@things-factory/auth-base 8.0.0 → 9.0.0-beta.3

package/server/service/appliance/appliance.ts

@@ -1,133 +0,0 @@
-import {
-  Column,
-  CreateDateColumn,
-  Entity,
-  Index,
-  ManyToOne,
-  PrimaryGeneratedColumn,
-  RelationId,
-  UpdateDateColumn
-} from 'typeorm'
-import { Directive, Field, ID, ObjectType } from 'type-graphql'
-import { User, UserStatus } from '../user/user'
-
-import { Domain } from '@things-factory/shell'
-import { SECRET } from '../../utils/get-secret'
-import { config } from '@things-factory/env'
-import jwt from 'jsonwebtoken'
-
-const ORMCONFIG = config.get('ormconfig', {})
-const DATABASE_TYPE = ORMCONFIG.type
-
-@Entity()
-@Index('ix_appliance_0', (appliance: Appliance) => [appliance.domain, appliance.name], {
-  unique: true
-})
-@ObjectType()
-export class Appliance {
-  @PrimaryGeneratedColumn('uuid')
-  @Field(type => ID)
-  readonly id: string
-
-  @ManyToOne(type => Domain)
-  @Field(type => Domain)
-  domain?: Domain
-
-  @RelationId((appliance: Appliance) => appliance.domain)
-  domainId: string
-
-  @Column({
-    nullable: true
-  })
-  @Field({ nullable: true })
-  serialNo: string
-
-  @Column()
-  @Field()
-  name: string
-
-  @Column()
-  @Field({ nullable: true })
-  brand: string
-
-  @Column()
-  @Field({ nullable: true })
-  model: string
-
-  @Column({
-    nullable: true
-  })
-  @Field({ nullable: true })
-  netmask: string
-
-  @Column({
-    nullable: true
-  })
-  @Field({ nullable: true })
-  description: string
-
-  @Column({
-    nullable: true,
-    type:
-      DATABASE_TYPE == 'mysql' || DATABASE_TYPE == 'mariadb'
-        ? 'longtext'
-        : DATABASE_TYPE == 'oracle'
-          ? 'clob'
-          : DATABASE_TYPE == 'mssql'
-            ? 'nvarchar'
-            : 'varchar',
-    length: DATABASE_TYPE == 'mssql' ? 'MAX' : undefined
-  })
-  @Field({ nullable: true })
-  @Directive('@privilege(category: "security", privilege: "query", domainOwnerGranted: true)')
-  accessToken: string
-
-  @ManyToOne(type => User, { nullable: true })
-  @Field({ nullable: true })
-  creator: User
-
-  @RelationId((appliance: Appliance) => appliance.creator)
-  creatorId: string
-
-  @ManyToOne(type => User, { nullable: true })
-  @Field({ nullable: true })
-  updater: User
-
-  @RelationId((appliance: Appliance) => appliance.updater)
-  updaterId: string
-
-  @CreateDateColumn()
-  @Field({ nullable: true })
-  createdAt: Date
-
-  @UpdateDateColumn()
-  @Field({ nullable: true })
-  updatedAt: Date
-
-  /* signing for jsonwebtoken */
-  static sign(subject, expiresIn, domain, user, appliance) {
-    var credential = {
-      id: user.id,
-      userType: 'appliance',
-      appliance: {
-        id: appliance.id
-      },
-      status: UserStatus.ACTIVATED,
-      domain: {
-        subdomain: domain.subdomain
-      }
-    }
-
-    return jwt.sign(credential, SECRET, {
-      expiresIn,
-      issuer: 'hatiolab.com',
-      subject
-    })
-  }
-
-  static generateAccessToken(domain, user, appliance) {
-    /* how to set expiresIn https://github.com/vercel/ms */
-    let expiresIn = config.get('applianceJwtExpiresIn', '1y')
-    return this.sign('access-token', expiresIn, domain, user, appliance)
-  }
-}

package/server/service/appliance/index.ts

@@ -1,6 +0,0 @@
-import { Appliance } from './appliance'
-import { ApplianceQuery } from './appliance-query'
-import { ApplianceMutation } from './appliance-mutation'
-
-export const entities = [Appliance]
-export const resolvers = [ApplianceQuery, ApplianceMutation]

package/server/service/application/application-mutation.ts

@@ -1,104 +0,0 @@
-import { Directive, Arg, Ctx, Mutation, Resolver } from 'type-graphql'
-
-import { getRepository } from '@things-factory/shell'
-
-import { User } from '../user/user'
-import { Application } from './application'
-import { AccessToken, ApplicationPatch, NewApplication } from './application-types'
-
-@Resolver(Application)
-export class ApplicationMutation {
-  @Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
-  @Mutation(returns => Application, { description: 'To create new application' })
-  async createApplication(@Arg('application') application: NewApplication, @Ctx() context: ResolverContext) {
-    const { domain } = context.state
-    return await getRepository(Application).save({
-      ...application,
-      domain,
-      appKey: Application.generateAppKey(),
-      appSecret: Application.generateAppSecret(),
-      creator: context.state.user,
-      updater: context.state.user
-    })
-  }
-
-  @Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
-  @Mutation(returns => Boolean, { description: 'To delete application' })
-  async deleteApplication(@Arg('id') id: string, @Ctx() context: ResolverContext) {
-    const { domain } = context.state
-    await getRepository(Application).delete({
-      domain: { id: domain.id },
-      id
-    })
-    return true
-  }
-
-  @Directive('@privilege(category: "security", privilege: "mutation", domainOwnerGranted: true)')
-  @Mutation(returns => Application)
-  async generateApplicationSecret(@Arg('id') id: string, @Ctx() context: ResolverContext) {
-    const { domain } = context.state
-    const repository = getRepository(Application)
-    const application = await repository.findOneBy({ domain: { id: domain.id }, id })
-
-    return await repository.save({
-      ...application,
-      appSecret: Application.generateAppSecret(),
-      updater: context.state.user
-    })
-  }
-
-  @Directive('@privilege(category: "security", privilege: "mutation", domainOwnerGranted: true)')
-  @Mutation(returns => AccessToken)
-  async renewApplicationAccessToken(
-    @Arg('id') id: string,
-    @Ctx() context: ResolverContext,
-    @Arg('scope') scope?: string
-  ) {
-    const { domain } = context.state
-
-    var appuser: User = await getRepository(User).findOneBy({
-      id,
-      userType: 'application'
-    })
-
-    if (!appuser) {
-      throw new Error('application is not bound')
-    }
-
-    const repository = getRepository(Application)
-    const application = await repository.findOneBy({ id: appuser.reference })
-    if (!application) {
-      throw new Error('application not found')
-    }
-
-    var accessToken = Application.generateAccessToken(domain, appuser, application.appSecret, scope || '')
-    var refreshToken = Application.generateRefreshToken(domain, appuser, application.appSecret, scope || '')
-
-    await getRepository(User).save({
-      ...(appuser as any),
-      password: refreshToken
-    })
-
-    return {
-      accessToken,
-      refreshToken
-    }
-  }
-
-  @Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
-  @Mutation(returns => Application)
-  async updateApplication(
-    @Arg('id') id: string,
-    @Arg('patch') patch: ApplicationPatch,
-    @Ctx() context: ResolverContext
-  ) {
-    const repository = getRepository(Application)
-    const application = await repository.findOneBy({ id })
-
-    return await repository.save({
-      ...application,
-      ...patch,
-      updater: context.state.user
-    })
-  }
-}

package/server/service/application/application-query.ts

@@ -1,98 +0,0 @@
-import { Directive, Arg, Args, Ctx, FieldResolver, Query, Resolver, Root } from 'type-graphql'
-import { SelectQueryBuilder } from 'typeorm'
-import { URL } from 'url'
-
-import { config } from '@things-factory/env'
-import { getQueryBuilderFromListParams, Domain, getRepository, ListParam } from '@things-factory/shell'
-
-import { Role } from '../role/role'
-import { User } from '../user/user'
-import { Application } from './application'
-import { ApplicationList } from './application-types'
-
-const protocol: string = config.get('protocol')
-
-@Resolver(Application)
-export class ApplicationQuery {
-  @Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
-  @Query(returns => Application, { description: 'To fetch application' })
-  async application(@Arg('id') id: string, @Ctx() context: ResolverContext): Promise<Application> {
-    const repository = getRepository(Application)
-
-    return await repository.findOneBy({ id })
-  }
-
-  @Directive('@privilege(category: "user", privilege: "query", domainOwnerGranted: true, superUserGranted: true)')
-  @Query(returns => ApplicationList, { description: 'To fetch multiple application' })
-  async applications(@Args(type => ListParam) params: ListParam, @Ctx() context: ResolverContext) {
-    const { domain } = context.state
-
-    const queryBuilder = getQueryBuilderFromListParams({
-      domain,
-      params,
-      repository: getRepository(Application),
-      alias: 'application',
-      searchables: ['name', 'description']
-    })
-
-    const [items, total] = await queryBuilder.getManyAndCount()
-
-    return { items, total }
-  }
-
-  @FieldResolver(type => String)
-  async availableScopes(@Ctx() context: ResolverContext): Promise<string> {
-    const { domain } = context.state
-    const roles = await getRepository(Role).findBy({ domain: { id: domain.id } })
-
-    return roles.map((role: Role) => role.name).join(' ')
-  }
-
-  @FieldResolver(type => String)
-  async accessTokenUrl(@Ctx() context: ResolverContext): Promise<string> {
-    return buildAuthURL('/oauth/access-token', context)
-  }
-
-  @FieldResolver(type => String)
-  async authUrl(@Ctx() context: ResolverContext): Promise<string> {
-    return buildAuthURL('/oauth/authorize', context)
-  }
-
-  @FieldResolver(type => Domain)
-  async domain(@Ctx() context: ResolverContext) {
-    return context.state.domain
-  }
-
-  @FieldResolver(type => User)
-  async updater(@Root() application: Application): Promise<User> {
-    return await getRepository(User).findOneBy({ id: application.updaterId })
-  }
-
-  @FieldResolver(type => User)
-  async creator(@Root() application: Application): Promise<User> {
-    return await getRepository(User).findOneBy({ id: application.creatorId })
-  }
-}
-
-function buildAuthURL(pathname: string, context: ResolverContext): string {
-  const originalProtocol = context.headers['x-forwarded-proto']
-  const originalHost = context.headers['x-forwarded-host']
-  const originalPort = context.headers['x-forwarded-port']
-
-  if (originalProtocol && originalHost) {
-    var url: URL = new URL(`${originalProtocol}://${originalHost}`)
-    if (originalPort) {
-      url.port = originalPort
-    }
-  } else {
-    var url: URL = new URL(context.request.origin)
-  }
-
-  if (protocol) {
-    url.protocol = protocol
-  }
-
-  url.pathname = pathname
-
-  return url.href
-}

package/server/service/application/application-types.ts

@@ -1,76 +0,0 @@
-import { Field, InputType, Int, ObjectType } from 'type-graphql'
-import { GraphQLEmailAddress } from 'graphql-scalars'
-
-import { Application, ApplicationType } from './application'
-
-@ObjectType()
-export class AccessToken {
-  @Field()
-  accesToken: string
-
-  @Field()
-  refreshToken: string
-}
-
-@ObjectType()
-export class ApplicationList {
-  @Field(type => [Application], { nullable: true })
-  items?: Application[]
-
-  @Field(type => Int, { nullable: true })
-  total?: number
-}
-
-@InputType()
-export class ApplicationPatch {
-  @Field({ nullable: true })
-  name?: string
-
-  @Field({ nullable: true })
-  description?: string
-
-  @Field(type => GraphQLEmailAddress, { nullable: true })
-  email?: string
-
-  @Field({ nullable: true })
-  url?: string
-
-  @Field({ nullable: true })
-  icon?: string
-
-  @Field({ nullable: true })
-  redirectUrl?: string
-
-  @Field({ nullable: true })
-  webhook?: string
-
-  @Field(type => ApplicationType, { nullable: true })
-  type?: ApplicationType
-}
-
-@InputType()
-export class NewApplication {
-  @Field()
-  name: string
-
-  @Field({ nullable: true })
-  description?: string
-
-  @Field(type => GraphQLEmailAddress, { nullable: true })
-  email?: string
-
-  @Field({ nullable: true })
-  url?: string
-
-  @Field({ nullable: true })
-  icon?: string
-
-  @Field({ nullable: true })
-  redirectUrl?: string
-
-  @Field({ nullable: true })
-  webhook?: string
-
-  @Field(type => ApplicationType, { nullable: true })
-  type?: ApplicationType
-}

package/server/service/application/application.ts

@@ -1,216 +0,0 @@
-import crypto from 'crypto'
-import jwt from 'jsonwebtoken'
-import { Directive, Field, ID, ObjectType, registerEnumType } from 'type-graphql'
-import { GraphQLEmailAddress } from 'graphql-scalars'
-import {
-  Column,
-  CreateDateColumn,
-  Entity,
-  Index,
-  ManyToOne,
-  PrimaryGeneratedColumn,
-  RelationId,
-  UpdateDateColumn
-} from 'typeorm'
-
-import { config } from '@things-factory/env'
-import { Domain } from '@things-factory/shell'
-
-import { SECRET } from '../../utils/get-secret'
-import { User, UserStatus } from '../user/user'
-
-const ORMCONFIG = config.get('ormconfig', {})
-const DATABASE_TYPE = ORMCONFIG.type
-
-export enum ApplicationStatus {
-  DRAFT = 'DRAFT',
-  ACTIVATED = 'ACTIVATED'
-}
-
-registerEnumType(ApplicationStatus, {
-  name: 'ApplicationStatus',
-  description: 'state enumeration of a application'
-})
-
-export enum ApplicationType {
-  SELLERCRAFT = 'SELLERCRAFT',
-  XILNEX = 'XILNEX',
-  MMS = 'MMS',
-  XERO = 'XERO',
-  OTHERS = 'OTHERS',
-  SFTP = 'SFTP'
-}
-
-registerEnumType(ApplicationType, {
-  name: 'ApplicationType',
-  description: 'state enumeration of a application'
-})
-@Entity()
-@Index('ix_application_0', (application: Application) => [application.appKey], { unique: true })
-@ObjectType()
-export class Application {
-  @PrimaryGeneratedColumn('uuid')
-  @Field(type => ID)
-  readonly id?: string
-
-  @ManyToOne(type => Domain)
-  @Field(type => Domain)
-  domain?: Domain
-
-  @RelationId((application: Application) => application.domain)
-  domainId?: string
-
-  @Column()
-  @Field()
-  name?: string
-
-  @Column({ nullable: true })
-  @Field({ nullable: true })
-  description?: string
-
-  @Column()
-  @Field(type => GraphQLEmailAddress)
-  email?: string
-
-  @Column()
-  @Field()
-  url?: string
-
-  @Column({ nullable: true })
-  @Field({ nullable: true })
-  icon?: string
-
-  @Column()
-  @Field()
-  redirectUrl?: string
-
-  @Column({ nullable: true })
-  @Field({ nullable: true })
-  webhook?: string
-
-  @Column({ nullable: true })
-  @Field({ nullable: true })
-  appKey?: string
-
-  @Column({
-    nullable: true,
-    type:
-      DATABASE_TYPE == 'mysql' || DATABASE_TYPE == 'mariadb'
-        ? 'longtext'
-        : DATABASE_TYPE == 'oracle'
-          ? 'clob'
-          : DATABASE_TYPE == 'mssql'
-            ? 'nvarchar'
-            : 'varchar',
-    length: DATABASE_TYPE == 'mssql' ? 'MAX' : undefined
-  })
-  @Field({ nullable: true })
-  @Directive('@privilege(category: "security", privilege: "query", domainOwnerGranted: true)')
-  appSecret?: string
-
-  @Column({ default: ApplicationStatus.DRAFT })
-  @Field()
-  status?: ApplicationStatus
-
-  @Column({
-    type:
-      DATABASE_TYPE == 'postgres' || DATABASE_TYPE == 'mysql' || DATABASE_TYPE == 'mariadb'
-        ? 'enum'
-        : DATABASE_TYPE == 'oracle'
-          ? 'varchar2'
-          : DATABASE_TYPE == 'mssql'
-            ? 'nvarchar'
-            : 'varchar',
-    enum:
-      DATABASE_TYPE == 'postgres' || DATABASE_TYPE == 'mysql' || DATABASE_TYPE == 'mariadb'
-        ? ApplicationType
-        : undefined,
-    length: DATABASE_TYPE == 'postgres' || DATABASE_TYPE == 'mysql' || DATABASE_TYPE == 'mariadb' ? undefined : 32,
-    default: ApplicationType.OTHERS
-  })
-  @Field()
-  type?: ApplicationType
-
-  @CreateDateColumn()
-  @Field({ nullable: true })
-  createdAt?: Date
-
-  @UpdateDateColumn()
-  @Field({ nullable: true })
-  updatedAt?: Date
-
-  @ManyToOne(type => User, { nullable: true })
-  @Field(type => User, { nullable: true })
-  creator?: User
-
-  @RelationId((application: Application) => application.creator)
-  creatorId?: string
-
-  @ManyToOne(type => User, { nullable: true })
-  @Field(type => User, { nullable: true })
-  updater?: User
-
-  @RelationId((application: Application) => application.updater)
-  updaterId?: string
-
-  /* generateAppSecret */
-  static generateAppSecret() {
-    return crypto.randomBytes(16).toString('hex')
-  }
-
-  static generateAppKey() {
-    return crypto.randomBytes(16).toString('hex')
-  }
-
-  /* signing for jsonwebtoken */
-  static sign(subject, expiresIn, domain, user, appKey, scope) {
-    var application = {
-      id: user.id,
-      userType: 'application',
-      application: {
-        appKey
-      },
-      status: UserStatus.ACTIVATED,
-      domain: {
-        subdomain: domain.subdomain
-      },
-      scope
-    }
-
-    return jwt.sign(application, SECRET, {
-      expiresIn,
-      issuer: 'hatiolab.com',
-      subject
-    })
-  }
-
-  static generateAccessToken(domain, user, appKey, scope) {
-    /* how to set expiresIn https://github.com/vercel/ms */
-    return this.sign('access-token', '30d', domain, user, appKey, scope)
-  }
-
-  static generateRefreshToken(domain, user, appKey, scope) {
-    /* how to set expiresIn https://github.com/vercel/ms */
-    return this.sign('refresh-token', '1y', domain, user, appKey, scope)
-  }
-
-  /* auth-code signing for jsonwebtoken */
-  static generateAuthCode(email, appKey, subdomain, scopes, state) {
-    var credential = {
-      email,
-      appKey,
-      subdomain,
-      scopes,
-      state
-    }
-
-    return jwt.sign(credential, SECRET, {
-      expiresIn: '1m'
-    })
-  }
-
-  /* auth-code signing for jsonwebtoken */
-  static verifyAuthCode(authcode) {
-    return jwt.verify(authcode, SECRET)
-  }
-}

package/server/service/application/index.ts

@@ -1,6 +0,0 @@
-import { Application } from './application'
-import { ApplicationQuery } from './application-query'
-import { ApplicationMutation } from './application-mutation'
-
-export const entities = [Application]
-export const resolvers = [ApplicationQuery, ApplicationMutation]