@typekcz-nocobase-plugins/plugin-oidc-plus 1.0.2 → 1.0.4

package/src/server/plugin.ts

@@ -0,0 +1,63 @@
+import { Gateway, InstallOptions, Plugin } from '@nocobase/server';
+import { getAuthUrl } from './actions/getAuthUrl';
+import { redirect } from './actions/redirect';
+import { authType } from '../constants';
+import { OIDCAuth } from './oidc-auth';
+import { resolve } from 'path';
+
+export class PluginOIDCServer extends Plugin {
+  afterAdd() {}
+
+  beforeLoad() {}
+
+  async load() {
+    this.db.addMigrations({
+      namespace: 'auth',
+      directory: resolve(__dirname, 'migrations'),
+      context: {
+        plugin: this,
+      },
+    });
+
+    this.app.authManager.registerTypes(authType, {
+      auth: OIDCAuth,
+    });
+
+    this.app.resource({
+      name: 'oidc',
+      actions: {
+        getAuthUrl,
+        redirect,
+      },
+    });
+
+    this.app.acl.allow('oidc', '*', 'public');
+
+    /* istanbul ignore next -- @preserve */
+    Gateway.getInstance().addAppSelectorMiddleware(async (ctx, next) => {
+      const { req } = ctx;
+      const url = new URL(req.url, `http://${req.headers.host}`);
+      const params = url.searchParams;
+      const state = params.get('state');
+      if (!state) {
+        return next();
+      }
+      const search = new URLSearchParams(state);
+      const appName = search.get('app');
+      if (appName) {
+        ctx.resolvedAppName = appName;
+      }
+      await next();
+    });
+  }
+
+  async install(options?: InstallOptions) {}
+
+  async afterEnable() {}
+
+  async afterDisable() {}
+
+  async remove() {}
+}
+
+export default PluginOIDCServer;

package/src/swagger/index.ts

@@ -0,0 +1,157 @@
+const user = {
+  type: 'object',
+  description: '用户',
+  properties: {
+    id: {
+      type: 'integer',
+      description: 'ID',
+    },
+    nickname: {
+      type: 'string',
+      description: '昵称',
+    },
+    email: {
+      type: 'string',
+      description: '邮箱',
+    },
+    phone: {
+      type: 'string',
+      description: '手机号',
+    },
+    appLang: {
+      type: 'string',
+      description: '用户使用语言',
+    },
+    systemSettings: {
+      type: 'object',
+      description: '系统设置',
+      properties: {
+        theme: {
+          type: 'string',
+          description: '用户使用主题',
+        },
+      },
+    },
+    createdAt: {
+      type: 'string',
+      format: 'date-time',
+      description: '创建时间',
+    },
+    updatedAt: {
+      type: 'string',
+      format: 'date-time',
+      description: '更新时间',
+    },
+    createdById: {
+      type: 'integer',
+      description: '创建人',
+    },
+    updatedById: {
+      type: 'integer',
+      description: '更新人',
+    },
+  },
+};
+
+export default {
+  info: {
+    title: 'NocoBase API - OIDC plugin',
+  },
+  paths: {
+    '/oidc:getAuthUrl': {
+      security: [],
+      get: {
+        description: 'Get OIDC authorization url',
+        tags: ['OIDC'],
+        parameters: [
+          {
+            name: 'X-Authenticator',
+            description: '登录方式标识',
+            in: 'header',
+            schema: {
+              type: 'string',
+            },
+            required: true,
+          },
+        ],
+        responses: {
+          200: {
+            description: 'ok',
+            content: {
+              'application/json': {
+                schema: {
+                  type: 'string',
+                },
+              },
+            },
+          },
+        },
+      },
+    },
+    '/auth:signIn': {
+      security: [],
+      post: {
+        description: 'OIDC sign in',
+        tags: ['OIDC'],
+        parameters: [
+          {
+            name: 'X-Authenticator',
+            description: '登录方式标识',
+            in: 'header',
+            schema: {
+              type: 'string',
+            },
+            required: true,
+          },
+          {
+            name: 'nocobase_oidc',
+            description: 'state校验值',
+            in: 'cookie',
+            schema: {
+              type: 'string',
+            },
+            required: true,
+          },
+        ],
+        requestBody: {
+          content: {
+            'application/json': {
+              schema: {
+                type: 'object',
+                properties: {
+                  code: {
+                    type: 'string',
+                  },
+                  state: {
+                    type: 'string',
+                  },
+                  iss: {
+                    type: 'string',
+                  },
+                },
+              },
+            },
+          },
+        },
+        responses: {
+          200: {
+            description: 'ok',
+            content: {
+              'application/json': {
+                schema: {
+                  type: 'object',
+                  properties: {
+                    token: {
+                      type: 'string',
+                    },
+                    user,
+                  },
+                },
+              },
+            },
+          },
+        },
+      },
+    },
+  },
+};

package/dist/node_modules/nanoid/LICENSE

@@ -1,20 +0,0 @@
-The MIT License (MIT)
-
-Copyright 2017 Andrey Sitnik <andrey@sitnik.ru>
-
-Permission is hereby granted, free of charge, to any person obtaining a copy of
-this software and associated documentation files (the "Software"), to deal in
-the Software without restriction, including without limitation the rights to
-use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
-the Software, and to permit persons to whom the Software is furnished to do so,
-subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
-FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
-COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
-IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

package/dist/node_modules/nanoid/async/index.browser.cjs

@@ -1,34 +0,0 @@
-let random = async bytes => crypto.getRandomValues(new Uint8Array(bytes))
-let customAlphabet = (alphabet, defaultSize = 21) => {
-  let mask = (2 << (Math.log(alphabet.length - 1) / Math.LN2)) - 1
-  let step = -~((1.6 * mask * defaultSize) / alphabet.length)
-  return async (size = defaultSize) => {
-    let id = ''
-    while (true) {
-      let bytes = crypto.getRandomValues(new Uint8Array(step))
-      let i = step
-      while (i--) {
-        id += alphabet[bytes[i] & mask] || ''
-        if (id.length === size) return id
-      }
-    }
-  }
-}
-let nanoid = async (size = 21) => {
-  let id = ''
-  let bytes = crypto.getRandomValues(new Uint8Array(size))
-  while (size--) {
-    let byte = bytes[size] & 63
-    if (byte < 36) {
-      id += byte.toString(36)
-    } else if (byte < 62) {
-      id += (byte - 26).toString(36).toUpperCase()
-    } else if (byte < 63) {
-      id += '_'
-    } else {
-      id += '-'
-    }
-  }
-  return id
-}
-module.exports = { nanoid, customAlphabet, random }

package/dist/node_modules/nanoid/async/index.browser.js

@@ -1,34 +0,0 @@
-let random = async bytes => crypto.getRandomValues(new Uint8Array(bytes))
-let customAlphabet = (alphabet, defaultSize = 21) => {
-  let mask = (2 << (Math.log(alphabet.length - 1) / Math.LN2)) - 1
-  let step = -~((1.6 * mask * defaultSize) / alphabet.length)
-  return async (size = defaultSize) => {
-    let id = ''
-    while (true) {
-      let bytes = crypto.getRandomValues(new Uint8Array(step))
-      let i = step
-      while (i--) {
-        id += alphabet[bytes[i] & mask] || ''
-        if (id.length === size) return id
-      }
-    }
-  }
-}
-let nanoid = async (size = 21) => {
-  let id = ''
-  let bytes = crypto.getRandomValues(new Uint8Array(size))
-  while (size--) {
-    let byte = bytes[size] & 63
-    if (byte < 36) {
-      id += byte.toString(36)
-    } else if (byte < 62) {
-      id += (byte - 26).toString(36).toUpperCase()
-    } else if (byte < 63) {
-      id += '_'
-    } else {
-      id += '-'
-    }
-  }
-  return id
-}
-export { nanoid, customAlphabet, random }

package/dist/node_modules/nanoid/async/index.cjs

@@ -1,35 +0,0 @@
-let crypto = require('crypto')
-let { urlAlphabet } = require('../url-alphabet/index.cjs')
-let random = bytes =>
-  new Promise((resolve, reject) => {
-    crypto.randomFill(Buffer.allocUnsafe(bytes), (err, buf) => {
-      if (err) {
-        reject(err)
-      } else {
-        resolve(buf)
-      }
-    })
-  })
-let customAlphabet = (alphabet, defaultSize = 21) => {
-  let mask = (2 << (31 - Math.clz32((alphabet.length - 1) | 1))) - 1
-  let step = Math.ceil((1.6 * mask * defaultSize) / alphabet.length)
-  let tick = (id, size = defaultSize) =>
-    random(step).then(bytes => {
-      let i = step
-      while (i--) {
-        id += alphabet[bytes[i] & mask] || ''
-        if (id.length === size) return id
-      }
-      return tick(id, size)
-    })
-  return size => tick('', size)
-}
-let nanoid = (size = 21) =>
-  random(size).then(bytes => {
-    let id = ''
-    while (size--) {
-      id += urlAlphabet[bytes[size] & 63]
-    }
-    return id
-  })
-module.exports = { nanoid, customAlphabet, random }

package/dist/node_modules/nanoid/async/index.d.ts

@@ -1,56 +0,0 @@
-/**
- * Generate secure URL-friendly unique ID. The non-blocking version.
- *
- * By default, the ID will have 21 symbols to have a collision probability
- * similar to UUID v4.
- *
- * ```js
- * import { nanoid } from 'nanoid/async'
- * nanoid().then(id => {
- *   model.id = id
- * })
- * ```
- *
- * @param size Size of the ID. The default size is 21.
- * @returns A promise with a random string.
- */
-export function nanoid(size?: number): Promise<string>
-
-/**
- * A low-level function.
- * Generate secure unique ID with custom alphabet. The non-blocking version.
- *
- * Alphabet must contain 256 symbols or less. Otherwise, the generator
- * will not be secure.
- *
- * @param alphabet Alphabet used to generate the ID.
- * @param defaultSize Size of the ID. The default size is 21.
- * @returns A function that returns a promise with a random string.
- *
- * ```js
- * import { customAlphabet } from 'nanoid/async'
- * const nanoid = customAlphabet('0123456789абвгдеё', 5)
- * nanoid().then(id => {
- *   model.id = id //=> "8ё56а"
- * })
- * ```
- */
-export function customAlphabet(
-  alphabet: string,
-  defaultSize?: number
-): (size?: number) => Promise<string>
-
-/**
- * Generate an array of random bytes collected from hardware noise.
- *
- * ```js
- * import { random } from 'nanoid/async'
- * random(5).then(bytes => {
- *   bytes //=> [10, 67, 212, 67, 89]
- * })
- * ```
- *
- * @param bytes Size of the array.
- * @returns A promise with a random bytes array.
- */
-export function random(bytes: number): Promise<Uint8Array>

package/dist/node_modules/nanoid/async/index.js

@@ -1,35 +0,0 @@
-import crypto from 'crypto'
-import { urlAlphabet } from '../url-alphabet/index.js'
-let random = bytes =>
-  new Promise((resolve, reject) => {
-    crypto.randomFill(Buffer.allocUnsafe(bytes), (err, buf) => {
-      if (err) {
-        reject(err)
-      } else {
-        resolve(buf)
-      }
-    })
-  })
-let customAlphabet = (alphabet, defaultSize = 21) => {
-  let mask = (2 << (31 - Math.clz32((alphabet.length - 1) | 1))) - 1
-  let step = Math.ceil((1.6 * mask * defaultSize) / alphabet.length)
-  let tick = (id, size = defaultSize) =>
-    random(step).then(bytes => {
-      let i = step
-      while (i--) {
-        id += alphabet[bytes[i] & mask] || ''
-        if (id.length === size) return id
-      }
-      return tick(id, size)
-    })
-  return size => tick('', size)
-}
-let nanoid = (size = 21) =>
-  random(size).then(bytes => {
-    let id = ''
-    while (size--) {
-      id += urlAlphabet[bytes[size] & 63]
-    }
-    return id
-  })
-export { nanoid, customAlphabet, random }

package/dist/node_modules/nanoid/async/index.native.js

@@ -1,26 +0,0 @@
-import { getRandomBytesAsync } from 'expo-random'
-import { urlAlphabet } from '../url-alphabet/index.js'
-let random = getRandomBytesAsync
-let customAlphabet = (alphabet, defaultSize = 21) => {
-  let mask = (2 << (31 - Math.clz32((alphabet.length - 1) | 1))) - 1
-  let step = Math.ceil((1.6 * mask * defaultSize) / alphabet.length)
-  let tick = (id, size = defaultSize) =>
-    random(step).then(bytes => {
-      let i = step
-      while (i--) {
-        id += alphabet[bytes[i] & mask] || ''
-        if (id.length === size) return id
-      }
-      return tick(id, size)
-    })
-  return size => tick('', size)
-}
-let nanoid = (size = 21) =>
-  random(size).then(bytes => {
-    let id = ''
-    while (size--) {
-      id += urlAlphabet[bytes[size] & 63]
-    }
-    return id
-  })
-export { nanoid, customAlphabet, random }

package/dist/node_modules/nanoid/async/package.json

@@ -1,12 +0,0 @@
-{
-  "type": "module",
-  "main": "index.cjs",
-  "module": "index.js",
-  "react-native": {
-    "./index.js": "./index.native.js"
-  },
-  "browser": {
-    "./index.js": "./index.browser.js",
-    "./index.cjs": "./index.browser.cjs"
-  }
-}

package/dist/node_modules/nanoid/bin/nanoid.cjs

@@ -1,55 +0,0 @@
-#!/usr/bin/env node
-
-let { nanoid, customAlphabet } = require('..')
-
-function print(msg) {
-  process.stdout.write(msg + '\n')
-}
-
-function error(msg) {
-  process.stderr.write(msg + '\n')
-  process.exit(1)
-}
-
-if (process.argv.includes('--help') || process.argv.includes('-h')) {
-  print(`
-  Usage
-    $ nanoid [options]
-
-  Options
-    -s, --size       Generated ID size
-    -a, --alphabet   Alphabet to use
-    -h, --help       Show this help
-
-  Examples
-    $ nanoid --s 15
-    S9sBF77U6sDB8Yg
-
-    $ nanoid --size 10 --alphabet abc
-    bcabababca`)
-  process.exit()
-}
-
-let alphabet, size
-for (let i = 2; i < process.argv.length; i++) {
-  let arg = process.argv[i]
-  if (arg === '--size' || arg === '-s') {
-    size = Number(process.argv[i + 1])
-    i += 1
-    if (Number.isNaN(size) || size <= 0) {
-      error('Size must be positive integer')
-    }
-  } else if (arg === '--alphabet' || arg === '-a') {
-    alphabet = process.argv[i + 1]
-    i += 1
-  } else {
-    error('Unknown argument ' + arg)
-  }
-}
-
-if (alphabet) {
-  let customNanoid = customAlphabet(alphabet, size)
-  print(customNanoid())
-} else {
-  print(nanoid(size))
-}

package/dist/node_modules/nanoid/index.browser.cjs

@@ -1,34 +0,0 @@
-let { urlAlphabet } = require('./url-alphabet/index.cjs')
-let random = bytes => crypto.getRandomValues(new Uint8Array(bytes))
-let customRandom = (alphabet, defaultSize, getRandom) => {
-  let mask = (2 << (Math.log(alphabet.length - 1) / Math.LN2)) - 1
-  let step = -~((1.6 * mask * defaultSize) / alphabet.length)
-  return (size = defaultSize) => {
-    let id = ''
-    while (true) {
-      let bytes = getRandom(step)
-      let j = step
-      while (j--) {
-        id += alphabet[bytes[j] & mask] || ''
-        if (id.length === size) return id
-      }
-    }
-  }
-}
-let customAlphabet = (alphabet, size = 21) =>
-  customRandom(alphabet, size, random)
-let nanoid = (size = 21) =>
-  crypto.getRandomValues(new Uint8Array(size)).reduce((id, byte) => {
-    byte &= 63
-    if (byte < 36) {
-      id += byte.toString(36)
-    } else if (byte < 62) {
-      id += (byte - 26).toString(36).toUpperCase()
-    } else if (byte > 62) {
-      id += '-'
-    } else {
-      id += '_'
-    }
-    return id
-  }, '')
-module.exports = { nanoid, customAlphabet, customRandom, urlAlphabet, random }

package/dist/node_modules/nanoid/index.browser.js

@@ -1,34 +0,0 @@
-import { urlAlphabet } from './url-alphabet/index.js'
-let random = bytes => crypto.getRandomValues(new Uint8Array(bytes))
-let customRandom = (alphabet, defaultSize, getRandom) => {
-  let mask = (2 << (Math.log(alphabet.length - 1) / Math.LN2)) - 1
-  let step = -~((1.6 * mask * defaultSize) / alphabet.length)
-  return (size = defaultSize) => {
-    let id = ''
-    while (true) {
-      let bytes = getRandom(step)
-      let j = step
-      while (j--) {
-        id += alphabet[bytes[j] & mask] || ''
-        if (id.length === size) return id
-      }
-    }
-  }
-}
-let customAlphabet = (alphabet, size = 21) =>
-  customRandom(alphabet, size, random)
-let nanoid = (size = 21) =>
-  crypto.getRandomValues(new Uint8Array(size)).reduce((id, byte) => {
-    byte &= 63
-    if (byte < 36) {
-      id += byte.toString(36)
-    } else if (byte < 62) {
-      id += (byte - 26).toString(36).toUpperCase()
-    } else if (byte > 62) {
-      id += '-'
-    } else {
-      id += '_'
-    }
-    return id
-  }, '')
-export { nanoid, customAlphabet, customRandom, urlAlphabet, random }

package/dist/node_modules/nanoid/index.cjs

@@ -1 +0,0 @@
-(function(){var e={113:function(e){"use strict";e.exports=require("crypto")},592:function(e,t,r){let l=r(113);let{urlAlphabet:n}=r(651);const a=128;let u,i;let fillPool=e=>{if(!u||u.length<e){u=Buffer.allocUnsafe(e*a);l.randomFillSync(u);i=0}else if(i+e>u.length){l.randomFillSync(u);i=0}i+=e};let random=e=>{fillPool(e-=0);return u.subarray(i-e,i)};let customRandom=(e,t,r)=>{let l=(2<<31-Math.clz32(e.length-1|1))-1;let n=Math.ceil(1.6*l*t/e.length);return(a=t)=>{let u="";while(true){let t=r(n);let i=n;while(i--){u+=e[t[i]&l]||"";if(u.length===a)return u}}}};let customAlphabet=(e,t=21)=>customRandom(e,t,random);let nanoid=(e=21)=>{fillPool(e-=0);let t="";for(let r=i-e;r<i;r++){t+=n[u[r]&63]}return t};e.exports={nanoid:nanoid,customAlphabet:customAlphabet,customRandom:customRandom,urlAlphabet:n,random:random}},651:function(e){let t="useandom-26T198340PX75pxJACKVERYMINDBUSHWOLF_GQZbfghjklqvwyzrict";e.exports={urlAlphabet:t}}};var t={};function __nccwpck_require__(r){var l=t[r];if(l!==undefined){return l.exports}var n=t[r]={exports:{}};var a=true;try{e[r](n,n.exports,__nccwpck_require__);a=false}finally{if(a)delete t[r]}return n.exports}if(typeof __nccwpck_require__!=="undefined")__nccwpck_require__.ab=__dirname+"/";var r=__nccwpck_require__(592);module.exports=r})();