@strapi/plugin-users-permissions 4.2.0 → 4.2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/admin/src/pages/AdvancedSettings/utils/layout.js +2 -2
- package/admin/src/translations/en.json +1 -1
- package/admin/src/translations/pl.json +44 -7
- package/documentation/content-api.yaml +813 -0
- package/package.json +5 -5
- package/server/controllers/auth.js +170 -233
- package/server/controllers/user.js +7 -6
- package/server/controllers/validation/auth.js +31 -6
- package/server/register.js +9 -0
- package/server/routes/content-api/user.js +0 -1
- package/server/services/index.js +2 -0
- package/server/services/providers-registry.js +301 -0
- package/server/services/providers.js +62 -70
- package/server/services/users-permissions.js +6 -7
- package/server/utils/index.d.ts +1 -1
- package/documentation/1.0.0/overrides/users-permissions-Role.json +0 -281
- package/documentation/1.0.0/overrides/users-permissions-User.json +0 -325
- package/server/services/providers-list.js +0 -277
|
@@ -1,277 +0,0 @@
|
|
|
1
|
-
'use strict';
|
|
2
|
-
|
|
3
|
-
const jwt = require('jsonwebtoken');
|
|
4
|
-
// Purest strategies.
|
|
5
|
-
const purest = require('purest');
|
|
6
|
-
|
|
7
|
-
module.exports = async ({ provider, access_token, query, providers }) => {
|
|
8
|
-
switch (provider) {
|
|
9
|
-
case 'discord': {
|
|
10
|
-
const discord = purest({ provider: 'discord' });
|
|
11
|
-
return discord
|
|
12
|
-
.get('users/@me')
|
|
13
|
-
.auth(access_token)
|
|
14
|
-
.request()
|
|
15
|
-
.then(({ body }) => {
|
|
16
|
-
// Combine username and discriminator because discord username is not unique
|
|
17
|
-
var username = `${body.username}#${body.discriminator}`;
|
|
18
|
-
return {
|
|
19
|
-
username,
|
|
20
|
-
email: body.email,
|
|
21
|
-
};
|
|
22
|
-
});
|
|
23
|
-
}
|
|
24
|
-
case 'cognito': {
|
|
25
|
-
// get the id_token
|
|
26
|
-
const idToken = query.id_token;
|
|
27
|
-
// decode the jwt token
|
|
28
|
-
const tokenPayload = jwt.decode(idToken);
|
|
29
|
-
if (!tokenPayload) {
|
|
30
|
-
throw new Error('unable to decode jwt token');
|
|
31
|
-
} else {
|
|
32
|
-
return {
|
|
33
|
-
username: tokenPayload['cognito:username'],
|
|
34
|
-
email: tokenPayload.email,
|
|
35
|
-
};
|
|
36
|
-
}
|
|
37
|
-
}
|
|
38
|
-
case 'facebook': {
|
|
39
|
-
const facebook = purest({ provider: 'facebook' });
|
|
40
|
-
|
|
41
|
-
return facebook
|
|
42
|
-
.get('me')
|
|
43
|
-
.auth(access_token)
|
|
44
|
-
.qs({ fields: 'name,email' })
|
|
45
|
-
.request()
|
|
46
|
-
.then(({ body }) => ({
|
|
47
|
-
username: body.name,
|
|
48
|
-
email: body.email,
|
|
49
|
-
}));
|
|
50
|
-
}
|
|
51
|
-
case 'google': {
|
|
52
|
-
const google = purest({ provider: 'google' });
|
|
53
|
-
|
|
54
|
-
return google
|
|
55
|
-
.query('oauth')
|
|
56
|
-
.get('tokeninfo')
|
|
57
|
-
.qs({ access_token })
|
|
58
|
-
.request()
|
|
59
|
-
.then(({ body }) => ({
|
|
60
|
-
username: body.email.split('@')[0],
|
|
61
|
-
email: body.email,
|
|
62
|
-
}));
|
|
63
|
-
}
|
|
64
|
-
case 'github': {
|
|
65
|
-
const github = purest({
|
|
66
|
-
provider: 'github',
|
|
67
|
-
defaults: {
|
|
68
|
-
headers: {
|
|
69
|
-
'user-agent': 'strapi',
|
|
70
|
-
},
|
|
71
|
-
},
|
|
72
|
-
});
|
|
73
|
-
|
|
74
|
-
return github
|
|
75
|
-
.get('user')
|
|
76
|
-
.auth(access_token)
|
|
77
|
-
.request()
|
|
78
|
-
.then(({ body: userbody }) => {
|
|
79
|
-
// This is the public email on the github profile
|
|
80
|
-
if (userbody.email) {
|
|
81
|
-
return {
|
|
82
|
-
username: userbody.login,
|
|
83
|
-
email: userbody.email,
|
|
84
|
-
};
|
|
85
|
-
}
|
|
86
|
-
// Get the email with Github's user/emails API
|
|
87
|
-
return github
|
|
88
|
-
.get('user/emails')
|
|
89
|
-
.auth(access_token)
|
|
90
|
-
.request()
|
|
91
|
-
.then(({ body: emailsbody }) => {
|
|
92
|
-
return {
|
|
93
|
-
username: userbody.login,
|
|
94
|
-
email: Array.isArray(emailsbody)
|
|
95
|
-
? emailsbody.find(email => email.primary === true).email
|
|
96
|
-
: null,
|
|
97
|
-
};
|
|
98
|
-
});
|
|
99
|
-
});
|
|
100
|
-
}
|
|
101
|
-
case 'microsoft': {
|
|
102
|
-
const microsoft = purest({ provider: 'microsoft' });
|
|
103
|
-
|
|
104
|
-
return microsoft
|
|
105
|
-
.get('me')
|
|
106
|
-
.auth(access_token)
|
|
107
|
-
.request()
|
|
108
|
-
.then(({ body }) => ({
|
|
109
|
-
username: body.userPrincipalName,
|
|
110
|
-
email: body.userPrincipalName,
|
|
111
|
-
}));
|
|
112
|
-
}
|
|
113
|
-
case 'twitter': {
|
|
114
|
-
const twitter = purest({
|
|
115
|
-
provider: 'twitter',
|
|
116
|
-
});
|
|
117
|
-
|
|
118
|
-
return twitter
|
|
119
|
-
.get('account/verify_credentials')
|
|
120
|
-
.auth(access_token, query.access_secret)
|
|
121
|
-
.qs({ screen_name: query['raw[screen_name]'], include_email: 'true' })
|
|
122
|
-
.request()
|
|
123
|
-
.then(({ body }) => ({
|
|
124
|
-
username: body.screen_name,
|
|
125
|
-
email: body.email,
|
|
126
|
-
}));
|
|
127
|
-
}
|
|
128
|
-
case 'instagram': {
|
|
129
|
-
const instagram = purest({ provider: 'instagram' });
|
|
130
|
-
|
|
131
|
-
return instagram
|
|
132
|
-
.get('me')
|
|
133
|
-
.auth(access_token)
|
|
134
|
-
.qs({ fields: 'id,username' })
|
|
135
|
-
.request()
|
|
136
|
-
.then(({ body }) => ({
|
|
137
|
-
username: body.username,
|
|
138
|
-
email: `${body.username}@strapi.io`, // dummy email as Instagram does not provide user email
|
|
139
|
-
}));
|
|
140
|
-
}
|
|
141
|
-
case 'vk': {
|
|
142
|
-
const vk = purest({ provider: 'vk' });
|
|
143
|
-
|
|
144
|
-
return vk
|
|
145
|
-
.get('users.get')
|
|
146
|
-
.auth(access_token)
|
|
147
|
-
.qs({ id: query.raw.user_id, v: '5.122' })
|
|
148
|
-
.request()
|
|
149
|
-
.then(({ body }) => ({
|
|
150
|
-
username: `${body.response[0].last_name} ${body.response[0].first_name}`,
|
|
151
|
-
email: query.raw.email,
|
|
152
|
-
}));
|
|
153
|
-
}
|
|
154
|
-
case 'twitch': {
|
|
155
|
-
const twitch = purest({
|
|
156
|
-
provider: 'twitch',
|
|
157
|
-
config: {
|
|
158
|
-
twitch: {
|
|
159
|
-
default: {
|
|
160
|
-
origin: 'https://api.twitch.tv',
|
|
161
|
-
path: 'helix/{path}',
|
|
162
|
-
headers: {
|
|
163
|
-
Authorization: 'Bearer {auth}',
|
|
164
|
-
'Client-Id': '{auth}',
|
|
165
|
-
},
|
|
166
|
-
},
|
|
167
|
-
},
|
|
168
|
-
},
|
|
169
|
-
});
|
|
170
|
-
|
|
171
|
-
return twitch
|
|
172
|
-
.get('users')
|
|
173
|
-
.auth(access_token, providers.twitch.key)
|
|
174
|
-
.request()
|
|
175
|
-
.then(({ body }) => ({
|
|
176
|
-
username: body.data[0].login,
|
|
177
|
-
email: body.data[0].email,
|
|
178
|
-
}));
|
|
179
|
-
}
|
|
180
|
-
case 'linkedin': {
|
|
181
|
-
const linkedIn = purest({ provider: 'linkedin' });
|
|
182
|
-
const {
|
|
183
|
-
body: { localizedFirstName },
|
|
184
|
-
} = await linkedIn
|
|
185
|
-
.get('me')
|
|
186
|
-
.auth(access_token)
|
|
187
|
-
.request();
|
|
188
|
-
const {
|
|
189
|
-
body: { elements },
|
|
190
|
-
} = await linkedIn
|
|
191
|
-
.get('emailAddress?q=members&projection=(elements*(handle~))')
|
|
192
|
-
.auth(access_token)
|
|
193
|
-
.request();
|
|
194
|
-
|
|
195
|
-
const email = elements[0]['handle~'];
|
|
196
|
-
|
|
197
|
-
return {
|
|
198
|
-
username: localizedFirstName,
|
|
199
|
-
email: email.emailAddress,
|
|
200
|
-
};
|
|
201
|
-
}
|
|
202
|
-
case 'reddit': {
|
|
203
|
-
const reddit = purest({
|
|
204
|
-
provider: 'reddit',
|
|
205
|
-
config: {
|
|
206
|
-
reddit: {
|
|
207
|
-
default: {
|
|
208
|
-
origin: 'https://oauth.reddit.com',
|
|
209
|
-
path: 'api/{version}/{path}',
|
|
210
|
-
version: 'v1',
|
|
211
|
-
headers: {
|
|
212
|
-
Authorization: 'Bearer {auth}',
|
|
213
|
-
'user-agent': 'strapi',
|
|
214
|
-
},
|
|
215
|
-
},
|
|
216
|
-
},
|
|
217
|
-
},
|
|
218
|
-
});
|
|
219
|
-
|
|
220
|
-
return reddit
|
|
221
|
-
.get('me')
|
|
222
|
-
.auth(access_token)
|
|
223
|
-
.request()
|
|
224
|
-
.then(({ body }) => ({
|
|
225
|
-
username: body.name,
|
|
226
|
-
email: `${body.name}@strapi.io`, // dummy email as Reddit does not provide user email
|
|
227
|
-
}));
|
|
228
|
-
}
|
|
229
|
-
case 'auth0': {
|
|
230
|
-
const auth0 = purest({ provider: 'auth0' });
|
|
231
|
-
|
|
232
|
-
return auth0
|
|
233
|
-
.get('userinfo')
|
|
234
|
-
.subdomain(providers.auth0.subdomain)
|
|
235
|
-
.auth(access_token)
|
|
236
|
-
.request()
|
|
237
|
-
.then(({ body }) => {
|
|
238
|
-
const username = body.username || body.nickname || body.name || body.email.split('@')[0];
|
|
239
|
-
const email = body.email || `${username.replace(/\s+/g, '.')}@strapi.io`;
|
|
240
|
-
|
|
241
|
-
return {
|
|
242
|
-
username,
|
|
243
|
-
email,
|
|
244
|
-
};
|
|
245
|
-
});
|
|
246
|
-
}
|
|
247
|
-
case 'cas': {
|
|
248
|
-
const cas = purest({ provider: 'cas' });
|
|
249
|
-
|
|
250
|
-
return cas
|
|
251
|
-
.get('oidc/profile')
|
|
252
|
-
.subdomain(providers.cas.subdomain)
|
|
253
|
-
.auth(access_token)
|
|
254
|
-
.request()
|
|
255
|
-
.then(({ body }) => {
|
|
256
|
-
// CAS attribute may be in body.attributes or "FLAT", depending on CAS config
|
|
257
|
-
const username = body.attributes
|
|
258
|
-
? body.attributes.strapiusername || body.id || body.sub
|
|
259
|
-
: body.strapiusername || body.id || body.sub;
|
|
260
|
-
const email = body.attributes
|
|
261
|
-
? body.attributes.strapiemail || body.attributes.email
|
|
262
|
-
: body.strapiemail || body.email;
|
|
263
|
-
if (!username || !email) {
|
|
264
|
-
strapi.log.warn(
|
|
265
|
-
'CAS Response Body did not contain required attributes: ' + JSON.stringify(body)
|
|
266
|
-
);
|
|
267
|
-
}
|
|
268
|
-
return {
|
|
269
|
-
username,
|
|
270
|
-
email,
|
|
271
|
-
};
|
|
272
|
-
});
|
|
273
|
-
}
|
|
274
|
-
default:
|
|
275
|
-
throw new Error('Unknown provider.');
|
|
276
|
-
}
|
|
277
|
-
};
|