@things-factory/auth-base 5.0.0-alpha.21 → 5.0.0-alpha.22
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist-server/migrations/1548206416130-SeedUser.js +3 -3
- package/dist-server/migrations/1548206416130-SeedUser.js.map +1 -1
- package/dist-server/migrations/1566805283882-SeedPrivilege.js +2 -1
- package/dist-server/migrations/1566805283882-SeedPrivilege.js.map +1 -1
- package/dist-server/router/oauth2/oauth2-server.js +9 -8
- package/dist-server/router/oauth2/oauth2-server.js.map +1 -1
- package/package.json +7 -7
- package/server/migrations/1548206416130-SeedUser.ts +5 -3
- package/server/migrations/1566805283882-SeedPrivilege.ts +4 -1
- package/server/router/oauth2/oauth2-server.ts +10 -9
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.SeedUsers1548206416130 = void 0;
|
|
4
|
-
const shell_1 = require("@things-factory/shell");
|
|
5
|
-
const env_1 = require("@things-factory/env");
|
|
6
4
|
const typeorm_1 = require("typeorm");
|
|
5
|
+
const env_1 = require("@things-factory/env");
|
|
6
|
+
const shell_1 = require("@things-factory/shell");
|
|
7
7
|
const user_1 = require("../service/user/user");
|
|
8
8
|
const ADMIN_ACCOUNT = env_1.config.get('adminAccount', {
|
|
9
9
|
name: 'Admin',
|
|
@@ -28,7 +28,7 @@ class SeedUsers1548206416130 {
|
|
|
28
28
|
}
|
|
29
29
|
}
|
|
30
30
|
catch (e) {
|
|
31
|
-
|
|
31
|
+
env_1.logger.error(e);
|
|
32
32
|
}
|
|
33
33
|
const admin = await userRepository.findOne({ where: { email: 'admin@hatiolab.com' } });
|
|
34
34
|
domain.owner = admin.id;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"1548206416130-SeedUser.js","sourceRoot":"","sources":["../../server/migrations/1548206416130-SeedUser.ts"],"names":[],"mappings":";;;AAAA,
|
|
1
|
+
{"version":3,"file":"1548206416130-SeedUser.js","sourceRoot":"","sources":["../../server/migrations/1548206416130-SeedUser.ts"],"names":[],"mappings":";;;AAAA,qCAAwE;AAExE,6CAAoD;AACpD,iDAA8C;AAE9C,+CAAuD;AAEvD,MAAM,aAAa,GAAG,YAAM,CAAC,GAAG,CAAC,cAAc,EAAE;IAC/C,IAAI,EAAE,OAAO;IACb,KAAK,EAAE,oBAAoB;IAC3B,QAAQ,EAAE,OAAO;CAClB,CAAC,CAAA;AAEF,MAAM,UAAU,GAAG;oCAEZ,aAAa,KAChB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,iBAAU,CAAC,SAAS;CAE/B,CAAA;AACD,MAAa,sBAAsB;IAC1B,KAAK,CAAC,EAAE,CAAC,WAAwB;QACtC,MAAM,cAAc,GAAG,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAA;QAC1C,MAAM,gBAAgB,GAAG,IAAA,uBAAa,EAAC,cAAM,CAAC,CAAA;QAE9C,MAAM,MAAM,GAAW,MAAM,gBAAgB,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAA;QAEpF,IAAI;YACF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;gBAC1C,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;gBAC1B,MAAM,IAAI,GAAG,WAAI,CAAC,YAAY,EAAE,CAAA;gBAChC,MAAM,QAAQ,GAAG,WAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;gBAEjD,MAAM,cAAc,CAAC,IAAI,iCACpB,IAAI,KACP,IAAI;oBACJ,QAAQ,EACR,OAAO,EAAE,CAAC,MAAM,CAAC,IACjB,CAAA;aACH;SACF;QAAC,OAAO,CAAC,EAAE;YACV,YAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;SAChB;QAED,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,oBAAoB,EAAE,EAAE,CAAC,CAAA;QACtF,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC,EAAE,CAAA;QAEvB,MAAM,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;IACrC,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,WAAwB;QACxC,MAAM,UAAU,GAAG,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAA;QAEtC,UAAU,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,EAAC,IAAI,EAAC,EAAE;YACxC,IAAI,MAAM,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAA;YAC5D,MAAM,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;QACjC,CAAC,CAAC,CAAA;IACJ,CAAC;CACF;AAtCD,wDAsCC"}
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.SeedPrivilege1566805283882 = void 0;
|
|
4
4
|
const typeorm_1 = require("typeorm");
|
|
5
|
+
const env_1 = require("@things-factory/env");
|
|
5
6
|
const privilege_1 = require("../service/privilege/privilege");
|
|
6
7
|
class SeedPrivilege1566805283882 {
|
|
7
8
|
async up(queryRunner) {
|
|
@@ -17,7 +18,7 @@ class SeedPrivilege1566805283882 {
|
|
|
17
18
|
}
|
|
18
19
|
}
|
|
19
20
|
catch (e) {
|
|
20
|
-
|
|
21
|
+
env_1.logger.error(e);
|
|
21
22
|
}
|
|
22
23
|
}
|
|
23
24
|
async down(queryRunner) { }
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"1566805283882-SeedPrivilege.js","sourceRoot":"","sources":["../../server/migrations/1566805283882-SeedPrivilege.ts"],"names":[],"mappings":";;;AAAA,qCAAwE;
|
|
1
|
+
{"version":3,"file":"1566805283882-SeedPrivilege.js","sourceRoot":"","sources":["../../server/migrations/1566805283882-SeedPrivilege.ts"],"names":[],"mappings":";;;AAAA,qCAAwE;AAExE,6CAA4C;AAE5C,8DAA0D;AAE1D,MAAa,0BAA0B;IAC9B,KAAK,CAAC,EAAE,CAAC,WAAwB;QACtC,MAAM,mBAAmB,GAAG,IAAA,uBAAa,EAAC,qBAAS,CAAC,CAAA;QAEpD,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,0CAA0C,CAAC,CAAA;QACtE,MAAM,MAAM,EAAE,CAAA;QACd,MAAM,UAAU,GAAG,OAAO,CAAC,YAAY,CAAC,CAAA;QAExC,IAAI;YACF,KAAK,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,UAA8B,CAAC,EAAE;gBAC5E,IAAI,CAAC,IAAI,CAAC,MAAM,mBAAmB,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE;oBACzE,MAAM,mBAAmB,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;iBACnD;aACF;SACF;QAAC,OAAO,CAAC,EAAE;YACV,YAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;SAChB;IACH,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,WAAwB,IAAiB,CAAC;CAC7D;AApBD,gEAoBC"}
|
|
@@ -5,12 +5,13 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
6
|
exports.server = exports.NonClient = exports.NOTFOUND = void 0;
|
|
7
7
|
const oauth2orize_koa_1 = __importDefault(require("oauth2orize-koa"));
|
|
8
|
-
const v4_1 = __importDefault(require("uuid/v4"));
|
|
9
8
|
const typeorm_1 = require("typeorm");
|
|
9
|
+
const v4_1 = __importDefault(require("uuid/v4"));
|
|
10
|
+
const env_1 = require("@things-factory/env");
|
|
10
11
|
const shell_1 = require("@things-factory/shell");
|
|
12
|
+
const application_1 = require("../../service/application/application");
|
|
11
13
|
const role_1 = require("../../service/role/role");
|
|
12
14
|
const user_1 = require("../../service/user/user");
|
|
13
|
-
const application_1 = require("../../service/application/application");
|
|
14
15
|
const debug = require('debug')('things-factory:auth-base:oauth2-server');
|
|
15
16
|
exports.NOTFOUND = 'NOTFOUND';
|
|
16
17
|
exports.NonClient = {
|
|
@@ -85,7 +86,7 @@ exports.server.exchange(oauth2orize_koa_1.default.exchange.code(async (client, c
|
|
|
85
86
|
debug('exchange code - application', application);
|
|
86
87
|
/* DONT-FORGET uncomment after test */
|
|
87
88
|
// if (redirectUrl !== application.redirectUrl && redirectUrl.indexOf(application.redirectUrl) != 0) {
|
|
88
|
-
//
|
|
89
|
+
// logger.error(
|
|
89
90
|
// 'oauth2 exchange error - redirectUrl should begins with the application setting',
|
|
90
91
|
// redirectUrl,
|
|
91
92
|
// application.redirectUrl
|
|
@@ -136,7 +137,7 @@ exports.server.exchange(oauth2orize_koa_1.default.exchange.refreshToken(async (c
|
|
|
136
137
|
debug('exchange refresh-token - decoded', decoded);
|
|
137
138
|
}
|
|
138
139
|
catch (e) {
|
|
139
|
-
|
|
140
|
+
env_1.logger.error(e);
|
|
140
141
|
return false;
|
|
141
142
|
}
|
|
142
143
|
const { id, userType, email, application: { appKey }, domain: { subdomain }, scope: originalScope, exp: expires_in } = decoded;
|
|
@@ -144,12 +145,12 @@ exports.server.exchange(oauth2orize_koa_1.default.exchange.refreshToken(async (c
|
|
|
144
145
|
appKey
|
|
145
146
|
});
|
|
146
147
|
if (!application) {
|
|
147
|
-
|
|
148
|
+
env_1.logger.error('application is not exist');
|
|
148
149
|
return false;
|
|
149
150
|
}
|
|
150
151
|
debug('exchange refresh-token - application', application === null || application === void 0 ? void 0 : application.name);
|
|
151
152
|
if (Date.now() > expires_in * 1000) {
|
|
152
|
-
|
|
153
|
+
env_1.logger.error('refresh token is expired');
|
|
153
154
|
return false;
|
|
154
155
|
}
|
|
155
156
|
const domain = await (0, typeorm_1.getRepository)(shell_1.Domain).findOne({
|
|
@@ -168,7 +169,7 @@ exports.server.exchange(oauth2orize_koa_1.default.exchange.refreshToken(async (c
|
|
|
168
169
|
relations: ['domain', 'creator', 'updater']
|
|
169
170
|
});
|
|
170
171
|
if (!appuser) {
|
|
171
|
-
|
|
172
|
+
env_1.logger.error('application is not bound');
|
|
172
173
|
return false;
|
|
173
174
|
}
|
|
174
175
|
/*
|
|
@@ -179,7 +180,7 @@ exports.server.exchange(oauth2orize_koa_1.default.exchange.refreshToken(async (c
|
|
|
179
180
|
const originalScopes = (originalScope || '').split(',');
|
|
180
181
|
const additionalScope = scopes.find(scope => originalScopes.indexOf(scope) === -1);
|
|
181
182
|
if (additionalScope) {
|
|
182
|
-
|
|
183
|
+
env_1.logger.error(`additional scope(${additionalScope}) required`);
|
|
183
184
|
return false;
|
|
184
185
|
}
|
|
185
186
|
const roles = await (0, typeorm_1.getRepository)(role_1.Role).find({
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth2-server.js","sourceRoot":"","sources":["../../../server/router/oauth2/oauth2-server.ts"],"names":[],"mappings":";;;;;;AAAA,sEAAyC;
|
|
1
|
+
{"version":3,"file":"oauth2-server.js","sourceRoot":"","sources":["../../../server/router/oauth2/oauth2-server.ts"],"names":[],"mappings":";;;;;;AAAA,sEAAyC;AACzC,qCAA2C;AAC3C,iDAA4B;AAE5B,6CAA4C;AAC5C,iDAA8C;AAE9C,uEAAmE;AACnE,kDAA8C;AAC9C,kDAA0D;AAE1D,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,wCAAwC,CAAC,CAAA;AAE3D,QAAA,QAAQ,GAAG,UAAU,CAAA;AACrB,QAAA,SAAS,GAAG;IACvB,EAAE,EAAE,gBAAQ;CACb,CAAA;AAED,0BAA0B;AACb,QAAA,MAAM,GAAG,yBAAW,CAAC,YAAY,EAAE,CAAA;AAEhD,2DAA2D;AAC3D,EAAE;AACF,oEAAoE;AACpE,4EAA4E;AAC5E,8EAA8E;AAC9E,2EAA2E;AAC3E,yBAAyB;AACzB,EAAE;AACF,8EAA8E;AAC9E,0EAA0E;AAC1E,6EAA6E;AAC7E,sCAAsC;AAEtC,cAAM,CAAC,eAAe,CAAC,KAAK,WAAW,MAAM;IAC3C,KAAK,CAAC,UAAU,EAAE,MAAM,CAAC,CAAA;IACzB,OAAO,MAAM,CAAC,EAAE,CAAA;AAClB,CAAC,CAAC,CAAA;AAEF,cAAM,CAAC,iBAAiB,CAAC,KAAK,WAAW,EAAE;IACzC,IAAI,EAAE,IAAI,gBAAQ,EAAE;QAClB,KAAK,CAAC,yBAAyB,CAAC,CAAA;QAChC,OAAO,EAAE,CAAA;KACV;IAED,MAAM,WAAW,GAAG,MAAM,IAAA,uBAAa,EAAC,yBAAW,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;IAChE,KAAK,CAAC,aAAa,EAAE,EAAE,EAAE,WAAW,CAAC,CAAA;IACrC,OAAO,WAAW,CAAA;AACpB,CAAC,CAAC,CAAA;AAEF,kCAAkC;AAClC,EAAE;AACF,oEAAoE;AACpE,0EAA0E;AAC1E,2EAA2E;AAC3E,iCAAiC;AAEjC,yEAAyE;AACzE,uEAAuE;AACvE,sEAAsE;AACtE,6EAA6E;AAC7E,2EAA2E;AAC3E,qDAAqD;AAErD,cAAM,CAAC,KAAK,CACV,yBAAW,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;IACrE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,IAAI,CAAA;IAExD,OAAO,yBAAW,CAAC,gBAAgB,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,CAAC,CAAA;AAC9E,CAAC,CAAC,CACH,CAAA;AAED,4EAA4E;AAC5E,sEAAsE;AACtE,8EAA8E;AAC9E,8EAA8E;AAC9E,QAAQ;AAER,cAAM,CAAC,QAAQ,CACb,yBAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE;IAC5D,IAAI;QACF,wBAAwB;QACxB,IAAI,OAAO,GAAG,yBAAW,CAAC,cAAc,CAAC,IAAI,CAAC,CAAA;QAC9C,KAAK,CAAC,yBAAyB,EAAE,OAAO,CAAC,CAAA;KAC1C;IAAC,OAAO,CAAC,EAAE;QACV,KAAK,CAAC,eAAe,EAAE,CAAC,CAAC,CAAA;QACzB,OAAO,KAAK,CAAA;KACb;IACD,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;IAElD,MAAM,WAAW,GAAgB,MAAM,IAAA,uBAAa,EAAC,yBAAW,CAAC,CAAC,OAAO,CAAC;QACxE,MAAM;KACP,CAAC,CAAA;IAEF,IAAI,CAAC,WAAW,EAAE;QAChB,KAAK,CAAC,eAAe,EAAE,0BAA0B,CAAC,CAAA;QAClD,OAAO,KAAK,CAAA;KACb;IAED,KAAK,CAAC,6BAA6B,EAAE,WAAW,CAAC,CAAA;IAEjD,sCAAsC;IACtC,sGAAsG;IACtG,kBAAkB;IAClB,wFAAwF;IACxF,mBAAmB;IACnB,8BAA8B;IAC9B,MAAM;IACN,oBAAoB;IACpB,yBAAyB;IACzB,uIAAuI;IACvI,MAAM;IACN,IAAI;IAEJ,MAAM,MAAM,GAAW,MAAM,IAAA,uBAAa,EAAC,cAAM,CAAC,CAAC,OAAO,CAAC;QACzD,SAAS;KACV,CAAC,CAAA;IAEF,MAAM,OAAO,GAAS,MAAM,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,CAAC,CAAA;IAElE,MAAM,YAAY,GAAG,GAAG,IAAA,YAAM,GAAE,IAAI,SAAS,EAAE,CAAA;IAE/C,IAAI,OAAO,GAAS,MAAM,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CACnD;QACE,KAAK,EAAE,YAAY;QACnB,SAAS,EAAE,WAAW,CAAC,EAAE;QACzB,QAAQ,EAAE,aAAa;KACxB,EACD;QACE,SAAS,EAAE,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,CAAC;KAC7C,CACF,CAAA;IAED,OAAO,GAAG,MAAM,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAC,IAAI,iCACnC,CAAC,OAAO,IAAI,EAAE,CAAC,KAClB,KAAK,EAAE,YAAY,EACnB,IAAI,EAAE,WAAW,CAAC,IAAI,EACtB,QAAQ,EAAE,aAAa,EACvB,SAAS,EAAE,WAAW,CAAC,EAAE,EACzB,OAAO,EAAE,CAAC,MAAM,CAAC,EACjB,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,iBAAU,CAAC,SAAS,EAC5B,OAAO,EAAE,OAAO,EAChB,OAAO,IACP,CAAA;IAEF,gDAAgD;IAChD,oCAAoC;IACpC,2BAA2B;IAC3B,KAAK;IAEL,8CAA8C;IAC9C,0CAA0C;IAC1C,yEAAyE;IACzE,qEAAqE;IAErE,IAAI,WAAW,GAAG,yBAAW,CAAC,mBAAmB,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,CAAA;IAClF,IAAI,YAAY,GAAG,yBAAW,CAAC,oBAAoB,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,CAAA;IAEpF,MAAM,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAC,IAAI,iCACxB,OAAe,KACnB,QAAQ,EAAE,YAAY,IACtB,CAAA;IAEF,OAAO;QACL,WAAW;QACX,YAAY;QACZ;YACE,UAAU,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,SAAS;YACvC,UAAU,EAAE,QAAQ;YACpB,QAAQ,EAAE,SAAS;SACpB;KACF,CAAA;AACH,CAAC,CAAC,CACH,CAAA;AAED,cAAM,CAAC,QAAQ,CACb,yBAAW,CAAC,QAAQ,CAAC,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,YAAY,EAAE,KAAK,EAAE,EAAE;IACtE,IAAI;QACF,mBAAmB;QACnB,IAAI,OAAO,GAAG,yBAAW,CAAC,cAAc,CAAC,YAAY,CAAC,CAAA;QACtD,KAAK,CAAC,kCAAkC,EAAE,OAAO,CAAC,CAAA;KACnD;IAAC,OAAO,CAAC,EAAE;QACV,YAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACf,OAAO,KAAK,CAAA;KACb;IACD,MAAM,EACJ,EAAE,EACF,QAAQ,EACR,KAAK,EACL,WAAW,EAAE,EAAE,MAAM,EAAE,EACvB,MAAM,EAAE,EAAE,SAAS,EAAE,EACrB,KAAK,EAAE,aAAa,EACpB,GAAG,EAAE,UAAU,EAChB,GAAG,OAAO,CAAA;IAEX,MAAM,WAAW,GAAgB,MAAM,IAAA,uBAAa,EAAC,yBAAW,CAAC,CAAC,OAAO,CAAC;QACxE,MAAM;KACP,CAAC,CAAA;IAEF,IAAI,CAAC,WAAW,EAAE;QAChB,YAAM,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAA;QACxC,OAAO,KAAK,CAAA;KACb;IAED,KAAK,CAAC,sCAAsC,EAAE,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,IAAI,CAAC,CAAA;IAEhE,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,GAAG,IAAI,EAAE;QAClC,YAAM,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAA;QACxC,OAAO,KAAK,CAAA;KACb;IAED,MAAM,MAAM,GAAW,MAAM,IAAA,uBAAa,EAAC,cAAM,CAAC,CAAC,OAAO,CAAC;QACzD,SAAS;KACV,CAAC,CAAA;IAEF,MAAM,OAAO,GAAS,MAAM,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC;QACtD,EAAE;QACF,QAAQ;KACT,CAAC,CAAA;IAEF,MAAM,YAAY,GAAG,GAAG,MAAM,IAAI,SAAS,EAAE,CAAA;IAE7C,IAAI,OAAO,GAAS,MAAM,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CACnD;QACE,KAAK,EAAE,YAAY;QACnB,SAAS,EAAE,WAAW,CAAC,EAAE;QACzB,QAAQ,EAAE,aAAa;KACxB,EACD;QACE,SAAS,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,SAAS,CAAC;KAC5C,CACF,CAAA;IAED,IAAI,CAAC,OAAO,EAAE;QACZ,YAAM,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAA;QACxC,OAAO,KAAK,CAAA;KACb;IAED;;OAEG;IAEH,KAAK,GAAG,KAAK,IAAI,aAAa,CAAA;IAE9B,MAAM,MAAM,GAAa,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACzC,MAAM,cAAc,GAAG,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACvD,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,cAAc,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAClF,IAAI,eAAe,EAAE;QACnB,YAAM,CAAC,KAAK,CAAC,oBAAoB,eAAe,YAAY,CAAC,CAAA;QAC7D,OAAO,KAAK,CAAA;KACb;IAED,MAAM,KAAK,GAAG,MAAM,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAC,IAAI,CAAC;QAC3C,IAAI,EAAE,IAAA,YAAE,EAAC,MAAM,CAAC;QAChB,MAAM;KACP,CAAC,CAAA;IAEF,IAAI,WAAW,GAAG,yBAAW,CAAC,mBAAmB,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,CAAA;IACjF,IAAI,YAAY,GAAG,yBAAW,CAAC,oBAAoB,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,CAAA;IAEnF,MAAM,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAC,IAAI,iCACxB,OAAe,KACnB,KAAK,EACL,QAAQ,EAAE,YAAY,IACtB,CAAA;IAEF,OAAO;QACL,WAAW;QACX,YAAY;QACZ;YACE,UAAU,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,SAAS;YACvC,UAAU,EAAE,QAAQ;SACrB;KACF,CAAA;AACH,CAAC,CAAC,CACH,CAAA"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@things-factory/auth-base",
|
|
3
|
-
"version": "5.0.0-alpha.
|
|
3
|
+
"version": "5.0.0-alpha.22",
|
|
4
4
|
"main": "dist-server/index.js",
|
|
5
5
|
"browser": "client/index.js",
|
|
6
6
|
"things-factory": true,
|
|
@@ -27,11 +27,11 @@
|
|
|
27
27
|
"migration:create": "node ../../node_modules/typeorm/cli.js migration:create -d ./server/migrations"
|
|
28
28
|
},
|
|
29
29
|
"dependencies": {
|
|
30
|
-
"@things-factory/email-base": "^5.0.0-alpha.
|
|
31
|
-
"@things-factory/env": "^5.0.0-alpha.
|
|
32
|
-
"@things-factory/i18n-base": "^5.0.0-alpha.
|
|
33
|
-
"@things-factory/shell": "^5.0.0-alpha.
|
|
34
|
-
"@things-factory/utils": "^5.0.0-alpha.
|
|
30
|
+
"@things-factory/email-base": "^5.0.0-alpha.22",
|
|
31
|
+
"@things-factory/env": "^5.0.0-alpha.22",
|
|
32
|
+
"@things-factory/i18n-base": "^5.0.0-alpha.22",
|
|
33
|
+
"@things-factory/shell": "^5.0.0-alpha.22",
|
|
34
|
+
"@things-factory/utils": "^5.0.0-alpha.22",
|
|
35
35
|
"jsonwebtoken": "^8.5.1",
|
|
36
36
|
"koa-passport": "^4.1.4",
|
|
37
37
|
"koa-session": "^6.0.0",
|
|
@@ -41,5 +41,5 @@
|
|
|
41
41
|
"passport-local": "^1.0.0",
|
|
42
42
|
"uuid": "^3.4.0"
|
|
43
43
|
},
|
|
44
|
-
"gitHead": "
|
|
44
|
+
"gitHead": "8e06de9c59237f1800b2ff4f1c53162a0228342a"
|
|
45
45
|
}
|
|
@@ -1,6 +1,8 @@
|
|
|
1
|
-
import { Domain } from '@things-factory/shell'
|
|
2
|
-
import { config } from '@things-factory/env'
|
|
3
1
|
import { getRepository, MigrationInterface, QueryRunner } from 'typeorm'
|
|
2
|
+
|
|
3
|
+
import { config, logger } from '@things-factory/env'
|
|
4
|
+
import { Domain } from '@things-factory/shell'
|
|
5
|
+
|
|
4
6
|
import { User, UserStatus } from '../service/user/user'
|
|
5
7
|
|
|
6
8
|
const ADMIN_ACCOUNT = config.get('adminAccount', {
|
|
@@ -37,7 +39,7 @@ export class SeedUsers1548206416130 implements MigrationInterface {
|
|
|
37
39
|
})
|
|
38
40
|
}
|
|
39
41
|
} catch (e) {
|
|
40
|
-
|
|
42
|
+
logger.error(e)
|
|
41
43
|
}
|
|
42
44
|
|
|
43
45
|
const admin = await userRepository.findOne({ where: { email: 'admin@hatiolab.com' } })
|
|
@@ -1,4 +1,7 @@
|
|
|
1
1
|
import { getRepository, MigrationInterface, QueryRunner } from 'typeorm'
|
|
2
|
+
|
|
3
|
+
import { logger } from '@things-factory/env'
|
|
4
|
+
|
|
2
5
|
import { Privilege } from '../service/privilege/privilege'
|
|
3
6
|
|
|
4
7
|
export class SeedPrivilege1566805283882 implements MigrationInterface {
|
|
@@ -16,7 +19,7 @@ export class SeedPrivilege1566805283882 implements MigrationInterface {
|
|
|
16
19
|
}
|
|
17
20
|
}
|
|
18
21
|
} catch (e) {
|
|
19
|
-
|
|
22
|
+
logger.error(e)
|
|
20
23
|
}
|
|
21
24
|
}
|
|
22
25
|
|
|
@@ -1,12 +1,13 @@
|
|
|
1
1
|
import oauth2orize from 'oauth2orize-koa'
|
|
2
|
-
|
|
2
|
+
import { getRepository, In } from 'typeorm'
|
|
3
3
|
import uuidv4 from 'uuid/v4'
|
|
4
4
|
|
|
5
|
-
import {
|
|
5
|
+
import { logger } from '@things-factory/env'
|
|
6
6
|
import { Domain } from '@things-factory/shell'
|
|
7
|
+
|
|
8
|
+
import { Application } from '../../service/application/application'
|
|
7
9
|
import { Role } from '../../service/role/role'
|
|
8
10
|
import { User, UserStatus } from '../../service/user/user'
|
|
9
|
-
import { Application } from '../../service/application/application'
|
|
10
11
|
|
|
11
12
|
const debug = require('debug')('things-factory:auth-base:oauth2-server')
|
|
12
13
|
|
|
@@ -100,7 +101,7 @@ server.exchange(
|
|
|
100
101
|
|
|
101
102
|
/* DONT-FORGET uncomment after test */
|
|
102
103
|
// if (redirectUrl !== application.redirectUrl && redirectUrl.indexOf(application.redirectUrl) != 0) {
|
|
103
|
-
//
|
|
104
|
+
// logger.error(
|
|
104
105
|
// 'oauth2 exchange error - redirectUrl should begins with the application setting',
|
|
105
106
|
// redirectUrl,
|
|
106
107
|
// application.redirectUrl
|
|
@@ -180,7 +181,7 @@ server.exchange(
|
|
|
180
181
|
var decoded = Application.verifyAuthCode(refreshToken)
|
|
181
182
|
debug('exchange refresh-token - decoded', decoded)
|
|
182
183
|
} catch (e) {
|
|
183
|
-
|
|
184
|
+
logger.error(e)
|
|
184
185
|
return false
|
|
185
186
|
}
|
|
186
187
|
const {
|
|
@@ -198,14 +199,14 @@ server.exchange(
|
|
|
198
199
|
})
|
|
199
200
|
|
|
200
201
|
if (!application) {
|
|
201
|
-
|
|
202
|
+
logger.error('application is not exist')
|
|
202
203
|
return false
|
|
203
204
|
}
|
|
204
205
|
|
|
205
206
|
debug('exchange refresh-token - application', application?.name)
|
|
206
207
|
|
|
207
208
|
if (Date.now() > expires_in * 1000) {
|
|
208
|
-
|
|
209
|
+
logger.error('refresh token is expired')
|
|
209
210
|
return false
|
|
210
211
|
}
|
|
211
212
|
|
|
@@ -232,7 +233,7 @@ server.exchange(
|
|
|
232
233
|
)
|
|
233
234
|
|
|
234
235
|
if (!appuser) {
|
|
235
|
-
|
|
236
|
+
logger.error('application is not bound')
|
|
236
237
|
return false
|
|
237
238
|
}
|
|
238
239
|
|
|
@@ -246,7 +247,7 @@ server.exchange(
|
|
|
246
247
|
const originalScopes = (originalScope || '').split(',')
|
|
247
248
|
const additionalScope = scopes.find(scope => originalScopes.indexOf(scope) === -1)
|
|
248
249
|
if (additionalScope) {
|
|
249
|
-
|
|
250
|
+
logger.error(`additional scope(${additionalScope}) required`)
|
|
250
251
|
return false
|
|
251
252
|
}
|
|
252
253
|
|