@strapi/plugin-users-permissions 4.3.2 → 4.3.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/admin/src/components/BoundRoute/getMethodColor.js +1 -1
- package/admin/src/components/BoundRoute/index.js +1 -1
- package/admin/src/components/FormModal/Input/index.js +1 -1
- package/admin/src/components/FormModal/index.js +7 -9
- package/admin/src/components/Permissions/PermissionRow/CheckboxWrapper.js +3 -3
- package/admin/src/components/Permissions/PermissionRow/SubCategory.js +10 -14
- package/admin/src/components/Permissions/PermissionRow/index.js +1 -1
- package/admin/src/components/Permissions/index.js +2 -2
- package/admin/src/components/Permissions/init.js +1 -1
- package/admin/src/components/Permissions/reducer.js +1 -1
- package/admin/src/components/Policies/index.js +1 -1
- package/admin/src/components/UsersPermissions/index.js +5 -5
- package/admin/src/components/UsersPermissions/reducer.js +1 -1
- package/admin/src/hooks/useFetchRole/index.js +3 -3
- package/admin/src/hooks/useFetchRole/reducer.js +1 -1
- package/admin/src/hooks/useForm/index.js +1 -1
- package/admin/src/hooks/useForm/reducer.js +1 -1
- package/admin/src/hooks/usePlugins/index.js +1 -1
- package/admin/src/hooks/usePlugins/reducer.js +1 -1
- package/admin/src/hooks/useRolesList/reducer.js +1 -1
- package/admin/src/index.js +5 -5
- package/admin/src/pages/AdvancedSettings/index.js +11 -10
- package/admin/src/pages/AdvancedSettings/utils/api.js +1 -1
- package/admin/src/pages/AdvancedSettings/utils/schema.js +2 -4
- package/admin/src/pages/EmailTemplates/index.js +8 -8
- package/admin/src/pages/EmailTemplates/utils/api.js +1 -1
- package/admin/src/pages/EmailTemplates/utils/schema.js +1 -4
- package/admin/src/pages/Providers/index.js +22 -22
- package/admin/src/pages/Providers/reducer.js +1 -1
- package/admin/src/pages/Providers/utils/api.js +2 -2
- package/admin/src/pages/Providers/utils/createProvidersArray.js +1 -1
- package/admin/src/pages/Roles/CreatePage/index.js +1 -1
- package/admin/src/pages/Roles/EditPage/index.js +1 -1
- package/admin/src/pages/Roles/ListPage/components/TableBody.js +5 -4
- package/admin/src/pages/Roles/ListPage/index.js +2 -2
- package/admin/src/utils/axiosInstance.js +4 -4
- package/admin/src/utils/cleanPermissions.js +1 -1
- package/admin/src/utils/formatPolicies.js +1 -1
- package/admin/src/utils/getRequestURL.js +1 -1
- package/admin/src/utils/getTrad.js +1 -1
- package/documentation/content-api.yaml +36 -1
- package/jest.config.front.js +1 -1
- package/package.json +12 -7
- package/server/bootstrap/grant-config.js +1 -1
- package/server/bootstrap/index.js +39 -39
- package/server/controllers/auth.js +33 -5
- package/server/controllers/content-manager-user.js +4 -12
- package/server/controllers/settings.js +1 -1
- package/server/controllers/user.js +2 -2
- package/server/controllers/validation/auth.js +15 -12
- package/server/controllers/validation/email-template.js +3 -2
- package/server/controllers/validation/user.js +4 -16
- package/server/graphql/mutations/auth/change-password.js +38 -0
- package/server/graphql/mutations/auth/forgot-password.js +1 -4
- package/server/graphql/mutations/auth/login.js +1 -4
- package/server/graphql/mutations/auth/register.js +1 -4
- package/server/graphql/mutations/auth/reset-password.js +1 -4
- package/server/graphql/mutations/crud/role/create-role.js +1 -4
- package/server/graphql/mutations/crud/role/delete-role.js +1 -4
- package/server/graphql/mutations/crud/role/update-role.js +1 -4
- package/server/graphql/mutations/crud/user/create-user.js +1 -4
- package/server/graphql/mutations/crud/user/delete-user.js +1 -4
- package/server/graphql/mutations/crud/user/update-user.js +1 -4
- package/server/graphql/mutations/index.js +2 -1
- package/server/graphql/resolvers-configs.js +5 -0
- package/server/graphql/types/index.js +1 -1
- package/server/middlewares/rateLimit.js +22 -25
- package/server/register.js +2 -4
- package/server/routes/content-api/auth.js +9 -0
- package/server/services/jwt.js +11 -9
- package/server/services/providers-registry.js +33 -42
- package/server/services/providers.js +6 -6
- package/server/services/role.js +7 -7
- package/server/services/user.js +1 -8
- package/server/services/users-permissions.js +13 -12
- package/server/strategies/users-permissions.js +3 -3
- package/server/utils/index.js +1 -1
|
@@ -19,6 +19,7 @@ const matchAll = (pattern, src) => {
|
|
|
19
19
|
let match;
|
|
20
20
|
|
|
21
21
|
const regexPatternWithGlobal = RegExp(pattern, 'g');
|
|
22
|
+
// eslint-disable-next-line no-cond-assign
|
|
22
23
|
while ((match = regexPatternWithGlobal.exec(src))) {
|
|
23
24
|
const [, group] = match;
|
|
24
25
|
|
|
@@ -27,8 +28,8 @@ const matchAll = (pattern, src) => {
|
|
|
27
28
|
return matches;
|
|
28
29
|
};
|
|
29
30
|
|
|
30
|
-
const isValidEmailTemplate = template => {
|
|
31
|
-
for (
|
|
31
|
+
const isValidEmailTemplate = (template) => {
|
|
32
|
+
for (const reg of invalidPatternsRegexes) {
|
|
32
33
|
if (reg.test(template)) {
|
|
33
34
|
return false;
|
|
34
35
|
}
|
|
@@ -7,26 +7,14 @@ const deleteRoleSchema = yup.object().shape({
|
|
|
7
7
|
});
|
|
8
8
|
|
|
9
9
|
const createUserBodySchema = yup.object().shape({
|
|
10
|
-
email: yup
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
.required(),
|
|
14
|
-
username: yup
|
|
15
|
-
.string()
|
|
16
|
-
.min(1)
|
|
17
|
-
.required(),
|
|
18
|
-
password: yup
|
|
19
|
-
.string()
|
|
20
|
-
.min(1)
|
|
21
|
-
.required(),
|
|
10
|
+
email: yup.string().email().required(),
|
|
11
|
+
username: yup.string().min(1).required(),
|
|
12
|
+
password: yup.string().min(1).required(),
|
|
22
13
|
role: yup.strapiID(),
|
|
23
14
|
});
|
|
24
15
|
|
|
25
16
|
const updateUserBodySchema = yup.object().shape({
|
|
26
|
-
email: yup
|
|
27
|
-
.string()
|
|
28
|
-
.email()
|
|
29
|
-
.min(1),
|
|
17
|
+
email: yup.string().email().min(1),
|
|
30
18
|
username: yup.string().min(1),
|
|
31
19
|
password: yup.string().min(1),
|
|
32
20
|
});
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const { toPlainObject } = require('lodash/fp');
|
|
4
|
+
|
|
5
|
+
const { checkBadRequest } = require('../../utils');
|
|
6
|
+
|
|
7
|
+
module.exports = ({ nexus, strapi }) => {
|
|
8
|
+
const { nonNull } = nexus;
|
|
9
|
+
|
|
10
|
+
return {
|
|
11
|
+
type: 'UsersPermissionsLoginPayload',
|
|
12
|
+
|
|
13
|
+
args: {
|
|
14
|
+
currentPassword: nonNull('String'),
|
|
15
|
+
password: nonNull('String'),
|
|
16
|
+
passwordConfirmation: nonNull('String'),
|
|
17
|
+
},
|
|
18
|
+
|
|
19
|
+
description: 'Change user password. Confirm with the current password.',
|
|
20
|
+
|
|
21
|
+
async resolve(parent, args, context) {
|
|
22
|
+
const { koaContext } = context;
|
|
23
|
+
|
|
24
|
+
koaContext.request.body = toPlainObject(args);
|
|
25
|
+
|
|
26
|
+
await strapi.plugin('users-permissions').controller('auth').changePassword(koaContext);
|
|
27
|
+
|
|
28
|
+
const output = koaContext.body;
|
|
29
|
+
|
|
30
|
+
checkBadRequest(output);
|
|
31
|
+
|
|
32
|
+
return {
|
|
33
|
+
user: output.user || output,
|
|
34
|
+
jwt: output.jwt,
|
|
35
|
+
};
|
|
36
|
+
},
|
|
37
|
+
};
|
|
38
|
+
};
|
|
@@ -21,10 +21,7 @@ module.exports = ({ nexus, strapi }) => {
|
|
|
21
21
|
|
|
22
22
|
koaContext.request.body = toPlainObject(args);
|
|
23
23
|
|
|
24
|
-
await strapi
|
|
25
|
-
.plugin('users-permissions')
|
|
26
|
-
.controller('auth')
|
|
27
|
-
.forgotPassword(koaContext);
|
|
24
|
+
await strapi.plugin('users-permissions').controller('auth').forgotPassword(koaContext);
|
|
28
25
|
|
|
29
26
|
const output = koaContext.body;
|
|
30
27
|
|
|
@@ -20,10 +20,7 @@ module.exports = ({ nexus, strapi }) => {
|
|
|
20
20
|
koaContext.params = { provider: args.input.provider };
|
|
21
21
|
koaContext.request.body = toPlainObject(args.input);
|
|
22
22
|
|
|
23
|
-
await strapi
|
|
24
|
-
.plugin('users-permissions')
|
|
25
|
-
.controller('auth')
|
|
26
|
-
.callback(koaContext);
|
|
23
|
+
await strapi.plugin('users-permissions').controller('auth').callback(koaContext);
|
|
27
24
|
|
|
28
25
|
const output = koaContext.body;
|
|
29
26
|
|
|
@@ -21,10 +21,7 @@ module.exports = ({ nexus, strapi }) => {
|
|
|
21
21
|
|
|
22
22
|
koaContext.request.body = toPlainObject(args.input);
|
|
23
23
|
|
|
24
|
-
await strapi
|
|
25
|
-
.plugin('users-permissions')
|
|
26
|
-
.controller('auth')
|
|
27
|
-
.register(koaContext);
|
|
24
|
+
await strapi.plugin('users-permissions').controller('auth').register(koaContext);
|
|
28
25
|
|
|
29
26
|
const output = koaContext.body;
|
|
30
27
|
|
|
@@ -23,10 +23,7 @@ module.exports = ({ nexus, strapi }) => {
|
|
|
23
23
|
|
|
24
24
|
koaContext.request.body = toPlainObject(args);
|
|
25
25
|
|
|
26
|
-
await strapi
|
|
27
|
-
.plugin('users-permissions')
|
|
28
|
-
.controller('auth')
|
|
29
|
-
.resetPassword(koaContext);
|
|
26
|
+
await strapi.plugin('users-permissions').controller('auth').resetPassword(koaContext);
|
|
30
27
|
|
|
31
28
|
const output = koaContext.body;
|
|
32
29
|
|
|
@@ -26,10 +26,7 @@ module.exports = ({ nexus, strapi }) => {
|
|
|
26
26
|
|
|
27
27
|
koaContext.request.body = toPlainObject(args.data);
|
|
28
28
|
|
|
29
|
-
await strapi
|
|
30
|
-
.plugin('users-permissions')
|
|
31
|
-
.controller('role')
|
|
32
|
-
.createRole(koaContext);
|
|
29
|
+
await strapi.plugin('users-permissions').controller('role').createRole(koaContext);
|
|
33
30
|
|
|
34
31
|
return { ok: true };
|
|
35
32
|
},
|
|
@@ -17,10 +17,7 @@ module.exports = ({ nexus, strapi }) => {
|
|
|
17
17
|
|
|
18
18
|
koaContext.params = { role: args.id };
|
|
19
19
|
|
|
20
|
-
await strapi
|
|
21
|
-
.plugin('users-permissions')
|
|
22
|
-
.controller('role')
|
|
23
|
-
.deleteRole(koaContext);
|
|
20
|
+
await strapi.plugin('users-permissions').controller('role').deleteRole(koaContext);
|
|
24
21
|
|
|
25
22
|
return { ok: true };
|
|
26
23
|
},
|
|
@@ -27,10 +27,7 @@ module.exports = ({ nexus, strapi }) => {
|
|
|
27
27
|
koaContext.request.body = args.data;
|
|
28
28
|
koaContext.request.body.role = args.id;
|
|
29
29
|
|
|
30
|
-
await strapi
|
|
31
|
-
.plugin('users-permissions')
|
|
32
|
-
.controller('role')
|
|
33
|
-
.updateRole(koaContext);
|
|
30
|
+
await strapi.plugin('users-permissions').controller('role').updateRole(koaContext);
|
|
34
31
|
|
|
35
32
|
return { ok: true };
|
|
36
33
|
},
|
|
@@ -32,10 +32,7 @@ module.exports = ({ nexus, strapi }) => {
|
|
|
32
32
|
koaContext.params = {};
|
|
33
33
|
koaContext.request.body = toPlainObject(args.data);
|
|
34
34
|
|
|
35
|
-
await strapi
|
|
36
|
-
.plugin('users-permissions')
|
|
37
|
-
.controller('user')
|
|
38
|
-
.create(koaContext);
|
|
35
|
+
await strapi.plugin('users-permissions').controller('user').create(koaContext);
|
|
39
36
|
|
|
40
37
|
checkBadRequest(koaContext.body);
|
|
41
38
|
|
|
@@ -26,10 +26,7 @@ module.exports = ({ nexus, strapi }) => {
|
|
|
26
26
|
|
|
27
27
|
koaContext.params = { id: args.id };
|
|
28
28
|
|
|
29
|
-
await strapi
|
|
30
|
-
.plugin('users-permissions')
|
|
31
|
-
.controller('user')
|
|
32
|
-
.destroy(koaContext);
|
|
29
|
+
await strapi.plugin('users-permissions').controller('user').destroy(koaContext);
|
|
33
30
|
|
|
34
31
|
checkBadRequest(koaContext.body);
|
|
35
32
|
|
|
@@ -33,10 +33,7 @@ module.exports = ({ nexus, strapi }) => {
|
|
|
33
33
|
koaContext.params = { id: args.id };
|
|
34
34
|
koaContext.request.body = toPlainObject(args.data);
|
|
35
35
|
|
|
36
|
-
await strapi
|
|
37
|
-
.plugin('users-permissions')
|
|
38
|
-
.controller('user')
|
|
39
|
-
.update(koaContext);
|
|
36
|
+
await strapi.plugin('users-permissions').controller('user').update(koaContext);
|
|
40
37
|
|
|
41
38
|
checkBadRequest(koaContext.body);
|
|
42
39
|
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
const userUID = 'plugin::users-permissions.user';
|
|
4
4
|
const roleUID = 'plugin::users-permissions.role';
|
|
5
5
|
|
|
6
|
-
module.exports = context => {
|
|
6
|
+
module.exports = (context) => {
|
|
7
7
|
const { nexus, strapi } = context;
|
|
8
8
|
|
|
9
9
|
const { naming } = strapi.plugin('graphql').service('utils');
|
|
@@ -25,6 +25,7 @@ module.exports = context => {
|
|
|
25
25
|
register: require('./auth/register'),
|
|
26
26
|
forgotPassword: require('./auth/forgot-password'),
|
|
27
27
|
resetPassword: require('./auth/reset-password'),
|
|
28
|
+
changePassword: require('./auth/change-password'),
|
|
28
29
|
emailConfirmation: require('./auth/email-confirmation'),
|
|
29
30
|
};
|
|
30
31
|
|
|
@@ -23,6 +23,11 @@ module.exports = ({ strapi }) => {
|
|
|
23
23
|
'Mutation.forgotPassword': { auth: false },
|
|
24
24
|
'Mutation.resetPassword': { auth: false },
|
|
25
25
|
'Mutation.emailConfirmation': { auth: false },
|
|
26
|
+
'Mutation.changePassword': {
|
|
27
|
+
auth: {
|
|
28
|
+
scope: 'plugin::users-permissions.auth.changePassword',
|
|
29
|
+
},
|
|
30
|
+
},
|
|
26
31
|
|
|
27
32
|
// Scoped auth for replaced CRUD operations
|
|
28
33
|
// Role
|
|
@@ -1,30 +1,27 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
module.exports =
|
|
4
|
-
|
|
3
|
+
module.exports =
|
|
4
|
+
(config, { strapi }) =>
|
|
5
|
+
async (ctx, next) => {
|
|
6
|
+
const ratelimit = require('koa2-ratelimit').RateLimit;
|
|
5
7
|
|
|
6
|
-
|
|
7
|
-
{
|
|
8
|
-
messages: [
|
|
9
|
-
{
|
|
10
|
-
id: 'Auth.form.error.ratelimit',
|
|
11
|
-
message: 'Too many attempts, please try again in a minute.',
|
|
12
|
-
},
|
|
13
|
-
],
|
|
14
|
-
},
|
|
15
|
-
];
|
|
16
|
-
|
|
17
|
-
return ratelimit.middleware(
|
|
18
|
-
Object.assign(
|
|
19
|
-
{},
|
|
8
|
+
const message = [
|
|
20
9
|
{
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
10
|
+
messages: [
|
|
11
|
+
{
|
|
12
|
+
id: 'Auth.form.error.ratelimit',
|
|
13
|
+
message: 'Too many attempts, please try again in a minute.',
|
|
14
|
+
},
|
|
15
|
+
],
|
|
25
16
|
},
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
17
|
+
];
|
|
18
|
+
|
|
19
|
+
return ratelimit.middleware({
|
|
20
|
+
interval: 1 * 60 * 1000,
|
|
21
|
+
max: 5,
|
|
22
|
+
prefixKey: `${ctx.request.path}:${ctx.request.ip}`,
|
|
23
|
+
message,
|
|
24
|
+
...strapi.config.get('plugin.users-permissions.ratelimit'),
|
|
25
|
+
...config,
|
|
26
|
+
})(ctx, next);
|
|
27
|
+
};
|
package/server/register.js
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
'use strict';
|
|
2
|
+
|
|
2
3
|
const fs = require('fs');
|
|
3
4
|
const path = require('path');
|
|
4
5
|
|
|
@@ -17,9 +18,6 @@ module.exports = ({ strapi }) => {
|
|
|
17
18
|
const specPath = path.join(__dirname, '../documentation/content-api.yaml');
|
|
18
19
|
const spec = fs.readFileSync(specPath, 'utf8');
|
|
19
20
|
|
|
20
|
-
strapi
|
|
21
|
-
.plugin('documentation')
|
|
22
|
-
.service('documentation')
|
|
23
|
-
.registerDoc(spec);
|
|
21
|
+
strapi.plugin('documentation').service('documentation').registerDoc(spec);
|
|
24
22
|
}
|
|
25
23
|
};
|
package/server/services/jwt.js
CHANGED
|
@@ -38,16 +38,18 @@ module.exports = ({ strapi }) => ({
|
|
|
38
38
|
},
|
|
39
39
|
|
|
40
40
|
verify(token) {
|
|
41
|
-
return new Promise(
|
|
42
|
-
jwt.verify(
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
41
|
+
return new Promise((resolve, reject) => {
|
|
42
|
+
jwt.verify(
|
|
43
|
+
token,
|
|
44
|
+
strapi.config.get('plugin.users-permissions.jwtSecret'),
|
|
45
|
+
{},
|
|
46
|
+
(err, tokenPayload = {}) => {
|
|
47
|
+
if (err) {
|
|
48
|
+
return reject(new Error('Invalid token.'));
|
|
49
|
+
}
|
|
50
|
+
resolve(tokenPayload);
|
|
48
51
|
}
|
|
49
|
-
|
|
50
|
-
});
|
|
52
|
+
);
|
|
51
53
|
});
|
|
52
54
|
},
|
|
53
55
|
});
|
|
@@ -4,15 +4,15 @@ const { strict: assert } = require('assert');
|
|
|
4
4
|
const jwt = require('jsonwebtoken');
|
|
5
5
|
|
|
6
6
|
const getInitialProviders = ({ purest }) => ({
|
|
7
|
-
async discord({
|
|
7
|
+
async discord({ accessToken }) {
|
|
8
8
|
const discord = purest({ provider: 'discord' });
|
|
9
9
|
return discord
|
|
10
10
|
.get('users/@me')
|
|
11
|
-
.auth(
|
|
11
|
+
.auth(accessToken)
|
|
12
12
|
.request()
|
|
13
13
|
.then(({ body }) => {
|
|
14
14
|
// Combine username and discriminator because discord username is not unique
|
|
15
|
-
|
|
15
|
+
const username = `${body.username}#${body.discriminator}`;
|
|
16
16
|
return {
|
|
17
17
|
username,
|
|
18
18
|
email: body.email,
|
|
@@ -33,12 +33,12 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
33
33
|
};
|
|
34
34
|
}
|
|
35
35
|
},
|
|
36
|
-
async facebook({
|
|
36
|
+
async facebook({ accessToken }) {
|
|
37
37
|
const facebook = purest({ provider: 'facebook' });
|
|
38
38
|
|
|
39
39
|
return facebook
|
|
40
40
|
.get('me')
|
|
41
|
-
.auth(
|
|
41
|
+
.auth(accessToken)
|
|
42
42
|
.qs({ fields: 'name,email' })
|
|
43
43
|
.request()
|
|
44
44
|
.then(({ body }) => ({
|
|
@@ -46,20 +46,20 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
46
46
|
email: body.email,
|
|
47
47
|
}));
|
|
48
48
|
},
|
|
49
|
-
async google({
|
|
49
|
+
async google({ accessToken }) {
|
|
50
50
|
const google = purest({ provider: 'google' });
|
|
51
51
|
|
|
52
52
|
return google
|
|
53
53
|
.query('oauth')
|
|
54
54
|
.get('tokeninfo')
|
|
55
|
-
.qs({
|
|
55
|
+
.qs({ accessToken })
|
|
56
56
|
.request()
|
|
57
57
|
.then(({ body }) => ({
|
|
58
58
|
username: body.email.split('@')[0],
|
|
59
59
|
email: body.email,
|
|
60
60
|
}));
|
|
61
61
|
},
|
|
62
|
-
async github({
|
|
62
|
+
async github({ accessToken }) {
|
|
63
63
|
const github = purest({
|
|
64
64
|
provider: 'github',
|
|
65
65
|
defaults: {
|
|
@@ -69,10 +69,7 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
69
69
|
},
|
|
70
70
|
});
|
|
71
71
|
|
|
72
|
-
const { body: userBody } = await github
|
|
73
|
-
.get('user')
|
|
74
|
-
.auth(access_token)
|
|
75
|
-
.request();
|
|
72
|
+
const { body: userBody } = await github.get('user').auth(accessToken).request();
|
|
76
73
|
|
|
77
74
|
// This is the public email on the github profile
|
|
78
75
|
if (userBody.email) {
|
|
@@ -82,31 +79,28 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
82
79
|
};
|
|
83
80
|
}
|
|
84
81
|
// Get the email with Github's user/emails API
|
|
85
|
-
const { body: emailBody } = await github
|
|
86
|
-
.get('user/emails')
|
|
87
|
-
.auth(access_token)
|
|
88
|
-
.request();
|
|
82
|
+
const { body: emailBody } = await github.get('user/emails').auth(accessToken).request();
|
|
89
83
|
|
|
90
84
|
return {
|
|
91
85
|
username: userBody.login,
|
|
92
86
|
email: Array.isArray(emailBody)
|
|
93
|
-
? emailBody.find(email => email.primary === true).email
|
|
87
|
+
? emailBody.find((email) => email.primary === true).email
|
|
94
88
|
: null,
|
|
95
89
|
};
|
|
96
90
|
},
|
|
97
|
-
async microsoft({
|
|
91
|
+
async microsoft({ accessToken }) {
|
|
98
92
|
const microsoft = purest({ provider: 'microsoft' });
|
|
99
93
|
|
|
100
94
|
return microsoft
|
|
101
95
|
.get('me')
|
|
102
|
-
.auth(
|
|
96
|
+
.auth(accessToken)
|
|
103
97
|
.request()
|
|
104
98
|
.then(({ body }) => ({
|
|
105
99
|
username: body.userPrincipalName,
|
|
106
100
|
email: body.userPrincipalName,
|
|
107
101
|
}));
|
|
108
102
|
},
|
|
109
|
-
async twitter({
|
|
103
|
+
async twitter({ accessToken, query, providers }) {
|
|
110
104
|
const twitter = purest({
|
|
111
105
|
provider: 'twitter',
|
|
112
106
|
defaults: {
|
|
@@ -119,7 +113,7 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
119
113
|
|
|
120
114
|
return twitter
|
|
121
115
|
.get('account/verify_credentials')
|
|
122
|
-
.auth(
|
|
116
|
+
.auth(accessToken, query.access_secret)
|
|
123
117
|
.qs({ screen_name: query['raw[screen_name]'], include_email: 'true' })
|
|
124
118
|
.request()
|
|
125
119
|
.then(({ body }) => ({
|
|
@@ -127,12 +121,12 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
127
121
|
email: body.email,
|
|
128
122
|
}));
|
|
129
123
|
},
|
|
130
|
-
async instagram({
|
|
124
|
+
async instagram({ accessToken }) {
|
|
131
125
|
const instagram = purest({ provider: 'instagram' });
|
|
132
126
|
|
|
133
127
|
return instagram
|
|
134
128
|
.get('me')
|
|
135
|
-
.auth(
|
|
129
|
+
.auth(accessToken)
|
|
136
130
|
.qs({ fields: 'id,username' })
|
|
137
131
|
.request()
|
|
138
132
|
.then(({ body }) => ({
|
|
@@ -140,12 +134,12 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
140
134
|
email: `${body.username}@strapi.io`, // dummy email as Instagram does not provide user email
|
|
141
135
|
}));
|
|
142
136
|
},
|
|
143
|
-
async vk({
|
|
137
|
+
async vk({ accessToken, query }) {
|
|
144
138
|
const vk = purest({ provider: 'vk' });
|
|
145
139
|
|
|
146
140
|
return vk
|
|
147
141
|
.get('users.get')
|
|
148
|
-
.auth(
|
|
142
|
+
.auth(accessToken)
|
|
149
143
|
.qs({ id: query.raw.user_id, v: '5.122' })
|
|
150
144
|
.request()
|
|
151
145
|
.then(({ body }) => ({
|
|
@@ -153,7 +147,7 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
153
147
|
email: query.raw.email,
|
|
154
148
|
}));
|
|
155
149
|
},
|
|
156
|
-
async twitch({
|
|
150
|
+
async twitch({ accessToken, providers }) {
|
|
157
151
|
const twitch = purest({
|
|
158
152
|
provider: 'twitch',
|
|
159
153
|
config: {
|
|
@@ -172,26 +166,23 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
172
166
|
|
|
173
167
|
return twitch
|
|
174
168
|
.get('users')
|
|
175
|
-
.auth(
|
|
169
|
+
.auth(accessToken, providers.twitch.key)
|
|
176
170
|
.request()
|
|
177
171
|
.then(({ body }) => ({
|
|
178
172
|
username: body.data[0].login,
|
|
179
173
|
email: body.data[0].email,
|
|
180
174
|
}));
|
|
181
175
|
},
|
|
182
|
-
async linkedin({
|
|
176
|
+
async linkedin({ accessToken }) {
|
|
183
177
|
const linkedIn = purest({ provider: 'linkedin' });
|
|
184
178
|
const {
|
|
185
179
|
body: { localizedFirstName },
|
|
186
|
-
} = await linkedIn
|
|
187
|
-
.get('me')
|
|
188
|
-
.auth(access_token)
|
|
189
|
-
.request();
|
|
180
|
+
} = await linkedIn.get('me').auth(accessToken).request();
|
|
190
181
|
const {
|
|
191
182
|
body: { elements },
|
|
192
183
|
} = await linkedIn
|
|
193
184
|
.get('emailAddress?q=members&projection=(elements*(handle~))')
|
|
194
|
-
.auth(
|
|
185
|
+
.auth(accessToken)
|
|
195
186
|
.request();
|
|
196
187
|
|
|
197
188
|
const email = elements[0]['handle~'];
|
|
@@ -201,7 +192,7 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
201
192
|
email: email.emailAddress,
|
|
202
193
|
};
|
|
203
194
|
},
|
|
204
|
-
async reddit({
|
|
195
|
+
async reddit({ accessToken }) {
|
|
205
196
|
const reddit = purest({
|
|
206
197
|
provider: 'reddit',
|
|
207
198
|
config: {
|
|
@@ -221,20 +212,20 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
221
212
|
|
|
222
213
|
return reddit
|
|
223
214
|
.get('me')
|
|
224
|
-
.auth(
|
|
215
|
+
.auth(accessToken)
|
|
225
216
|
.request()
|
|
226
217
|
.then(({ body }) => ({
|
|
227
218
|
username: body.name,
|
|
228
219
|
email: `${body.name}@strapi.io`, // dummy email as Reddit does not provide user email
|
|
229
220
|
}));
|
|
230
221
|
},
|
|
231
|
-
async auth0({
|
|
222
|
+
async auth0({ accessToken, providers }) {
|
|
232
223
|
const auth0 = purest({ provider: 'auth0' });
|
|
233
224
|
|
|
234
225
|
return auth0
|
|
235
226
|
.get('userinfo')
|
|
236
227
|
.subdomain(providers.auth0.subdomain)
|
|
237
|
-
.auth(
|
|
228
|
+
.auth(accessToken)
|
|
238
229
|
.request()
|
|
239
230
|
.then(({ body }) => {
|
|
240
231
|
const username = body.username || body.nickname || body.name || body.email.split('@')[0];
|
|
@@ -246,13 +237,13 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
246
237
|
};
|
|
247
238
|
});
|
|
248
239
|
},
|
|
249
|
-
async cas({
|
|
240
|
+
async cas({ accessToken, providers }) {
|
|
250
241
|
const cas = purest({ provider: 'cas' });
|
|
251
242
|
|
|
252
243
|
return cas
|
|
253
244
|
.get('oidc/profile')
|
|
254
245
|
.subdomain(providers.cas.subdomain)
|
|
255
|
-
.auth(
|
|
246
|
+
.auth(accessToken)
|
|
256
247
|
.request()
|
|
257
248
|
.then(({ body }) => {
|
|
258
249
|
// CAS attribute may be in body.attributes or "FLAT", depending on CAS config
|
|
@@ -264,7 +255,7 @@ const getInitialProviders = ({ purest }) => ({
|
|
|
264
255
|
: body.strapiemail || body.email;
|
|
265
256
|
if (!username || !email) {
|
|
266
257
|
strapi.log.warn(
|
|
267
|
-
|
|
258
|
+
`CAS Response Body did not contain required attributes: ${JSON.stringify(body)}`
|
|
268
259
|
);
|
|
269
260
|
}
|
|
270
261
|
return {
|
|
@@ -288,14 +279,14 @@ module.exports = () => {
|
|
|
288
279
|
providersCallbacks[providerName] = provider({ purest });
|
|
289
280
|
},
|
|
290
281
|
|
|
291
|
-
async run({ provider,
|
|
282
|
+
async run({ provider, accessToken, query, providers }) {
|
|
292
283
|
if (!providersCallbacks[provider]) {
|
|
293
284
|
throw new Error('Unknown provider.');
|
|
294
285
|
}
|
|
295
286
|
|
|
296
287
|
const providerCb = providersCallbacks[provider];
|
|
297
288
|
|
|
298
|
-
return providerCb({
|
|
289
|
+
return providerCb({ accessToken, query, providers });
|
|
299
290
|
},
|
|
300
291
|
};
|
|
301
292
|
};
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
3
|
/**
|
|
4
|
-
* Module dependencies
|
|
4
|
+
* Module dependencies
|
|
5
5
|
*/
|
|
6
6
|
|
|
7
7
|
// Public node modules.
|
|
@@ -19,7 +19,7 @@ module.exports = ({ strapi }) => {
|
|
|
19
19
|
*/
|
|
20
20
|
|
|
21
21
|
const getProfile = async (provider, query) => {
|
|
22
|
-
const
|
|
22
|
+
const accessToken = query.access_token || query.code || query.oauth_token;
|
|
23
23
|
|
|
24
24
|
const providers = await strapi
|
|
25
25
|
.store({ type: 'plugin', name: 'users-permissions', key: 'grant' })
|
|
@@ -28,7 +28,7 @@ module.exports = ({ strapi }) => {
|
|
|
28
28
|
return getService('providers-registry').run({
|
|
29
29
|
provider,
|
|
30
30
|
query,
|
|
31
|
-
|
|
31
|
+
accessToken,
|
|
32
32
|
providers,
|
|
33
33
|
});
|
|
34
34
|
};
|
|
@@ -38,15 +38,15 @@ module.exports = ({ strapi }) => {
|
|
|
38
38
|
*
|
|
39
39
|
*
|
|
40
40
|
* @param {String} provider
|
|
41
|
-
* @param {String}
|
|
41
|
+
* @param {String} accessToken
|
|
42
42
|
*
|
|
43
43
|
* @return {*}
|
|
44
44
|
*/
|
|
45
45
|
|
|
46
46
|
const connect = async (provider, query) => {
|
|
47
|
-
const
|
|
47
|
+
const accessToken = query.access_token || query.code || query.oauth_token;
|
|
48
48
|
|
|
49
|
-
if (!
|
|
49
|
+
if (!accessToken) {
|
|
50
50
|
throw new Error('No access_token.');
|
|
51
51
|
}
|
|
52
52
|
|