@strapi/plugin-users-permissions 4.6.0-beta.2 → 4.6.1

package/admin/src/hooks/useFetchRole/index.js

@@ -1,13 +1,13 @@
 import { useCallback, useReducer, useEffect, useRef } from 'react';
-import { useNotification } from '@strapi/helper-plugin';
+import { useNotification, useFetchClient } from '@strapi/helper-plugin';
 import reducer, { initialState } from './reducer';
-import axiosInstance from '../../utils/axiosInstance';
 import pluginId from '../../pluginId';
 
 const useFetchRole = (id) => {
   const [state, dispatch] = useReducer(reducer, initialState);
   const toggleNotification = useNotification();
   const isMounted = useRef(null);
+  const { get } = useFetchClient();
 
   useEffect(() => {
     isMounted.current = true;
@@ -29,7 +29,7 @@ const useFetchRole = (id) => {
     try {
       const {
         data: { role },
-      } = await axiosInstance.get(`/${pluginId}/roles/${roleId}`);
+      } = await get(`/${pluginId}/roles/${roleId}`);
 
       // Prevent updating state on an unmounted component
       if (isMounted.current) {

package/admin/src/hooks/usePlugins/index.js

@@ -1,10 +1,9 @@
 import { useCallback, useEffect, useReducer } from 'react';
-import { useNotification } from '@strapi/helper-plugin';
+import { useNotification, useFetchClient } from '@strapi/helper-plugin';
 import { get } from 'lodash';
 import init from './init';
 import pluginId from '../../pluginId';
 import { cleanPermissions } from '../../utils';
-import axiosInstance from '../../utils/axiosInstance';
 import reducer, { initialState } from './reducer';
 
 const usePlugins = (shouldFetchData = true) => {
@@ -12,6 +11,7 @@ const usePlugins = (shouldFetchData = true) => {
   const [{ permissions, routes, isLoading }, dispatch] = useReducer(reducer, initialState, () =>
     init(initialState, shouldFetchData)
   );
+  const fetchClient = useFetchClient();
 
   const fetchPlugins = useCallback(async () => {
     try {
@@ -21,7 +21,7 @@ const usePlugins = (shouldFetchData = true) => {
 
       const [{ permissions }, { routes }] = await Promise.all(
         [`/${pluginId}/permissions`, `/${pluginId}/routes`].map(async (endpoint) => {
-          const res = await axiosInstance.get(endpoint);
+          const res = await fetchClient.get(endpoint);
 
           return res.data;
         })
@@ -46,6 +46,8 @@ const usePlugins = (shouldFetchData = true) => {
         });
       }
     }
+
+    // eslint-disable-next-line react-hooks/exhaustive-deps
   }, [toggleNotification]);
 
   useEffect(() => {

package/admin/src/pages/AdvancedSettings/utils/api.js

@@ -1,13 +1,17 @@
-import { axiosInstance, getRequestURL } from '../../../utils';
+import { getFetchClient } from '@strapi/helper-plugin';
+import { getRequestURL } from '../../../utils';
 
 const fetchData = async () => {
-  const { data } = await axiosInstance.get(getRequestURL('advanced'));
+  const { get } = getFetchClient();
+  const { data } = await get(getRequestURL('advanced'));
 
   return data;
 };
 
 const putAdvancedSettings = (body) => {
-  return axiosInstance.put(getRequestURL('advanced'), body);
+  const { put } = getFetchClient();
+
+  return put(getRequestURL('advanced'), body);
 };
 
 export { fetchData, putAdvancedSettings };

package/admin/src/pages/EmailTemplates/utils/api.js

@@ -1,13 +1,17 @@
-import { axiosInstance, getRequestURL } from '../../../utils';
+import { getFetchClient } from '@strapi/helper-plugin';
+import { getRequestURL } from '../../../utils';
 
 const fetchData = async () => {
-  const { data } = await axiosInstance.get(getRequestURL('email-templates'));
+  const { get } = getFetchClient();
+  const { data } = await get(getRequestURL('email-templates'));
 
   return data;
 };
 
 const putEmailTemplate = (body) => {
-  return axiosInstance.put(getRequestURL('email-templates'), body);
+  const { put } = getFetchClient();
+
+  return put(getRequestURL('email-templates'), body);
 };
 
 export { fetchData, putEmailTemplate };

package/admin/src/pages/Providers/utils/api.js

@@ -1,9 +1,11 @@
-import { getRequestURL, axiosInstance } from '../../../utils';
+import { getFetchClient } from '@strapi/helper-plugin';
+import { getRequestURL } from '../../../utils';
 
 // eslint-disable-next-line import/prefer-default-export
 export const fetchData = async (toggleNotification) => {
   try {
-    const { data } = await axiosInstance.get(getRequestURL('providers'));
+    const { get } = getFetchClient();
+    const { data } = await get(getRequestURL('providers'));
 
     return data;
   } catch (err) {
@@ -17,5 +19,7 @@ export const fetchData = async (toggleNotification) => {
 };
 
 export const putProvider = (body) => {
-  return axiosInstance.put(getRequestURL('providers'), body);
+  const { put } = getFetchClient();
+
+  return put(getRequestURL('providers'), body);
 };

package/admin/src/pages/Providers/utils/forms.js

@@ -173,6 +173,21 @@ const forms = {
           },
         },
       ],
+      [
+        {
+          intlLabel: {
+            id: getTrad({ id: 'PopUpForm.Providers.jwksurl.label' }),
+            defaultMessage: 'JWKS URL',
+          },
+          name: 'jwksurl',
+          type: 'text',
+          placeholder: textPlaceholder,
+          size: 12,
+          validations: {
+            required: false,
+          },
+        },
+      ],
 
       [
         {

package/admin/src/pages/Roles/CreatePage/index.js

@@ -15,6 +15,7 @@ import { useIntl } from 'react-intl';
 import {
   useOverlayBlocker,
   SettingsPageTitle,
+  useFetchClient,
   useTracking,
   Form,
   useNotification,
@@ -24,7 +25,6 @@ import getTrad from '../../../utils/getTrad';
 import pluginId from '../../../pluginId';
 import { usePlugins } from '../../../hooks';
 import schema from './utils/schema';
-import axiosInstance from '../../../utils/axiosInstance';
 
 const EditPage = () => {
   const { formatMessage } = useIntl();
@@ -35,6 +35,7 @@ const EditPage = () => {
   const { isLoading: isLoadingPlugins, permissions, routes } = usePlugins();
   const { trackUsage } = useTracking();
   const permissionsRef = useRef();
+  const { post } = useFetchClient();
 
   const handleCreateRoleSubmit = async (data) => {
     // Set loading state
@@ -43,7 +44,7 @@ const EditPage = () => {
     try {
       const permissions = permissionsRef.current.getPermissions();
       // Update role in Strapi
-      await axiosInstance.post(`/${pluginId}/roles`, { ...data, ...permissions, users: [] });
+      await post(`/${pluginId}/roles`, { ...data, ...permissions, users: [] });
       // Notify success
       trackUsage('didCreateRole');
       toggleNotification({

package/admin/src/pages/Roles/EditPage/index.js

@@ -3,6 +3,7 @@ import { Formik } from 'formik';
 import { useIntl } from 'react-intl';
 import { useRouteMatch } from 'react-router-dom';
 import {
+  useFetchClient,
   useOverlayBlocker,
   SettingsPageTitle,
   LoadingIndicatorPage,
@@ -26,7 +27,6 @@ import getTrad from '../../../utils/getTrad';
 import pluginId from '../../../pluginId';
 import { usePlugins, useFetchRole } from '../../../hooks';
 import schema from './utils/schema';
-import axiosInstance from '../../../utils/axiosInstance';
 
 const EditPage = () => {
   const { formatMessage } = useIntl();
@@ -39,6 +39,7 @@ const EditPage = () => {
   const { isLoading: isLoadingPlugins, routes } = usePlugins();
   const { role, onSubmitSucceeded, isLoading: isLoadingRole } = useFetchRole(id);
   const permissionsRef = useRef();
+  const { put } = useFetchClient();
 
   const handleEditRoleSubmit = async (data) => {
     // Set loading state
@@ -47,7 +48,7 @@ const EditPage = () => {
     try {
       const permissions = permissionsRef.current.getPermissions();
       // Update role in Strapi
-      await axiosInstance.put(`/${pluginId}/roles/${id}`, { ...data, ...permissions, users: [] });
+      await put(`/${pluginId}/roles/${id}`, { ...data, ...permissions, users: [] });
       // Notify success
       onSubmitSucceeded({ name: data.name, description: data.description });
       toggleNotification({

package/admin/src/pages/Roles/ListPage/utils/api.js

@@ -1,8 +1,10 @@
-import { getRequestURL, axiosInstance } from '../../../../utils';
+import { getFetchClient } from '@strapi/helper-plugin';
+import { getRequestURL } from '../../../../utils';
 
 export const fetchData = async (toggleNotification, notifyStatus) => {
   try {
-    const { data } = await axiosInstance.get(getRequestURL('roles'));
+    const { get } = getFetchClient();
+    const { data } = await get(getRequestURL('roles'));
     notifyStatus('The roles have loaded successfully');
 
     return data;
@@ -18,7 +20,8 @@ export const fetchData = async (toggleNotification, notifyStatus) => {
 
 export const deleteData = async (id, toggleNotification) => {
   try {
-    await axiosInstance.delete(`${getRequestURL('roles')}/${id}`);
+    const { del } = getFetchClient();
+    await del(`${getRequestURL('roles')}/${id}`);
   } catch (error) {
     toggleNotification({
       type: 'warning',

package/admin/src/utils/index.js

@@ -1,4 +1,3 @@
-export { default as axiosInstance } from './axiosInstance';
 export { default as cleanPermissions } from './cleanPermissions';
 export { default as getRequestURL } from './getRequestURL';
 export { default as getTrad } from './getTrad';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@strapi/plugin-users-permissions",
-  "version": "4.6.0-beta.2",
+  "version": "4.6.1",
   "description": "Protect your API with a full-authentication process based on JWT",
   "repository": {
     "type": "git",
@@ -27,18 +27,19 @@
     "test:front:watch:ce": "cross-env IS_EE=false jest --config ./jest.config.front.js --watchAll"
   },
   "dependencies": {
-    "@strapi/helper-plugin": "4.6.0-beta.2",
-    "@strapi/utils": "4.6.0-beta.2",
+    "@strapi/helper-plugin": "4.6.1",
+    "@strapi/utils": "4.6.1",
     "bcryptjs": "2.4.3",
     "grant-koa": "5.4.8",
     "jsonwebtoken": "9.0.0",
+    "jwk-to-pem": "2.0.5",
     "koa": "^2.13.4",
     "koa2-ratelimit": "^1.1.2",
     "lodash": "4.17.21",
     "purest": "4.0.2",
     "react": "^17.0.2",
     "react-dom": "^17.0.2",
-    "react-intl": "5.25.1",
+    "react-intl": "6.2.7",
     "react-redux": "7.2.8",
     "react-router": "^5.2.0",
     "react-router-dom": "5.3.4",
@@ -64,5 +65,5 @@
     "required": true,
     "kind": "plugin"
   },
-  "gitHead": "b852090f931cd21868c4016f24db2f9fdfc7a7ab"
+  "gitHead": "17a7845e3d453ea2e7911bda6ec25ed196dd5f16"
 }

package/server/bootstrap/grant-config.js

@@ -120,4 +120,12 @@ module.exports = (baseURL) => ({
     scope: ['openid email'], // scopes should be space delimited
     subdomain: 'my.subdomain.com/cas',
   },
+  patreon: {
+    enabled: false,
+    icon: '',
+    key: '',
+    secret: '',
+    callback: `${baseURL}/patreon/callback`,
+    scope: ['identity', 'identity[email]'],
+  },
 });

package/server/services/providers-registry.js

@@ -2,10 +2,53 @@
 
 const { strict: assert } = require('assert');
 const jwt = require('jsonwebtoken');
+const jwkToPem = require('jwk-to-pem');
+
+const getCognitoPayload = async ({ idToken, jwksUrl, purest }) => {
+  const {
+    header: { kid },
+    payload,
+  } = jwt.decode(idToken, { complete: true });
+
+  if (!payload || !kid) {
+    throw new Error('The provided token is not valid');
+  }
+
+  const config = {
+    cognito: {
+      discovery: {
+        origin: jwksUrl.origin,
+        path: jwksUrl.pathname,
+      },
+    },
+  };
+  try {
+    const cognito = purest({ provider: 'cognito', config });
+    // get the JSON Web Key (JWK) for the user pool
+    const { body: jwk } = await cognito('discovery').request();
+    // Get the key with the same Key ID as the provided token
+    const key = jwk.keys.find(({ kid: jwkKid }) => jwkKid === kid);
+    const pem = jwkToPem(key);
+
+    // https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html
+    const decodedToken = await new Promise((resolve, reject) => {
+      jwt.verify(idToken, pem, { algorithms: ['RS256'] }, (err, decodedToken) => {
+        if (err) {
+          reject();
+        }
+        resolve(decodedToken);
+      });
+    });
+    return decodedToken;
+  } catch (err) {
+    throw new Error('There was an error verifying the token');
+  }
+};
 
 const getInitialProviders = ({ purest }) => ({
   async discord({ accessToken }) {
     const discord = purest({ provider: 'discord' });
+
     return discord
       .get('users/@me')
       .auth(accessToken)
@@ -19,19 +62,14 @@ const getInitialProviders = ({ purest }) => ({
         };
       });
   },
-  async cognito({ query }) {
-    // get the id_token
+  async cognito({ query, providers }) {
+    const jwksUrl = new URL(providers.cognito.jwksurl);
     const idToken = query.id_token;
-    // decode the jwt token
-    const tokenPayload = jwt.decode(idToken);
-    if (!tokenPayload) {
-      throw new Error('unable to decode jwt token');
-    } else {
-      return {
-        username: tokenPayload['cognito:username'],
-        email: tokenPayload.email,
-      };
-    }
+    const tokenPayload = await getCognitoPayload({ idToken, jwksUrl, purest });
+    return {
+      username: tokenPayload['cognito:username'],
+      email: tokenPayload.email,
+    };
   },
   async facebook({ accessToken }) {
     const facebook = purest({ provider: 'facebook' });
@@ -264,6 +302,35 @@ const getInitialProviders = ({ purest }) => ({
         };
       });
   },
+  async patreon({ accessToken }) {
+    const patreon = purest({
+      provider: 'patreon',
+      config: {
+        patreon: {
+          default: {
+            origin: 'https://www.patreon.com',
+            path: 'api/oauth2/{path}',
+            headers: {
+              authorization: 'Bearer {auth}',
+            },
+          },
+        },
+      },
+    });
+
+    return patreon
+      .get('v2/identity')
+      .auth(accessToken)
+      .qs(new URLSearchParams({ 'fields[user]': 'full_name,email' }).toString())
+      .request()
+      .then(({ body }) => {
+        const patreonData = body.data.attributes;
+        return {
+          username: patreonData.full_name,
+          email: patreonData.email,
+        };
+      });
+  },
 });
 
 module.exports = () => {

package/server/services/providers.js

@@ -78,7 +78,7 @@ module.exports = ({ strapi }) => {
       return user;
     }
 
-    if (users.length > 1 && advancedSettings.unique_email) {
+    if (users.length && advancedSettings.unique_email) {
       throw new Error('Email is already taken.');
     }
 

package/admin/src/utils/axiosInstance.js

@@ -1,38 +0,0 @@
-import axios from 'axios';
-import { auth, wrapAxiosInstance } from '@strapi/helper-plugin';
-
-const instance = axios.create({
-  baseURL: process.env.STRAPI_ADMIN_BACKEND_URL,
-});
-
-instance.interceptors.request.use(
-  async (config) => {
-    config.headers = {
-      Authorization: `Bearer ${auth.getToken()}`,
-      Accept: 'application/json',
-      'Content-Type': 'application/json',
-    };
-
-    return config;
-  },
-  (error) => {
-    Promise.reject(error);
-  }
-);
-
-instance.interceptors.response.use(
-  (response) => response,
-  (error) => {
-    // whatever you want to do with the error
-    if (error.response?.status === 401) {
-      auth.clearAppStorage();
-      window.location.reload();
-    }
-
-    throw error;
-  }
-);
-
-const wrapper = wrapAxiosInstance(instance);
-
-export default wrapper;