@things-factory/oauth2-client 5.0.15 → 6.0.0-alpha.10

package/package.json

@@ -1,11 +1,11 @@
 {
   "name": "@things-factory/oauth2-client",
-  "version": "5.0.15",
+  "version": "6.0.0-alpha.10",
   "main": "dist-server/index.js",
-  "browser": "client/index.js",
+  "browser": "dist-client/index.js",
   "things-factory": true,
   "license": "MIT",
-  "author": "heartyoh",
+  "author": "heartyoh <heartyoh@hatiolab.com>",
   "description": "Things Factory Oauth2 client module",
   "publishConfig": {
     "access": "public",
@@ -17,10 +17,12 @@
     "directory": "packages/oauth2-client"
   },
   "scripts": {
-    "build": "tsc --p tsconfig.json",
-    "build:server": "npm run clean:server && tsc",
-    "clean:server": "rm -rf dist-server",
-    "clean": "npm run clean:server",
+    "build": "npm run build:server && npm run build:client",
+    "build:client": "npx tsc --p ./client/tsconfig.json",
+    "build:server": "npx tsc --p ./server/tsconfig.json",
+    "clean:client": "npx rimraf dist-client",
+    "clean:server": "npx rimraf dist-server",
+    "clean": "npm run clean:server && npm run clean:client",
     "migration:create": "node ../../node_modules/typeorm/cli.js migration:create -d ./server/migrations"
   },
   "dependencies": {
@@ -29,10 +31,10 @@
     "@operato/layout": "^1.0.1",
     "@operato/shell": "^1.0.1",
     "@operato/utils": "^1.0.1",
-    "@things-factory/auth-base": "^5.0.15",
-    "@things-factory/shell": "^5.0.15",
+    "@things-factory/auth-base": "^6.0.0-alpha.10",
+    "@things-factory/shell": "^6.0.0-alpha.8",
     "client-oauth2": "^4.3.3",
     "clipboard": "^2.0.6"
   },
-  "gitHead": "87b738da786f92983d009d72548918be93e4ae2c"
+  "gitHead": "9ec9c564e157ebe830839e5a9cf8cfd6ec4e44b1"
 }

package/server/index.ts

@@ -1,4 +1,3 @@
-export * from './entities'
-export * from './graphql'
-
 import './routes'
+
+export * from './service'

package/server/routes.ts

@@ -1,10 +1,9 @@
 import ClientOAuth2 from 'client-oauth2'
 import crypto from 'crypto'
-import { getRepository } from 'typeorm'
 
-import { getRedirectSubdomainPath } from '@things-factory/shell'
+import { getRedirectSubdomainPath, getRepository } from '@things-factory/shell'
 
-import { Oauth2Client } from './entities'
+import { Oauth2Client } from './service/oauth2-client/oauth2-client'
 
 process.on('bootstrap-module-domain-private-route' as any, (app, domainPrivateRouter) => {
   domainPrivateRouter.get('/oauth2-client/:id/auth-uri', async (context, next) => {
@@ -12,7 +11,7 @@ process.on('bootstrap-module-domain-private-route' as any, (app, domainPrivateRo
     const { id } = params
 
     const repository = getRepository(Oauth2Client)
-    const oauth2Client = await repository.findOne(id)
+    const oauth2Client = await repository.findOneBy({ id })
 
     const {
       grantType,
@@ -52,7 +51,7 @@ process.on('bootstrap-module-domain-private-route' as any, (app, domainPrivateRo
     const { id } = params
 
     const repository = getRepository(Oauth2Client)
-    const oauth2Client = await repository.findOne(id)
+    const oauth2Client = await repository.findOneBy({ id })
 
     const {
       grantType,
@@ -101,14 +100,10 @@ process.on('bootstrap-module-domain-public-route' as any, (app, domainPublicRout
     const { originalUrl } = context
 
     const repository = getRepository(Oauth2Client)
-    const oauth2Client: Oauth2Client = await repository.findOne(
-      {
-        state
-      },
-      {
-        relations: ['domain']
-      }
-    )
+    const oauth2Client: Oauth2Client = await repository.findOne({
+      where: { state },
+      relations: ['domain']
+    })
 
     const {
       domain,

package/server/service/index.ts

@@ -0,0 +1,17 @@
+/* IMPORT ENTITIES AND RESOLVERS */
+import { entities as Oauth2ClientEntities, resolvers as Oauth2ClientResolvers } from './oauth2-client'
+
+/* EXPORT ENTITY TYPES */
+export * from './oauth2-client/oauth2-client'
+
+export const entities = [
+  /* ENTITIES */
+  ...Oauth2ClientEntities
+]
+
+export const schema = {
+  resolverClasses: [
+    /* RESOLVER CLASSES */
+    ...Oauth2ClientResolvers
+  ]
+}

package/server/service/oauth2-client/index.ts

@@ -0,0 +1,6 @@
+import { Oauth2Client } from './oauth2-client'
+import { Oauth2ClientQuery } from './oauth2-client-query'
+import { Oauth2ClientMutation } from './oauth2-client-mutation'
+
+export const entities = [Oauth2Client]
+export const resolvers = [Oauth2ClientQuery, Oauth2ClientMutation]

package/server/service/oauth2-client/oauth2-client-mutation.ts

@@ -0,0 +1,188 @@
+import ClientOAuth2 from 'client-oauth2'
+import crypto from 'crypto'
+import { Arg, Ctx, Directive, Mutation, Resolver } from 'type-graphql'
+import { In } from 'typeorm'
+
+import { config } from '@things-factory/env'
+
+import { Oauth2Client } from './oauth2-client'
+import { NewOauth2Client, Oauth2ClientPatch } from './oauth2-client-type'
+
+const protocol: string = config.get('protocol')
+
+@Resolver(Oauth2Client)
+export class Oauth2ClientMutation {
+  @Directive('@transaction')
+  @Mutation(returns => Oauth2Client, { description: 'To create new Oauth2Client' })
+  async createOauth2Client(
+    @Arg('oauth2Client') oauth2Client: NewOauth2Client,
+    @Ctx() context: ResolverContext
+  ): Promise<Oauth2Client> {
+    const { origin } = context
+    const { domain, user, tx } = context.state
+
+    let url: URL = new URL(origin)
+    url.protocol = protocol || url.protocol
+    url.pathname = '/oauth2-client/callback'
+
+    return await tx.getRepository(Oauth2Client).save({
+      ...oauth2Client,
+      callbackUrl: oauth2Client.callbackUrl || url.href,
+      domain,
+      creator: user,
+      updater: user
+    })
+  }
+
+  @Directive('@transaction')
+  @Mutation(returns => Oauth2Client, { description: 'To modify Oauth2Client information' })
+  async updateOauth2Client(
+    @Arg('id') id: string,
+    @Arg('patch') patch: Oauth2ClientPatch,
+    @Ctx() context: ResolverContext
+  ): Promise<Oauth2Client> {
+    const { domain, user, tx } = context.state
+
+    const repository = tx.getRepository(Oauth2Client)
+    const oauth2Client = await repository.findOne({
+      where: { domain: { id: domain.id }, id }
+    })
+
+    return await repository.save({
+      ...oauth2Client,
+      ...patch,
+      updater: user
+    })
+  }
+
+  @Directive('@transaction')
+  @Mutation(returns => Boolean, { description: 'To delete Oauth2Client' })
+  async deleteOauth2Client(@Arg('id') id: string, @Ctx() context: ResolverContext): Promise<boolean> {
+    const { domain, tx } = context.state
+
+    await tx.getRepository(Oauth2Client).delete({ domain: { id: domain.id }, id })
+
+    return true
+  }
+
+  @Directive('@transaction')
+  @Mutation(returns => Boolean, { description: 'To delete multiple Oauth2Clients' })
+  async deleteOauth2Clients(
+    @Arg('ids', type => [String]) ids: string[],
+    @Ctx() context: ResolverContext
+  ): Promise<boolean> {
+    const { domain, tx } = context.state
+
+    await tx.getRepository(Oauth2Client).delete({
+      domain: { id: domain.id },
+      id: In(ids)
+    })
+
+    return true
+  }
+
+  @Directive('@transaction')
+  @Mutation(returns => Boolean, { description: 'To import multiple Oauth2Clients' })
+  async importOauth2Clients(
+    @Arg('oauth2Clients', type => [Oauth2ClientPatch]) oauth2Clients: Oauth2ClientPatch[],
+    @Ctx() context: ResolverContext
+  ): Promise<boolean> {
+    const { domain, tx } = context.state
+
+    await Promise.all(
+      oauth2Clients.map(async (oauth2Client: Oauth2ClientPatch) => {
+        const createdOauth2Client: Oauth2Client = await tx.getRepository(Oauth2Client).save({ domain, ...oauth2Client })
+      })
+    )
+
+    return true
+  }
+
+  @Directive('@transaction')
+  @Mutation(returns => String, { description: 'To get oauth2 auth URL' })
+  async getOauth2AuthUrl(@Arg('id') id: string, @Ctx() context: ResolverContext): Promise<string> {
+    const { tx } = context.state
+    const repository = tx.getRepository(Oauth2Client)
+    const oauth2Client = await repository.findOneBy({ id })
+
+    const {
+      grantType,
+      clientId,
+      clientSecret,
+      callbackUrl,
+      accessTokenUrl: accessTokenUri,
+      authUrl: authorizationUri,
+      scopes
+    } = oauth2Client
+
+    if (grantType !== 'code') {
+      throw new Error(`unsupported grant type: ${grantType}`)
+    }
+
+    const state = crypto.randomBytes(16).toString('hex')
+    await repository.save({
+      ...oauth2Client,
+      state
+    })
+
+    var auth = new ClientOAuth2({
+      clientId,
+      clientSecret,
+      accessTokenUri,
+      authorizationUri,
+      redirectUri: callbackUrl || `${context.origin}/oauth2-client/callback`,
+      scopes: scopes?.split(' ') || [],
+      state
+    })
+
+    return await (auth[grantType] as any).getUri()
+  }
+
+  @Directive('@transaction')
+  @Mutation(returns => Oauth2Client, { description: 'To refresh oauth2 access token' })
+  async refreshOauth2AccessToken(@Arg('id') id: string, @Ctx() context: ResolverContext): Promise<Oauth2Client> {
+    const { tx } = context.state
+    const repository = tx.getRepository(Oauth2Client)
+    const oauth2Client = await repository.findOneBy({ id })
+
+    const {
+      clientId,
+      clientSecret,
+      accessTokenUrl: accessTokenUri,
+      authUrl: authorizationUri,
+      scopes,
+      tokenType,
+      accessToken,
+      refreshToken
+    } = oauth2Client
+
+    if (!refreshToken) {
+      throw new Error('refreshToken not found')
+    }
+
+    var auth = new ClientOAuth2({
+      clientId,
+      clientSecret,
+      accessTokenUri,
+      authorizationUri,
+      scopes: scopes?.split(' ')
+    })
+
+    try {
+      var token = await auth.createToken(accessToken, refreshToken, tokenType, {}).refresh()
+    } catch (err) {
+      throw err
+    }
+
+    const { accessToken: newAccessToken, refreshToken: newRefreshToken, tokenType: newTokenType, data } = token
+    const expires = data?.expires_in ? token.expiresIn(data?.expires_in as any) : null
+
+    return await repository.save({
+      ...oauth2Client,
+      accessToken: newAccessToken,
+      refreshToken: newRefreshToken,
+      tokenType: newTokenType,
+      expires
+    })
+  }
+}

package/server/service/oauth2-client/oauth2-client-query.ts

@@ -0,0 +1,50 @@
+import { Arg, Args, Ctx, FieldResolver, Query, Resolver, Root } from 'type-graphql'
+
+import { User } from '@things-factory/auth-base'
+import { Domain, getQueryBuilderFromListParams, getRepository, ListParam } from '@things-factory/shell'
+
+import { Oauth2Client } from './oauth2-client'
+import { Oauth2ClientList } from './oauth2-client-type'
+
+@Resolver(Oauth2Client)
+export class Oauth2ClientQuery {
+  @Query(returns => Oauth2Client!, { nullable: true, description: 'To fetch a Oauth2Client' })
+  async oauth2Client(@Arg('id') id: string, @Ctx() context: ResolverContext): Promise<Oauth2Client> {
+    const { domain } = context.state
+
+    return await getRepository(Oauth2Client).findOne({
+      where: { domain: { id: domain.id }, id }
+    })
+  }
+
+  @Query(returns => Oauth2ClientList, { description: 'To fetch multiple Oauth2Clients' })
+  async oauth2Clients(@Args() params: ListParam, @Ctx() context: ResolverContext): Promise<Oauth2ClientList> {
+    const { domain } = context.state
+
+    const queryBuilder = getQueryBuilderFromListParams({
+      domain,
+      params,
+      repository: await getRepository(Oauth2Client),
+      searchables: ['name', 'description']
+    })
+
+    const [items, total] = await queryBuilder.getManyAndCount()
+
+    return { items, total }
+  }
+
+  @FieldResolver(type => Domain)
+  async domain(@Root() oauth2Client: Oauth2Client): Promise<Domain> {
+    return await getRepository(Domain).findOneBy({ id: oauth2Client.domainId })
+  }
+
+  @FieldResolver(type => User)
+  async updater(@Root() oauth2Client: Oauth2Client): Promise<User> {
+    return await getRepository(User).findOneBy({ id: oauth2Client.updaterId })
+  }
+
+  @FieldResolver(type => User)
+  async creator(@Root() oauth2Client: Oauth2Client): Promise<User> {
+    return await getRepository(User).findOneBy({ id: oauth2Client.creatorId })
+  }
+}

package/server/service/oauth2-client/oauth2-client-type.ts

@@ -0,0 +1,126 @@
+import { Field, InputType, Int, ObjectType } from 'type-graphql'
+
+import { Oauth2Client } from './oauth2-client'
+
+@InputType()
+export class NewOauth2Client {
+  @Field()
+  name: string
+
+  @Field({ nullable: true })
+  description?: string
+
+  @Field({ nullable: true })
+  icon?: string
+
+  @Field({ nullable: true })
+  grantType?: string
+
+  @Field({ nullable: true })
+  clientId?: string
+
+  @Field({ nullable: true })
+  clientSecret?: string
+
+  @Field({ nullable: true })
+  callbackUrl?: string
+
+  @Field({ nullable: true })
+  authUrl?: string
+
+  @Field({ nullable: true })
+  accessTokenUrl?: string
+
+  @Field({ nullable: true })
+  webhook?: string
+
+  @Field({ nullable: true })
+  username?: string
+
+  @Field({ nullable: true })
+  password?: string
+
+  @Field({ nullable: true })
+  codeChallengeMethod?: string
+
+  @Field({ nullable: true })
+  codeVerifier?: string
+
+  @Field({ nullable: true })
+  scopes?: string
+
+  @Field({ nullable: true })
+  accessToken?: string
+
+  @Field({ nullable: true })
+  refreshToken?: string
+
+  @Field({ nullable: true })
+  jwtToken?: string
+}
+
+@InputType()
+export class Oauth2ClientPatch {
+  @Field({ nullable: true })
+  name?: string
+
+  @Field({ nullable: true })
+  description?: string
+
+  @Field({ nullable: true })
+  icon?: string
+
+  @Field({ nullable: true })
+  grantType?: string
+
+  @Field({ nullable: true })
+  clientId?: string
+
+  @Field({ nullable: true })
+  clientSecret?: string
+
+  @Field({ nullable: true })
+  callbackUrl?: string
+
+  @Field({ nullable: true })
+  authUrl?: string
+
+  @Field({ nullable: true })
+  accessTokenUrl?: string
+
+  @Field({ nullable: true })
+  webhook?: string
+
+  @Field({ nullable: true })
+  username?: string
+
+  @Field({ nullable: true })
+  password?: string
+
+  @Field({ nullable: true })
+  codeChallengeMethod?: string
+
+  @Field({ nullable: true })
+  codeVerifier?: string
+
+  @Field({ nullable: true })
+  scopes?: string
+
+  @Field({ nullable: true })
+  accessToken?: string
+
+  @Field({ nullable: true })
+  refreshToken?: string
+
+  @Field({ nullable: true })
+  jwtToken?: string
+}
+
+@ObjectType()
+export class Oauth2ClientList {
+  @Field(type => [Oauth2Client])
+  items: Oauth2Client[]
+
+  @Field(type => Int)
+  total: number
+}

package/server/service/oauth2-client/oauth2-client.ts

@@ -0,0 +1,193 @@
+import { Field, ID, ObjectType } from 'type-graphql'
+import {
+  Column,
+  CreateDateColumn,
+  Entity,
+  Index,
+  ManyToOne,
+  PrimaryGeneratedColumn,
+  RelationId,
+  UpdateDateColumn
+} from 'typeorm'
+
+import { User } from '@things-factory/auth-base'
+import { Domain } from '@things-factory/shell'
+
+@Entity()
+@Index('ix_oauth2_client_0', (oauth2Client: Oauth2Client) => [oauth2Client.domain, oauth2Client.name], { unique: true })
+@ObjectType({ description: 'Entity for Oauth2Client' })
+export class Oauth2Client {
+  @PrimaryGeneratedColumn('uuid')
+  @Field(type => ID)
+  readonly id: string
+
+  @ManyToOne(type => Domain)
+  @Field({ nullable: true })
+  domain?: Domain
+
+  @RelationId((oauth2Client: Oauth2Client) => oauth2Client.domain)
+  domainId?: string
+
+  @Column()
+  @Field()
+  name: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  description?: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  icon?: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  grantType?: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  clientId?: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  clientSecret?: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  accessTokenUrl?: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  authUrl?: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  callbackUrl?: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  webhook?: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  username?: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  password?: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  codeChallengeMethod?: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  codeVerifier?: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  scopes?: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  accessToken?: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  refreshToken?: string
+
+  @Column()
+  @Field({ nullable: true })
+  expires?: Date
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  state?: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  jwtToken?: string
+
+  @Column({
+    nullable: true
+  })
+  @Field({ nullable: true })
+  tokenType?: string
+
+  @CreateDateColumn()
+  @Field({ nullable: true })
+  createdAt?: Date
+
+  @UpdateDateColumn()
+  @Field({ nullable: true })
+  updatedAt?: Date
+
+  @ManyToOne(type => User, {
+    nullable: true
+  })
+  @Field({ nullable: true })
+  creator?: User
+
+  @RelationId((oauth2Client: Oauth2Client) => oauth2Client.creator)
+  creatorId?: string
+
+  @ManyToOne(type => User, {
+    nullable: true
+  })
+  @Field({ nullable: true })
+  updater?: User
+
+  @RelationId((oauth2Client: Oauth2Client) => oauth2Client.creator)
+  updaterId?: string
+
+  getAuthHeaders() {
+    if (this.tokenType == 'bearer') {
+      return {
+        Authorization: `Bearer ${this.accessToken}`
+      }
+    } else if (this.tokenType == 'basic' || !this.tokenType) {
+      const encoded = Buffer.from(`${this.username}:${this.password}`).toString('base64')
+      return {
+        Authorization: `Basic ${encoded}`
+      }
+    }
+
+    return {}
+  }
+}

package/server/tsconfig.json

@@ -0,0 +1,11 @@
+{
+  "extends": "../../tsconfig-base.json",
+  "compilerOptions": {
+    "strict": false,
+    "declaration": true,
+    "module": "commonjs",
+    "outDir": "../dist-server",
+    "baseUrl": "./"
+  },
+  "include": ["./**/*"]
+}