@tiledesk/tiledesk-server 2.3.125 → 2.3.127

package/middleware/passport.js

@@ -4,6 +4,7 @@ var ExtractJwt = passportJWT.ExtractJwt;
 
 var passportHttp = require("passport-http");  
 var BasicStrategy = passportHttp.BasicStrategy;
+var GoogleStrategy = require('passport-google-oidc');
 
 var winston = require('../config/winston');
 // var AnonymousStrategy = require('passport-anonymous').Strategy;
@@ -14,12 +15,19 @@ var config = require('../config/database'); // get db config file
 var Faq_kb = require("../models/faq_kb");
 var Project = require('../models/project');
 var Subscription = require('../models/subscription');
+
+var Auth = require('../models/auth');
+var userService = require('../services/userService');
+
 var UserUtil = require('../utils/userUtil');
 var jwt = require('jsonwebtoken');
 const url = require('url');
 var cacheUtil = require('../utils/cacheUtil');
 var cacheEnabler = require("../services/cacheEnabler");
 
+var uniqid = require('uniqid');
+
+
 const MaskData = require("maskdata");
 
 const maskOptions = {
@@ -57,7 +65,11 @@ if (pKey) {
 var maskedconfigSecret = MaskData.maskPhone(configSecret, maskOptions);
 winston.info('Authentication Global Secret : ' + maskedconfigSecret);
 
-
+var enableGoogleSignin = false;
+if (process.env.GOOGLE_SIGNIN_ENABLED=="true" || process.env.GOOGLE_SIGNIN_ENABLED == true) {
+  enableGoogleSignin = true;
+}
+winston.info('Authentication Google Signin enabled : ' + enableGoogleSignin);
 
 
 var jwthistory = undefined;
@@ -431,11 +443,126 @@ module.exports = function(passport) {
         // if (!user) { return done(null, false); }
         // if (!user.verifyPassword(password)) { return done(null, false); }
       });
-    }
-    
-    
-    
-  ));
+    }));
+
+
+
+
+
+if (enableGoogleSignin==true) {
+  let googleClientId = process.env.GOOGLE_CLIENT_ID;
+  let googleClientSecret = process.env.GOOGLE_CLIENT_SECRET;
+  let googleCallbackURL = process.env.GOOGLE_CALLBACK_URL || "http://localhost:3000/auth/google/callback";
+  
+  winston.info("Enabling Google Signin strategy with ClientId: " +  googleClientId + " callbackURL: " + googleCallbackURL + " clientSecret: " + googleClientSecret );
+
+  passport.use(new GoogleStrategy({
+    clientID: googleClientId, 
+    clientSecret: googleClientSecret,
+    callbackURL: googleCallbackURL  // 'https://www.example.com/oauth2/redirect/google'
+  },
+  function(issuer, profile, cb) {
+
+    winston.info("issuer: "+issuer)
+    winston.info("profile", profile)
+    // winston.info("cb", cb)
+
+    var email = profile.emails[0].value;
+    winston.info("email: "+email)   
+
+    var query = {providerId : issuer, subject: profile.id};
+    winston.debug("query", query)
+
+    Auth.findOne(query, function(err, cred){     
+    winston.debug("cred", cred, err)
+
+      // db.get('SELECT * FROM federated_credentials WHERE provider = ? AND subject = ?', [
+      // issuer,
+      // profile.id
+    // ], function(err, cred) {
+
+    winston.debug("11")
+
+
+      if (err) { return cb(err); }
+
+      winston.debug("12")
+
+      if (!cred) {
+        winston.debug("13")
+        // The Google account has not logged in to this app before.  Create a
+        // new user record and link it to the Google account.
+
+        // db.run('INSERT INTO users (name) VALUES (?)', [
+        //   profile.displayName
+        // ], function(err) {
+
+          var password = uniqid()
+
+          
+
+          userService.signup(email, password, undefined, profile.displayName, true)
+          .then(function (savedUser) {
+
+
+          // if (err) { return cb(err); }
+
+          winston.debug("savedUser", savedUser)    
+
+          var auth = new Auth({
+            providerId: issuer,
+            subject: profile.id,
+          });
+          auth.save(function (err, authSaved) {    
+                
+          // db.run('INSERT INTO federated_credentials (user_id, provider, subject) VALUES (?, ?, ?)', [
+          //   id,
+          //   issuer,
+          //   profile.id
+          // ], function(err) {
+
+
+            if (err) { return cb(err); }
+
+            winston.debug("authSaved", authSaved)    
+
+            // var user = {
+            //   id: id.toString(),
+            //   name: profile.displayName
+            // };
+            // var user = {
+            //   id: "1232321321321321",
+            //   name: "Google andrea"
+            // };
+            return cb(null, savedUser);
+          });
+        }).catch(function(err) {
+          winston.error("Error signup google ", err);
+          return cb(err); 
+        });
+      } else {
+
+        winston.debug("else")
+        // The Google account has previously logged in to the app.  Get the
+        // user record linked to the Google account and log the user in.
+
+        User.findOne({
+          email: email, status: 100
+        }, 'email firstname lastname password emailverified id', function (err, user) {
+
+          winston.debug("user",user, err);
+        // db.get('SELECT * FROM users WHERE id = ?', [ cred.user_id ], function(err, user) {
+          if (err) { return cb(err); }
+          if (!user) { return cb(null, false); }
+          return cb(null, user);
+        });
+      }
+    });
+  }
+));
+
+}
+
 
 
   // var OidcStrategy = require('passport-openidconnect').Strategy;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@tiledesk/tiledesk-server",
   "description": "The Tiledesk server module",
-  "version": "2.3.125",
+  "version": "2.3.127",
   "scripts": {
     "start": "node ./bin/www",
     "pretest": "mongodb-runner start",
@@ -44,7 +44,7 @@
     "@tiledesk/tiledesk-kaleyra-proxy": "^0.1.7",
     "@tiledesk/tiledesk-messenger-connector": "0.1.8",
     "@tiledesk/tiledesk-rasa-connector": "^1.0.10",
-    "@tiledesk/tiledesk-tybot-connector": "^0.1.74",
+    "@tiledesk/tiledesk-tybot-connector": "^0.1.76",
     "@tiledesk/tiledesk-whatsapp-connector": "^0.1.43",
     "amqplib": "^0.5.5",
     "app-root-path": "^3.0.0",

package/pubmodules/cache/mongoose-cachegoose-fn.js

@@ -392,9 +392,12 @@
 
     botEvent.on("faqbot.create", function(faq_kb) {
         setImmediate(() => {
+            let clonedbot = Object.assign({}, faq_kb);
+            delete clonedbot.secret;
+
             var key = faq_kb.id_project+":faq_kbs:id:"+faq_kb._id;
             winston.verbose("Creating cache for faq_kb.create with key: " + key);
-            client.set(key, faq_kb, cacheUtil.defaultTTL, (err, reply) => {
+            client.set(key, clonedbot, cacheUtil.defaultTTL, (err, reply) => {
                 winston.debug("Created cache for faq_kb.create",reply);
                 winston.verbose("Created cache for faq_kb.create",{err:err});
             });
@@ -639,6 +642,7 @@
         subscriptionEvent.on('subscription.create', function(trigger) {   
             setImmediate(() => {    
                 
+                //TODO i think you must clone trigger and remove .secret before caching
                 var key =trigger.id_project+":subscriptions:*";        
                 winston.verbose("Deleting cache for subscription.create with key: " + key);
                 client.del(key, function (err, reply) {

package/routes/auth.js

@@ -451,6 +451,56 @@ function (req, res) {
   });
 });
 
+
+
+// Redirect the user to the Google signin page</em> 
+router.get("/google", passport.authenticate("google", { scope: ["email", "profile"] }));
+
+// Retrieve user data using the access token received</em> 
+router.get("/google/callback", passport.authenticate("google", { session: false }), (req, res) => {
+// res.redirect("/auth/profile/");
+
+  var user = req.user;
+  winston.debug("user", user);
+
+  var userJson = user.toObject();
+  
+    var signOptions = {     
+      issuer:  'https://tiledesk.com',       
+      subject:  'user',
+      audience:  'https://tiledesk.com',
+      jwtid: uuidv4()
+
+    };
+
+    var alg = process.env.GLOBAL_SECRET_ALGORITHM;
+    if (alg) {
+      signOptions.algorithm = alg;
+    }
+
+
+  var token = jwt.sign(userJson, configSecret, signOptions); //priv_jwt pp_jwt              
+
+
+  // return the information including token as JSON
+  // res.json(returnObject);
+
+  var url = process.env.EMAIL_BASEURL+"?token=JWT "+token;
+  winston.debug("url: "+ url);
+
+  res.redirect(url);
+
+
+  
+
+}
+);
+// profile route after successful sign in</em> 
+// router.get("/profile", (req, res) => {
+//   console.log(req);
+// res.send("Welcome");
+// });
+
 // VERIFY EMAIL
 router.put('/verifyemail/:userid', function (req, res) {
 

package/routes/faq_kb.js

@@ -826,7 +826,7 @@ router.post('/importjson/:id_faq_kb', upload.single('uploadFile'), async (req, r
 
 router.get('/exportjson/:id_faq_kb', (req, res) => {
 
-  winston.info("exporting bot...")
+  winston.debug("exporting bot...")
 
 
   let id_faq_kb = req.params.id_faq_kb;

package/services/BotSubscriptionNotifier.js

@@ -51,7 +51,14 @@ class BotSubscriptionNotifier {
       };
 
       // TODO metti bot_? a user._id
-      var token = jwt.sign(bot.toObject(), botWithSecret.secret, signOptions);
+
+      // tolgo description, attributes
+      let botPayload = bot.toObject();
+      delete botPayload.secret;
+      delete botPayload.description;
+      delete botPayload.attributes;
+
+      var token = jwt.sign(botPayload, botWithSecret.secret, signOptions);
       json["token"] = token;