
import { Strategy } from
|
|
2
|
-
import {
|
|
1
|
+
import { Strategy } from "passport-facebook";
|
|
2
|
+
import { SettingService } from "../services/setting.service";
|
|
3
|
+
import { UserService } from "../services/user.service";
|
|
3
4
|
declare const FacebookOauthGuard_base: import("@nestjs/passport").Type<import("@nestjs/passport").IAuthGuard>;
|
|
4
5
|
export declare class FacebookOauthGuard extends FacebookOauthGuard_base {
|
|
5
6
|
}
|
|
6
7
|
declare const FacebookOAuthStrategy_base: new (...args: any[]) => Strategy;
|
|
7
8
|
export declare class FacebookOAuthStrategy extends FacebookOAuthStrategy_base {
|
|
8
9
|
private readonly userService;
|
|
10
|
+
private readonly settingService;
|
|
9
11
|
private readonly logger;
|
|
10
|
-
constructor(userService: UserService);
|
|
12
|
+
constructor(userService: UserService, settingService: SettingService);
|
|
11
13
|
validate(_accessToken: string, _refreshToken: string, profile: any, done: any): Promise<any>;
|
|
12
14
|
}
|
|
13
15
|
export {};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"facebook-oauth.strategy.d.ts","sourceRoot":"","sources":["../../src/passport-strategies/facebook-oauth.strategy.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;
|
|
1
|
+
{"version":3,"file":"facebook-oauth.strategy.d.ts","sourceRoot":"","sources":["../../src/passport-strategies/facebook-oauth.strategy.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAO7C,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC7D,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;;AAMvD,qBACa,kBAAmB,SAAQ,uBAAqB;CAAG;;AAEhE,qBACa,qBAAsB,SAAQ,0BAG1C;IAIG,OAAO,CAAC,QAAQ,CAAC,WAAW;IAC5B,OAAO,CAAC,QAAQ,CAAC,cAAc;IAJjC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA0C;gBAG9C,WAAW,EAAE,WAAW,EACxB,cAAc,EAAE,cAAc;IAgD3C,QAAQ,CACZ,YAAY,EAAE,MAAM,EACpB,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,GAAG,EACZ,IAAI,EAAE,GAAG,GACR,OAAO,CAAC,GAAG,CAAC;CAiChB"}
|
|
@@ -16,43 +16,65 @@ const passport_1 = require("@nestjs/passport");
|
|
|
16
16
|
const passport_facebook_1 = require("passport-facebook");
|
|
17
17
|
const facebook_oauth_helper_1 = require("../helpers/facebook-oauth.helper");
|
|
18
18
|
const uuid_1 = require("uuid");
|
|
19
|
+
const setting_service_1 = require("../services/setting.service");
|
|
19
20
|
const user_service_1 = require("../services/user.service");
|
|
20
|
-
const DUMMY_CLIENT_ID =
|
|
21
|
-
const DUMMY_CLIENT_SECRET =
|
|
22
|
-
const DUMMY_CALLBACK_URL =
|
|
23
|
-
let FacebookOauthGuard = class FacebookOauthGuard extends (0, passport_1.AuthGuard)(
|
|
21
|
+
const DUMMY_CLIENT_ID = "DUMMY_CLIENT_ID";
|
|
22
|
+
const DUMMY_CLIENT_SECRET = "DUMMY_CLIENT_SECRET";
|
|
23
|
+
const DUMMY_CALLBACK_URL = "DUMMY_CALLBACK_URL";
|
|
24
|
+
let FacebookOauthGuard = class FacebookOauthGuard extends (0, passport_1.AuthGuard)("facebook") {
|
|
24
25
|
};
|
|
25
26
|
exports.FacebookOauthGuard = FacebookOauthGuard;
|
|
26
27
|
exports.FacebookOauthGuard = FacebookOauthGuard = __decorate([
|
|
27
28
|
(0, common_1.Injectable)()
|
|
28
29
|
], FacebookOauthGuard);
|
|
29
|
-
let FacebookOAuthStrategy = FacebookOAuthStrategy_1 = class FacebookOAuthStrategy extends (0, passport_1.PassportStrategy)(passport_facebook_1.Strategy,
|
|
30
|
-
constructor(userService) {
|
|
31
|
-
const clientID =
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
const
|
|
30
|
+
let FacebookOAuthStrategy = FacebookOAuthStrategy_1 = class FacebookOAuthStrategy extends (0, passport_1.PassportStrategy)(passport_facebook_1.Strategy, "facebook") {
|
|
31
|
+
constructor(userService, settingService) {
|
|
32
|
+
const clientID = settingService.getConfigValue("FACEBOOK_CLIENT_ID") ??
|
|
33
|
+
process.env.IAM_FACEBOOK_OAUTH_CLIENT_ID ??
|
|
34
|
+
DUMMY_CLIENT_ID;
|
|
35
|
+
const clientSecret = settingService.getConfigValue("FACEBOOK_CLIENT_SECRET") ??
|
|
36
|
+
process.env.IAM_FACEBOOK_OAUTH_CLIENT_SECRET ??
|
|
37
|
+
DUMMY_CLIENT_SECRET;
|
|
38
|
+
const callbackURL = settingService.getConfigValue("FACEBOOK_CALLBACK_URL") ??
|
|
39
|
+
process.env.IAM_FACEBOOK_OAUTH_CALLBACK_URL ??
|
|
40
|
+
DUMMY_CALLBACK_URL;
|
|
41
|
+
const redirectURL = settingService.getConfigValue("FACEBOOK_REDIRECT_URL") ?? process.env.IAM_FACEBOOK_OAUTH_REDIRECT_URL;
|
|
35
42
|
super({
|
|
36
43
|
clientID,
|
|
37
44
|
clientSecret,
|
|
38
45
|
callbackURL,
|
|
39
|
-
scope: [
|
|
40
|
-
profileFields: [
|
|
46
|
+
scope: ["email"],
|
|
47
|
+
profileFields: ["id", "name", "email", "picture.type(large)"],
|
|
41
48
|
});
|
|
42
49
|
this.userService = userService;
|
|
50
|
+
this.settingService = settingService;
|
|
43
51
|
this.logger = new common_1.Logger(FacebookOAuthStrategy_1.name);
|
|
44
|
-
const facebookOauth = {
|
|
52
|
+
const facebookOauth = {
|
|
53
|
+
clientID,
|
|
54
|
+
clientSecret,
|
|
55
|
+
callbackURL,
|
|
56
|
+
redirectURL,
|
|
57
|
+
};
|
|
45
58
|
if (!(0, facebook_oauth_helper_1.isFacebookOAuthConfigured)(facebookOauth)) {
|
|
46
|
-
this.logger.debug(
|
|
59
|
+
this.logger.debug("Facebook OAuth strategy is not configured");
|
|
60
|
+
}
|
|
61
|
+
else {
|
|
62
|
+
this.logger.debug(`Facebook OAuth configured with callbackURL=${callbackURL}`);
|
|
47
63
|
}
|
|
48
64
|
}
|
|
49
65
|
async validate(_accessToken, _refreshToken, profile, done) {
|
|
50
66
|
const { id, name, emails, photos } = profile;
|
|
51
67
|
const loginAccessCode = (0, uuid_1.v4)();
|
|
68
|
+
const email = emails && emails.length > 0 ? emails[0].value : null;
|
|
69
|
+
const firstName = name?.givenName || "";
|
|
70
|
+
const lastName = name?.familyName || "";
|
|
71
|
+
const fullName = firstName || lastName
|
|
72
|
+
? `${firstName} ${lastName}`.trim()
|
|
73
|
+
: profile.displayName;
|
|
52
74
|
const user = {
|
|
53
|
-
provider:
|
|
75
|
+
provider: "facebook",
|
|
54
76
|
providerId: id,
|
|
55
|
-
email:
|
|
77
|
+
email: email,
|
|
56
78
|
name: `${name.givenName} ${name.familyName}`,
|
|
57
79
|
picture: photos?.[0]?.value,
|
|
58
80
|
accessCode: loginAccessCode,
|
|
@@ -60,7 +82,7 @@ let FacebookOAuthStrategy = FacebookOAuthStrategy_1 = class FacebookOAuthStrateg
|
|
|
60
82
|
await this.userService.resolveUserOnOauthFacebook({
|
|
61
83
|
...user,
|
|
62
84
|
accessToken: _accessToken,
|
|
63
|
-
refreshToken: null
|
|
85
|
+
refreshToken: null,
|
|
64
86
|
});
|
|
65
87
|
done(null, user);
|
|
66
88
|
}
|
|
@@ -68,6 +90,7 @@ let FacebookOAuthStrategy = FacebookOAuthStrategy_1 = class FacebookOAuthStrateg
|
|
|
68
90
|
exports.FacebookOAuthStrategy = FacebookOAuthStrategy;
|
|
69
91
|
exports.FacebookOAuthStrategy = FacebookOAuthStrategy = FacebookOAuthStrategy_1 = __decorate([
|
|
70
92
|
(0, common_1.Injectable)(),
|
|
71
|
-
__metadata("design:paramtypes", [user_service_1.UserService
|
|
93
|
+
__metadata("design:paramtypes", [user_service_1.UserService,
|
|
94
|
+
setting_service_1.SettingService])
|
|
72
95
|
], FacebookOAuthStrategy);
|
|
73
96
|
//# sourceMappingURL=facebook-oauth.strategy.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"facebook-oauth.strategy.js","sourceRoot":"","sources":["../../src/passport-strategies/facebook-oauth.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,2CAAoD;AACpD,+CAA+D;AAC/D,yDAA6C;AAC7C,
|
|
1
|
+
{"version":3,"file":"facebook-oauth.strategy.js","sourceRoot":"","sources":["../../src/passport-strategies/facebook-oauth.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,2CAAoD;AACpD,+CAA+D;AAC/D,yDAA6C;AAC7C,4EAG2C;AAC3C,+BAAkC;AAElC,iEAA6D;AAC7D,2DAAuD;AAEvD,MAAM,eAAe,GAAG,iBAAiB,CAAC;AAC1C,MAAM,mBAAmB,GAAG,qBAAqB,CAAC;AAClD,MAAM,kBAAkB,GAAG,oBAAoB,CAAC;AAGzC,IAAM,kBAAkB,GAAxB,MAAM,kBAAmB,SAAQ,IAAA,oBAAS,EAAC,UAAU,CAAC;CAAG,CAAA;AAAnD,gDAAkB;6BAAlB,kBAAkB;IAD9B,IAAA,mBAAU,GAAE;GACA,kBAAkB,CAAiC;AAGzD,IAAM,qBAAqB,6BAA3B,MAAM,qBAAsB,SAAQ,IAAA,2BAAgB,EACzD,4BAAQ,EACR,UAAU,CACX;IAGC,YACmB,WAAwB,EACxB,cAA8B;QAG/C,MAAM,QAAQ,GACZ,cAAc,CAAC,cAAc,CAAmB,oBAAoB,CAAC;YACrE,OAAO,CAAC,GAAG,CAAC,4BAA4B;YACxC,eAAe,CAAC;QAClB,MAAM,YAAY,GAChB,cAAc,CAAC,cAAc,CAC3B,wBAAwB,CACzB;YACD,OAAO,CAAC,GAAG,CAAC,gCAAgC;YAC5C,mBAAmB,CAAC;QACtB,MAAM,WAAW,GACf,cAAc,CAAC,cAAc,CAC3B,uBAAuB,CACxB;YACD,OAAO,CAAC,GAAG,CAAC,+BAA+B;YAC3C,kBAAkB,CAAC;QACrB,MAAM,WAAW,GACf,cAAc,CAAC,cAAc,CAC3B,uBAAuB,CACxB,IAAI,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC;QAEnD,KAAK,CAAC;YACJ,QAAQ;YACR,YAAY;YACZ,WAAW;YACX,KAAK,EAAE,CAAC,OAAO,CAAC;YAEhB,aAAa,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,qBAAqB,CAAC;SAC9D,CAAC,CAAC;QAhCc,gBAAW,GAAX,WAAW,CAAa;QACxB,mBAAc,GAAd,cAAc,CAAgB;QAJhC,WAAM,GAAG,IAAI,eAAM,CAAC,uBAAqB,CAAC,IAAI,CAAC,CAAC;QAqC/D,MAAM,aAAa,GAA8B;YAC/C,QAAQ;YACR,YAAY;YACZ,WAAW;YACX,WAAW;SACZ,CAAC;QACF,IAAI,CAAC,IAAA,iDAAyB,EAAC,aAAa,CAAC,EAAE,CAAC;YAC9C,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC;QACjE,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,8CAA8C,WAAW,EAAE,CAC5D,CAAC;QACJ,CAAC;IACH,CAAC;IAED,KAAK,CAAC,QAAQ,CACZ,YAAoB,EACpB,aAAqB,EACrB,OAAY,EACZ,IAAS;QAET,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QAG7C,MAAM,eAAe,GAAW,IAAA,SAAI,GAAE,CAAC;QAEvC,MAAM,KAAK,GAAG,MAAM,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;QAEnE,MAAM,SAAS,GAAG,IAAI,EAAE,SAAS,IAAI,EAAE,CAAC;QACxC,MAAM,QAAQ,GAAG,IAAI,EAAE,UAAU,IAAI,EAAE,CAAC;QACxC,MAAM,QAAQ,GACZ,SAAS,IAAI,QAAQ;YACnB,CAAC,CAAC,GAAG,SAAS,IAAI,QAAQ,EAAE,CAAC,IAAI,EAAE;YACnC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;QAE1B,MAAM,IAAI,GAAG;YACX,QAAQ,EAAE,UAAU;YACpB,UAAU,EAAE,EAAE;YACd,KAAK,EAAE,KAAK;YACZ,IAAI,EAAE,GAAG,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,UAAU,EAAE;YAC5C,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK;YAC3B,UAAU,EAAE,eAAe;SAC5B,CAAC;QAGF,MAAM,IAAI,CAAC,WAAW,CAAC,0BAA0B,CAAC;YAChD,GAAG,IAAI;YACP,WAAW,EAAE,YAAY;YACzB,YAAY,EAAE,IAAI;SACnB,CAAC,CAAC;QAEH,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACnB,CAAC;CACF,CAAA;AA9FY,sDAAqB;gCAArB,qBAAqB;IADjC,IAAA,mBAAU,GAAE;qCAQqB,0BAAW;QACR,gCAAc;GARtC,qBAAqB,CA8FjC","sourcesContent":["import { Injectable, Logger } from \"@nestjs/common\";\nimport { AuthGuard, PassportStrategy } from \"@nestjs/passport\";\nimport { Strategy } from \"passport-facebook\";\nimport {\n FacebookAuthConfiguration,\n isFacebookOAuthConfigured,\n} from \"src/helpers/facebook-oauth.helper\";\nimport { v4 as uuid } from \"uuid\";\nimport type { SolidCoreSetting } from \"../services/settings/default-settings-provider.service\";\nimport { SettingService } from \"../services/setting.service\";\nimport { UserService } from \"../services/user.service\";\n\nconst DUMMY_CLIENT_ID = \"DUMMY_CLIENT_ID\";\nconst DUMMY_CLIENT_SECRET = \"DUMMY_CLIENT_SECRET\";\nconst DUMMY_CALLBACK_URL = \"DUMMY_CALLBACK_URL\";\n\n@Injectable()\nexport class FacebookOauthGuard extends AuthGuard(\"facebook\") {}\n\n@Injectable()\nexport class FacebookOAuthStrategy extends PassportStrategy(\n Strategy,\n \"facebook\",\n) {\n private readonly logger = new Logger(FacebookOAuthStrategy.name);\n\n constructor(\n private readonly userService: UserService,\n private readonly settingService: SettingService,\n ) {\n // Prefer settings cache (same source used by controller validation), fall back to env.\n const clientID =\n settingService.getConfigValue<SolidCoreSetting>(\"FACEBOOK_CLIENT_ID\") ??\n process.env.IAM_FACEBOOK_OAUTH_CLIENT_ID ??\n DUMMY_CLIENT_ID;\n const clientSecret =\n settingService.getConfigValue<SolidCoreSetting>(\n \"FACEBOOK_CLIENT_SECRET\",\n ) ??\n process.env.IAM_FACEBOOK_OAUTH_CLIENT_SECRET ??\n DUMMY_CLIENT_SECRET;\n const callbackURL =\n settingService.getConfigValue<SolidCoreSetting>(\n \"FACEBOOK_CALLBACK_URL\",\n ) ??\n process.env.IAM_FACEBOOK_OAUTH_CALLBACK_URL ??\n DUMMY_CALLBACK_URL;\n const redirectURL =\n settingService.getConfigValue<SolidCoreSetting>(\n \"FACEBOOK_REDIRECT_URL\",\n ) ?? process.env.IAM_FACEBOOK_OAUTH_REDIRECT_URL;\n\n super({\n clientID,\n clientSecret,\n callbackURL,\n scope: [\"email\"],\n // Facebook Graph API expects \"email\" and \"picture\", not \"emails\"/\"photos\".\n profileFields: [\"id\", \"name\", \"email\", \"picture.type(large)\"],\n });\n\n const facebookOauth: FacebookAuthConfiguration = {\n clientID,\n clientSecret,\n callbackURL,\n redirectURL,\n };\n if (!isFacebookOAuthConfigured(facebookOauth)) {\n this.logger.debug(\"Facebook OAuth strategy is not configured\");\n } else {\n this.logger.debug(\n `Facebook OAuth configured with callbackURL=${callbackURL}`,\n );\n }\n }\n\n async validate(\n _accessToken: string,\n _refreshToken: string,\n profile: any,\n done: any,\n ): Promise<any> {\n const { id, name, emails, photos } = profile;\n\n // generate a unique access code.\n const loginAccessCode: string = uuid();\n\n const email = emails && emails.length > 0 ? emails[0].value : null;\n\n const firstName = name?.givenName || \"\";\n const lastName = name?.familyName || \"\";\n const fullName =\n firstName || lastName\n ? `${firstName} ${lastName}`.trim()\n : profile.displayName;\n\n const user = {\n provider: \"facebook\",\n providerId: id,\n email: email,\n name: `${name.givenName} ${name.familyName}`,\n picture: photos?.[0]?.value,\n accessCode: loginAccessCode,\n };\n\n // store the access code and the access token in the database.\n await this.userService.resolveUserOnOauthFacebook({\n ...user,\n accessToken: _accessToken,\n refreshToken: null,\n });\n\n done(null, user);\n }\n}\n"]}
|
|
@@ -1,10 +1,9 @@
|
|
|
1
1
|
import { HttpService } from "@nestjs/axios";
|
|
2
2
|
import { EventEmitter2 } from "@nestjs/event-emitter";
|
|
3
3
|
import { JwtService } from "@nestjs/jwt";
|
|
4
|
-
import { CreateUserDto } from "../dtos/create-user.dto";
|
|
5
4
|
import { MailFactory } from "../factories/mail.factory";
|
|
6
5
|
import { UserRepository } from "../repository/user.repository";
|
|
7
|
-
import { DataSource, Repository } from "typeorm";
|
|
6
|
+
import { DataSource, DeepPartial, Repository } from "typeorm";
|
|
8
7
|
import { ChangePasswordDto } from "../dtos/change-password.dto";
|
|
9
8
|
import { ConfirmForgotPasswordDto } from "../dtos/confirm-forgot-password.dto";
|
|
10
9
|
import { InitiateForgotPasswordDto } from "../dtos/initiate-forgot-password.dto";
|
|
@@ -15,16 +14,16 @@ import { RefreshTokenDto } from "../dtos/refresh-token.dto";
|
|
|
15
14
|
import { SignInDto } from "../dtos/sign-in.dto";
|
|
16
15
|
import { SignUpDto } from "../dtos/sign-up.dto";
|
|
17
16
|
import { User } from "../entities/user.entity";
|
|
18
|
-
import { ActiveUserData } from
|
|
19
|
-
import { HashingService } from
|
|
20
|
-
import { RefreshTokenIdsStorageService } from
|
|
21
|
-
import { SsoCodeStorageService } from
|
|
22
|
-
import { RoleMetadataService } from
|
|
23
|
-
import { SettingService } from
|
|
24
|
-
import { UserActivityHistoryService } from
|
|
25
|
-
import { UserService } from
|
|
26
|
-
import { SmsFactory } from
|
|
27
|
-
import { SolidRegistry } from
|
|
17
|
+
import { ActiveUserData } from "../interfaces/active-user-data.interface";
|
|
18
|
+
import { HashingService } from "./hashing.service";
|
|
19
|
+
import { RefreshTokenIdsStorageService } from "./refresh-token-ids-storage.service";
|
|
20
|
+
import { SsoCodeStorageService } from "./sso-code-storage.service";
|
|
21
|
+
import { RoleMetadataService } from "./role-metadata.service";
|
|
22
|
+
import { SettingService } from "./setting.service";
|
|
23
|
+
import { UserActivityHistoryService } from "./user-activity-history.service";
|
|
24
|
+
import { UserService } from "./user.service";
|
|
25
|
+
import { SmsFactory } from "../factories/sms.factory";
|
|
26
|
+
import { SolidRegistry } from "../helpers/solid-registry";
|
|
28
27
|
export declare class AuthenticationService {
|
|
29
28
|
private readonly userService;
|
|
30
29
|
private readonly userRepository;
|
|
@@ -52,7 +51,7 @@ export declare class AuthenticationService {
|
|
|
52
51
|
private static readonly SIGNUP_DTO_KEYS;
|
|
53
52
|
signUp(signUpDto: SignUpDto & Record<string, any>, activeUser?: ActiveUserData): Promise<User>;
|
|
54
53
|
private performSignUp;
|
|
55
|
-
signupForExtensionUser<T extends User
|
|
54
|
+
signupForExtensionUser<T extends User>(signUpDto: SignUpDto, extensionUserDto: DeepPartial<T>, extensionUserRepo: Repository<T>): Promise<T>;
|
|
56
55
|
private populateForSignup;
|
|
57
56
|
private handlePostSignup;
|
|
58
57
|
generatePassword(length?: number): string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authentication.service.d.ts","sourceRoot":"","sources":["../../src/services/authentication.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAY5C,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"authentication.service.d.ts","sourceRoot":"","sources":["../../src/services/authentication.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAY5C,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAOzC,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAChE,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAO9D,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAChE,OAAO,EAAE,wBAAwB,EAAE,MAAM,qCAAqC,CAAC;AAC/E,OAAO,EAAE,yBAAyB,EAAE,MAAM,sCAAsC,CAAC;AACjF,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAC5D,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAChD,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAChD,OAAO,EAAE,IAAI,EAAE,MAAM,yBAAyB,CAAC;AAE/C,OAAO,EAAE,cAAc,EAAE,MAAM,0CAA0C,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EAEL,6BAA6B,EAC9B,MAAM,qCAAqC,CAAC;AAC7C,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACnE,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAC7E,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AACvD,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAa3D,qBACa,qBAAqB;IAI9B,OAAO,CAAC,QAAQ,CAAC,WAAW;IAE5B,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,sBAAsB;IACvC,OAAO,CAAC,QAAQ,CAAC,WAAW;IAE5B,OAAO,CAAC,QAAQ,CAAC,kBAAkB;IAEnC,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,YAAY;IAC7B,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IACpC,OAAO,CAAC,QAAQ,CAAC,0BAA0B;IAC3C,OAAO,CAAC,QAAQ,CAAC,cAAc;IAG/B,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,aAAa;IAtBhC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA0C;gBAG9C,WAAW,EAAE,WAAW,EAExB,cAAc,EAAE,cAAc,EAC9B,cAAc,EAAE,cAAc,EAC9B,UAAU,EAAE,UAAU,EACtB,sBAAsB,EAAE,6BAA6B,EACrD,WAAW,EAAE,WAAW,EAExB,kBAAkB,EAAE,WAAW,EAE/B,UAAU,EAAE,UAAU,EACtB,YAAY,EAAE,aAAa,EAC3B,cAAc,EAAE,cAAc,EAC9B,mBAAmB,EAAE,mBAAmB,EACxC,0BAA0B,EAAE,0BAA0B,EACtD,cAAc,EAAE,qBAAqB,EAGrC,UAAU,EAAE,UAAU,EACtB,aAAa,EAAE,aAAa;YAKjC,cAAc;IAItB,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM;IAS3C,qBAAqB,CAAC,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM;IAcrD,8BAA8B,CAAC,KAAK,EAAE,MAAM;YAOpC,4BAA4B;YAmB5B,wBAAwB;IAWtC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,eAAe,CAQpC;IAEG,MAAM,CACV,SAAS,EAAE,SAAS,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAC1C,UAAU,GAAE,cAAqB,GAChC,OAAO,CAAC,IAAI,CAAC;YAsBF,aAAa;IAqDrB,sBAAsB,CAAC,CAAC,SAAS,IAAI,EACzC,SAAS,EAAE,SAAS,EACpB,gBAAgB,EAAE,WAAW,CAAC,CAAC,CAAC,EAChC,iBAAiB,EAAE,UAAU,CAAC,CAAC,CAAC,GAC/B,OAAO,CAAC,CAAC,CAAC;YAKC,iBAAiB;YAmEjB,gBAAgB;IAkB9B,gBAAgB,CAAC,MAAM,GAAE,MAAU,GAAG,MAAM;YAiB9B,+BAA+B;YAkC/B,qBAAqB;YAQrB,mBAAmB;YAQnB,kBAAkB;IAwD1B,uBAAuB,CAAC,SAAS,EAAE,YAAY;;;IAkCrD,OAAO,CAAC,4BAA4B;YAsBtB,4BAA4B;IAa1C,OAAO,CAAC,mCAAmC;YAM7B,4CAA4C;IAuB1D,OAAO,CAAC,UAAU;YAWJ,qBAAqB;YAqCrB,mCAAmC;IA0D3C,sBAAsB,CAAC,gBAAgB,EAAE,gBAAgB;;;;YAoCjD,gCAAgC;IAe9C,OAAO,CAAC,uBAAuB;IAqB/B,OAAO,CAAC,oBAAoB;IAe5B,OAAO,CAAC,wBAAwB;YAMlB,uDAAuD;YAwBvD,GAAG;IAWjB,OAAO,CAAC,kBAAkB;IAiB1B,OAAO,CAAC,gBAAgB;IAclB,MAAM,CAAC,SAAS,EAAE,SAAS;;;;;;;;;;;;IA0BjC,OAAO,CAAC,SAAS;IAajB,OAAO,CAAC,UAAU;IAWZ,gBAAgB,CAAC,SAAS,EAAE,YAAY;;;;;;;;;;IAmB9C,OAAO,CAAC,gBAAgB;YA2BV,gBAAgB;YAsBhB,cAAc;IAsB5B,OAAO,CAAC,qBAAqB;YAcf,6BAA6B;IAqDrC,eAAe,CAAC,gBAAgB,EAAE,gBAAgB;;;;;;;;;;;;IA2CxD,OAAO,CAAC,gBAAgB;YAqBV,aAAa;IA2B3B,OAAO,CAAC,gBAAgB;YAMV,uBAAuB;IAK/B,cAAc,CAClB,iBAAiB,EAAE,iBAAiB,EACpC,UAAU,EAAE,cAAc;YA0Dd,2BAA2B;IAiBnC,sBAAsB,CAC1B,yBAAyB,EAAE,yBAAyB;;;;;;;;;;;YAsDxC,0BAA0B;IA8DlC,qBAAqB,CACzB,wBAAwB,EAAE,wBAAwB;;;;;;;YA+DtC,2BAA2B;IA8DnC,cAAc,CAAC,IAAI,EAAE,IAAI;;;;IAYzB,mBAAmB,CAAC,IAAI,EAAE,IAAI;IAe9B,oBAAoB,CAAC,IAAI,EAAE,IAAI,EAAE,oBAAoB,CAAC,EAAE,MAAM;IAkB9D,aAAa,CAAC,eAAe,EAAE,eAAe;;;;YA4DtC,SAAS;IAuBjB,uBAAuB,CAAC,IAAI,EAAE,IAAI;IAyBlC,iBAAiB,CAAC,UAAU,EAAE,MAAM;;;;;;;;;;;IAqCpC,yBAAyB,CAAC,IAAI,EAAE,IAAI;IAiCpC,mBAAmB,CAAC,UAAU,EAAE,MAAM;;;;;;;;;;;IAoCtC,0BAA0B,CAAC,IAAI,EAAE,IAAI;IA0BrC,oBAAoB,CAAC,UAAU,EAAE,MAAM;;;;;;;;;;;IAoCvC,gBAAgB,CAAC,UAAU,EAAE,MAAM;;;;;;;;;;;YAkC3B,iCAAiC;IAO/C,OAAO,CAAC,mBAAmB;YAab,uBAAuB;YAQvB,mBAAmB;IAa3B,MAAM,CAAC,YAAY,EAAE,MAAM;;;IAuC3B,YAAY,CAAC,MAAM,EAAE,MAAM;IAS3B,EAAE,CAAC,UAAU,EAAE,cAAc;;;;;;;;;;IA+B7B,eAAe,CACnB,UAAU,EAAE,cAAc,EAC1B,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC;QAAE,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;IAgBzB,eAAe,CAAC,IAAI,EAAE,MAAM;;;;;;;;;;;;CAYnC"}
|
|
@@ -111,11 +111,11 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
111
111
|
}
|
|
112
112
|
}
|
|
113
113
|
async signUp(signUpDto, activeUser = null) {
|
|
114
|
-
const hasExtensionFields = Object.keys(signUpDto).some(k => !AuthenticationService_1.SIGNUP_DTO_KEYS.has(k));
|
|
114
|
+
const hasExtensionFields = Object.keys(signUpDto).some((k) => !AuthenticationService_1.SIGNUP_DTO_KEYS.has(k));
|
|
115
115
|
if (hasExtensionFields) {
|
|
116
116
|
const provider = this.solidRegistry.getExtensionUserCreationProvider();
|
|
117
117
|
if (!provider) {
|
|
118
|
-
throw new common_1.InternalServerErrorException(
|
|
118
|
+
throw new common_1.InternalServerErrorException("No ExtensionUserCreationProvider registered. Register one to handle extension user creation.");
|
|
119
119
|
}
|
|
120
120
|
const entity = await provider.buildExtensionEntity(signUpDto);
|
|
121
121
|
const effectiveDto = { ...signUpDto, roles: provider.roles(signUpDto) };
|
|
@@ -125,9 +125,9 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
125
125
|
}
|
|
126
126
|
async performSignUp(signUpDto, entity, repo) {
|
|
127
127
|
try {
|
|
128
|
-
const onForcePasswordChange = this.settingService.getConfigValue(
|
|
129
|
-
const activateUserOnRegistration = this.settingService.getConfigValue(
|
|
130
|
-
const defaultRole = this.settingService.getConfigValue(
|
|
128
|
+
const onForcePasswordChange = this.settingService.getConfigValue("forceChangePasswordOnFirstLogin");
|
|
129
|
+
const activateUserOnRegistration = this.settingService.getConfigValue("activateUserOnRegistration");
|
|
130
|
+
const defaultRole = this.settingService.getConfigValue("defaultRole");
|
|
131
131
|
var { user, pwd, autoGeneratedPwd } = await this.populateForSignup(entity, signUpDto, activateUserOnRegistration, onForcePasswordChange);
|
|
132
132
|
const privateDto = signUpDto;
|
|
133
133
|
if (privateDto.isAllowedToGenerateApiKeys !== undefined) {
|
|
@@ -135,14 +135,16 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
135
135
|
}
|
|
136
136
|
const savedUser = await repo.save(user);
|
|
137
137
|
const userRoles = signUpDto.roles ?? [];
|
|
138
|
-
if ((signUpDto.roles?.length ?? 0) === 0 &&
|
|
138
|
+
if ((signUpDto.roles?.length ?? 0) === 0 &&
|
|
139
|
+
signUpDto.username !== "sa" &&
|
|
140
|
+
defaultRole) {
|
|
139
141
|
userRoles.push(defaultRole);
|
|
140
142
|
}
|
|
141
143
|
await this.handlePostSignup(savedUser, userRoles, pwd, autoGeneratedPwd);
|
|
142
144
|
return savedUser;
|
|
143
145
|
}
|
|
144
146
|
catch (err) {
|
|
145
|
-
const pgUniqueViolationErrorCode =
|
|
147
|
+
const pgUniqueViolationErrorCode = "23505";
|
|
146
148
|
if (err.code === pgUniqueViolationErrorCode) {
|
|
147
149
|
throw new common_1.ConflictException(parseUniqueConstraintError(err.detail || error_messages_1.ERROR_MESSAGES.UNIQUE_CONSTRAINT_VIOLATION));
|
|
148
150
|
}
|
|
@@ -150,7 +152,7 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
150
152
|
}
|
|
151
153
|
}
|
|
152
154
|
async signupForExtensionUser(signUpDto, extensionUserDto, extensionUserRepo) {
|
|
153
|
-
const entity = extensionUserRepo.
|
|
155
|
+
const entity = extensionUserRepo.create(extensionUserDto);
|
|
154
156
|
return this.performSignUp(signUpDto, entity, extensionUserRepo);
|
|
155
157
|
}
|
|
156
158
|
async populateForSignup(user, signUpDto, isUserActive = true, onForcePasswordChange) {
|
|
@@ -312,7 +314,7 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
312
314
|
user.active = false;
|
|
313
315
|
await this.assignRegistrationOtp(validationSource, user);
|
|
314
316
|
await this.userRepository.save(user);
|
|
315
|
-
await this.userService.addRoleToUser(user.username, this.settingService.getConfigValue(
|
|
317
|
+
await this.userService.addRoleToUser(user.username, this.settingService.getConfigValue("defaultRole"));
|
|
316
318
|
}
|
|
317
319
|
else {
|
|
318
320
|
await this.assignRegistrationOtp(validationSource, user);
|
|
@@ -1018,8 +1020,16 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
1018
1020
|
};
|
|
1019
1021
|
}
|
|
1020
1022
|
async validateUserUsingFacebook(user) {
|
|
1023
|
+
if (!user.facebookAccessToken || !user.facebookId) {
|
|
1024
|
+
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.USER_NOT_FOUND);
|
|
1025
|
+
}
|
|
1021
1026
|
try {
|
|
1022
|
-
const response = await this.httpService.axiosRef.get(`https://graph.facebook.com/me
|
|
1027
|
+
const response = await this.httpService.axiosRef.get(`https://graph.facebook.com/me`, {
|
|
1028
|
+
params: { fields: "id,name,email" },
|
|
1029
|
+
headers: {
|
|
1030
|
+
Authorization: `Bearer ${user.facebookAccessToken}`,
|
|
1031
|
+
},
|
|
1032
|
+
});
|
|
1023
1033
|
const userProfile = response.data;
|
|
1024
1034
|
if (userProfile.id === user.facebookId &&
|
|
1025
1035
|
(!user.email || !userProfile.email || userProfile.email === user.email)) {
|
|
@@ -1030,7 +1040,10 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
1030
1040
|
}
|
|
1031
1041
|
}
|
|
1032
1042
|
catch (error) {
|
|
1033
|
-
|
|
1043
|
+
if (error instanceof common_1.UnauthorizedException) {
|
|
1044
|
+
throw error;
|
|
1045
|
+
}
|
|
1046
|
+
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.USER_NOT_FOUND);
|
|
1034
1047
|
}
|
|
1035
1048
|
}
|
|
1036
1049
|
async signInUsingFacebook(accessCode) {
|
|
@@ -1216,7 +1229,7 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
1216
1229
|
mobile: user.mobile,
|
|
1217
1230
|
username: user.username,
|
|
1218
1231
|
id: user.id,
|
|
1219
|
-
roles: user.roles.map((role) => role.name)
|
|
1232
|
+
roles: user.roles.map((role) => role.name),
|
|
1220
1233
|
},
|
|
1221
1234
|
refreshToken: refreshTokenState.currentRefreshToken,
|
|
1222
1235
|
};
|
|
@@ -1225,22 +1238,33 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
1225
1238
|
async generateSsoCode(activeUser, rawAccessToken) {
|
|
1226
1239
|
const refreshTokenState = await this.refreshTokenIdsStorage.getCurrentRefreshTokenState(activeUser.sub);
|
|
1227
1240
|
if (!refreshTokenState?.currentRefreshToken) {
|
|
1228
|
-
throw new common_1.UnauthorizedException(
|
|
1241
|
+
throw new common_1.UnauthorizedException("No active session found");
|
|
1229
1242
|
}
|
|
1230
1243
|
const ssoCode = await this.ssoCodeStorage.generateCode(activeUser.sub, rawAccessToken, refreshTokenState.currentRefreshToken);
|
|
1231
1244
|
return { ssoCode };
|
|
1232
1245
|
}
|
|
1233
1246
|
async exchangeSsoCode(code) {
|
|
1234
1247
|
const { userId, accessToken, refreshToken } = await this.ssoCodeStorage.consumeCode(code);
|
|
1235
|
-
const user = await this.userRepository.findOne({
|
|
1248
|
+
const user = await this.userRepository.findOne({
|
|
1249
|
+
where: { id: userId },
|
|
1250
|
+
relations: { roles: true },
|
|
1251
|
+
});
|
|
1236
1252
|
if (!user) {
|
|
1237
|
-
throw new common_1.UnauthorizedException(
|
|
1253
|
+
throw new common_1.UnauthorizedException("User not found");
|
|
1238
1254
|
}
|
|
1239
1255
|
return { accessToken, refreshToken, user: this.buildUserPayload(user) };
|
|
1240
1256
|
}
|
|
1241
1257
|
};
|
|
1242
1258
|
exports.AuthenticationService = AuthenticationService;
|
|
1243
|
-
AuthenticationService.SIGNUP_DTO_KEYS = new Set([
|
|
1259
|
+
AuthenticationService.SIGNUP_DTO_KEYS = new Set([
|
|
1260
|
+
"username",
|
|
1261
|
+
"email",
|
|
1262
|
+
"password",
|
|
1263
|
+
"fullName",
|
|
1264
|
+
"mobile",
|
|
1265
|
+
"roles",
|
|
1266
|
+
"forcePasswordChange",
|
|
1267
|
+
]);
|
|
1244
1268
|
exports.AuthenticationService = AuthenticationService = AuthenticationService_1 = __decorate([
|
|
1245
1269
|
(0, common_1.Injectable)(),
|
|
1246
1270
|
__param(13, (0, typeorm_1.InjectDataSource)()),
|