@ytsaurus/ui 1.12.1 → 1.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (176) hide show
  1. package/build/cjs/@types/core.d.ts +38 -0
  2. package/build/cjs/server/components/layout-config.js +6 -1
  3. package/build/cjs/server/components/layout-config.js.map +1 -1
  4. package/build/cjs/server/components/oauth.d.ts +26 -0
  5. package/build/cjs/server/components/oauth.js +123 -0
  6. package/build/cjs/server/components/oauth.js.map +1 -0
  7. package/build/cjs/server/components/yt-auth.d.ts +6 -0
  8. package/build/cjs/server/components/yt-auth.js +23 -0
  9. package/build/cjs/server/components/yt-auth.js.map +1 -0
  10. package/build/cjs/server/controllers/login.d.ts +0 -1
  11. package/build/cjs/server/controllers/login.js +4 -26
  12. package/build/cjs/server/controllers/login.js.map +1 -1
  13. package/build/cjs/server/controllers/logout.d.ts +2 -0
  14. package/build/cjs/server/controllers/logout.js +15 -0
  15. package/build/cjs/server/controllers/logout.js.map +1 -0
  16. package/build/cjs/server/controllers/oauth-login.d.ts +4 -0
  17. package/build/cjs/server/controllers/oauth-login.js +30 -0
  18. package/build/cjs/server/controllers/oauth-login.js.map +1 -0
  19. package/build/cjs/server/index.js +9 -1
  20. package/build/cjs/server/index.js.map +1 -1
  21. package/build/cjs/server/middlewares/authorization.d.ts +2 -0
  22. package/build/cjs/server/middlewares/authorization.js +42 -0
  23. package/build/cjs/server/middlewares/authorization.js.map +1 -0
  24. package/build/cjs/server/middlewares/oauth.d.ts +2 -0
  25. package/build/cjs/server/middlewares/oauth.js +27 -0
  26. package/build/cjs/server/middlewares/oauth.js.map +1 -0
  27. package/build/cjs/server/middlewares/yt-auth.d.ts +1 -1
  28. package/build/cjs/server/middlewares/yt-auth.js +10 -42
  29. package/build/cjs/server/middlewares/yt-auth.js.map +1 -1
  30. package/build/cjs/server/routes.js +6 -1
  31. package/build/cjs/server/routes.js.map +1 -1
  32. package/build/cjs/server/utils/authorization.d.ts +6 -0
  33. package/build/cjs/server/utils/authorization.js +33 -0
  34. package/build/cjs/server/utils/authorization.js.map +1 -0
  35. package/build/cjs/shared/constants/index.d.ts +3 -0
  36. package/build/cjs/shared/constants/index.js +3 -1
  37. package/build/cjs/shared/constants/index.js.map +1 -1
  38. package/build/cjs/shared/yt-types.d.ts +2 -0
  39. package/build/cjs/ui/components/Login/LoginFormPage/LoginFormPage.js +23 -5
  40. package/build/cjs/ui/components/Login/LoginFormPage/LoginFormPage.js.map +1 -1
  41. package/build/cjs/ui/components/Login/LoginPageWrapper/LoginPageWrapper.css +8 -0
  42. package/build/cjs/ui/components/Login/LoginPageWrapper/LoginPageWrapper.css.map +1 -1
  43. package/build/cjs/ui/components/NumberInput/NumberInput.d.ts +1 -1
  44. package/build/cjs/ui/constants/docsUrls.d.ts +1 -0
  45. package/build/cjs/ui/constants/docsUrls.js +1 -0
  46. package/build/cjs/ui/constants/docsUrls.js.map +1 -1
  47. package/build/cjs/ui/containers/AppNavigation/AppNavigation.js +2 -0
  48. package/build/cjs/ui/containers/AppNavigation/AppNavigation.js.map +1 -1
  49. package/build/cjs/ui/containers/AppNavigation/AppNavigationComponent.d.ts +1 -1
  50. package/build/cjs/ui/containers/AppNavigation/AppNavigationComponent.js +5 -7
  51. package/build/cjs/ui/containers/AppNavigation/AppNavigationComponent.js.map +1 -1
  52. package/build/cjs/ui/containers/AppNavigation/AppNavigationPageLayout.d.ts +2 -0
  53. package/build/cjs/ui/containers/AppNavigation/AppNavigationPageLayout.js.map +1 -1
  54. package/build/cjs/ui/pages/tablet_cell_bundles/bundles/BundleEditorDialog/BundleEditorDialog.js +11 -7
  55. package/build/cjs/ui/pages/tablet_cell_bundles/bundles/BundleEditorDialog/BundleEditorDialog.js.map +1 -1
  56. package/build/cjs/ui/store/actions/tablet_cell_bundles/index.js +1 -1
  57. package/build/cjs/ui/store/actions/tablet_cell_bundles/index.js.map +1 -1
  58. package/build/cjs/ui/store/reducers/global/index.d.ts +1 -0
  59. package/build/cjs/ui/store/reducers/global/index.js +1 -0
  60. package/build/cjs/ui/store/reducers/global/index.js.map +1 -1
  61. package/build/cjs/ui/store/reducers/tablet_cell_bundles/index.d.ts +8 -0
  62. package/build/cjs/ui/store/reducers/tablet_cell_bundles/index.js.map +1 -1
  63. package/build/cjs/ui/store/selectors/global/index.d.ts +4 -0
  64. package/build/cjs/ui/store/selectors/global/index.js +14 -4
  65. package/build/cjs/ui/store/selectors/global/index.js.map +1 -1
  66. package/build/cjs/ui/utils/tablet_cell_bundles/bundles/bundle-editor-dialog/index.d.ts +2 -1
  67. package/build/cjs/ui/utils/tablet_cell_bundles/bundles/bundle-editor-dialog/index.js +16 -1
  68. package/build/cjs/ui/utils/tablet_cell_bundles/bundles/bundle-editor-dialog/index.js.map +1 -1
  69. package/build/esm/@types/core.d.ts +38 -0
  70. package/build/esm/server/components/layout-config.js +7 -2
  71. package/build/esm/server/components/layout-config.js.map +1 -1
  72. package/build/esm/server/components/oauth.d.ts +26 -0
  73. package/build/esm/server/components/oauth.js +169 -0
  74. package/build/esm/server/components/oauth.js.map +1 -0
  75. package/build/esm/server/components/yt-auth.d.ts +6 -0
  76. package/build/esm/server/components/yt-auth.js +17 -0
  77. package/build/esm/server/components/yt-auth.js.map +1 -0
  78. package/build/esm/server/controllers/login.d.ts +0 -1
  79. package/build/esm/server/controllers/login.js +41 -88
  80. package/build/esm/server/controllers/login.js.map +1 -1
  81. package/build/esm/server/controllers/logout.d.ts +2 -0
  82. package/build/esm/server/controllers/logout.js +11 -0
  83. package/build/esm/server/controllers/logout.js.map +1 -0
  84. package/build/esm/server/controllers/oauth-login.d.ts +4 -0
  85. package/build/esm/server/controllers/oauth-login.js +50 -0
  86. package/build/esm/server/controllers/oauth-login.js.map +1 -0
  87. package/build/esm/server/index.js +7 -2
  88. package/build/esm/server/index.js.map +1 -1
  89. package/build/esm/server/middlewares/authorization.d.ts +2 -0
  90. package/build/esm/server/middlewares/authorization.js +74 -0
  91. package/build/esm/server/middlewares/authorization.js.map +1 -0
  92. package/build/esm/server/middlewares/oauth.d.ts +2 -0
  93. package/build/esm/server/middlewares/oauth.js +50 -0
  94. package/build/esm/server/middlewares/oauth.js.map +1 -0
  95. package/build/esm/server/middlewares/yt-auth.d.ts +1 -1
  96. package/build/esm/server/middlewares/yt-auth.js +8 -58
  97. package/build/esm/server/middlewares/yt-auth.js.map +1 -1
  98. package/build/esm/server/routes.js +16 -2
  99. package/build/esm/server/routes.js.map +1 -1
  100. package/build/esm/server/utils/authorization.d.ts +6 -0
  101. package/build/esm/server/utils/authorization.js +28 -0
  102. package/build/esm/server/utils/authorization.js.map +1 -0
  103. package/build/esm/shared/constants/index.d.ts +3 -0
  104. package/build/esm/shared/constants/index.js +2 -1
  105. package/build/esm/shared/constants/index.js.map +1 -1
  106. package/build/esm/shared/yt-types.d.ts +2 -0
  107. package/build/esm/ui/components/Login/LoginFormPage/LoginFormPage.js +24 -6
  108. package/build/esm/ui/components/Login/LoginFormPage/LoginFormPage.js.map +1 -1
  109. package/build/esm/ui/components/Login/LoginPageWrapper/LoginPageWrapper.css +8 -0
  110. package/build/esm/ui/components/Login/LoginPageWrapper/LoginPageWrapper.css.map +1 -1
  111. package/build/esm/ui/components/Login/LoginPageWrapper/LoginPageWrapper.scss +12 -0
  112. package/build/esm/ui/components/NumberInput/NumberInput.d.ts +1 -1
  113. package/build/esm/ui/constants/docsUrls.d.ts +1 -0
  114. package/build/esm/ui/constants/docsUrls.js +1 -0
  115. package/build/esm/ui/constants/docsUrls.js.map +1 -1
  116. package/build/esm/ui/containers/AppNavigation/AppNavigation.js +3 -1
  117. package/build/esm/ui/containers/AppNavigation/AppNavigation.js.map +1 -1
  118. package/build/esm/ui/containers/AppNavigation/AppNavigationComponent.d.ts +1 -1
  119. package/build/esm/ui/containers/AppNavigation/AppNavigationComponent.js +5 -7
  120. package/build/esm/ui/containers/AppNavigation/AppNavigationComponent.js.map +1 -1
  121. package/build/esm/ui/containers/AppNavigation/AppNavigationPageLayout.d.ts +2 -0
  122. package/build/esm/ui/containers/AppNavigation/AppNavigationPageLayout.js.map +1 -1
  123. package/build/esm/ui/pages/tablet_cell_bundles/bundles/BundleEditorDialog/BundleEditorDialog.js +12 -8
  124. package/build/esm/ui/pages/tablet_cell_bundles/bundles/BundleEditorDialog/BundleEditorDialog.js.map +1 -1
  125. package/build/esm/ui/store/actions/tablet_cell_bundles/index.js +1 -1
  126. package/build/esm/ui/store/actions/tablet_cell_bundles/index.js.map +1 -1
  127. package/build/esm/ui/store/reducers/global/index.d.ts +1 -0
  128. package/build/esm/ui/store/reducers/global/index.js +1 -0
  129. package/build/esm/ui/store/reducers/global/index.js.map +1 -1
  130. package/build/esm/ui/store/reducers/tablet_cell_bundles/index.d.ts +8 -0
  131. package/build/esm/ui/store/reducers/tablet_cell_bundles/index.js.map +1 -1
  132. package/build/esm/ui/store/selectors/global/index.d.ts +4 -0
  133. package/build/esm/ui/store/selectors/global/index.js +12 -2
  134. package/build/esm/ui/store/selectors/global/index.js.map +1 -1
  135. package/build/esm/ui/utils/tablet_cell_bundles/bundles/bundle-editor-dialog/index.d.ts +2 -1
  136. package/build/esm/ui/utils/tablet_cell_bundles/bundles/bundle-editor-dialog/index.js +15 -0
  137. package/build/esm/ui/utils/tablet_cell_bundles/bundles/bundle-editor-dialog/index.js.map +1 -1
  138. package/dist/public/build/assets-manifest.json +12 -12
  139. package/dist/public/build/css/{main.136a49c7.css → main.e919e247.css} +2 -2
  140. package/dist/public/build/css/main.e919e247.css.map +1 -0
  141. package/dist/public/build/js/89.07445d46.chunk.js +2 -0
  142. package/dist/public/build/js/89.07445d46.chunk.js.map +1 -0
  143. package/dist/public/build/js/main.9d592639.js +3 -0
  144. package/dist/public/build/js/{main.69fdeec5.js.map → main.9d592639.js.map} +1 -1
  145. package/dist/public/build/js/{runtime.6c8d85d3.js → runtime.9491563b.js} +2 -2
  146. package/dist/public/build/js/{runtime.6c8d85d3.js.map → runtime.9491563b.js.map} +1 -1
  147. package/dist/public/build/manifest.json +8 -8
  148. package/dist/server/components/layout-config.js +6 -1
  149. package/dist/server/components/oauth.d.ts +26 -0
  150. package/dist/server/components/oauth.js +123 -0
  151. package/dist/server/components/yt-auth.d.ts +6 -0
  152. package/dist/server/components/yt-auth.js +23 -0
  153. package/dist/server/controllers/login.d.ts +0 -1
  154. package/dist/server/controllers/login.js +4 -26
  155. package/dist/server/controllers/logout.d.ts +2 -0
  156. package/dist/server/controllers/logout.js +15 -0
  157. package/dist/server/controllers/oauth-login.d.ts +4 -0
  158. package/dist/server/controllers/oauth-login.js +30 -0
  159. package/dist/server/index.js +9 -1
  160. package/dist/server/middlewares/authorization.d.ts +2 -0
  161. package/dist/server/middlewares/authorization.js +42 -0
  162. package/dist/server/middlewares/oauth.d.ts +2 -0
  163. package/dist/server/middlewares/oauth.js +27 -0
  164. package/dist/server/middlewares/yt-auth.d.ts +1 -1
  165. package/dist/server/middlewares/yt-auth.js +10 -42
  166. package/dist/server/routes.js +6 -1
  167. package/dist/server/utils/authorization.d.ts +6 -0
  168. package/dist/server/utils/authorization.js +33 -0
  169. package/dist/shared/constants/index.d.ts +3 -0
  170. package/dist/shared/constants/index.js +3 -1
  171. package/package.json +2 -2
  172. package/dist/public/build/css/main.136a49c7.css.map +0 -1
  173. package/dist/public/build/js/89.6ea87438.chunk.js +0 -2
  174. package/dist/public/build/js/89.6ea87438.chunk.js.map +0 -1
  175. package/dist/public/build/js/main.69fdeec5.js +0 -3
  176. /package/dist/public/build/js/{main.69fdeec5.js.LICENSE.txt → main.9d592639.js.LICENSE.txt} +0 -0
@@ -72,6 +72,44 @@ export interface YTCoreConfig {
72
72
  * Enables YT-password authentication when defined
73
73
  */
74
74
  ytAuthCluster?: string;
75
+
76
+ /**
77
+ * OpenID Connect configuration
78
+ */
79
+ ytOAuthSettings?: {
80
+ /**
81
+ * URL of the OpenID connect server without the trailing slash
82
+ */
83
+ baseURL: string;
84
+ /**
85
+ * Authorization endpoint
86
+ */
87
+ authPath: string;
88
+ /**
89
+ * Authorization endpoint
90
+ */
91
+ logoutPath: string;
92
+ /**
93
+ * Authorization endpoint
94
+ */
95
+ tokenPath: string;
96
+ /**
97
+ * OpenID Client id
98
+ */
99
+ clientId: string;
100
+ /**
101
+ * OpenID Client secret
102
+ */
103
+ clientSecret: string;
104
+ /**
105
+ * OpenID Scope(Details https://auth0.com/docs/get-started/apis/scopes/openid-connect-scopes)
106
+ */
107
+ scope: string;
108
+ /**
109
+ * Label on the Login via OpenID button
110
+ */
111
+ buttonLabel?: string;
112
+ };
75
113
  /**
76
114
  * Modifies headers of /api/yt/login request:
77
115
  * if enabled removes 'Secure'-option from 'Set-Cookie: YTCypressCookie=...; ...' response-header
@@ -1,8 +1,10 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.getLayoutConfig = void 0;
4
- const utils_1 = require("../utils");
5
4
  const table_column_preset_1 = require("../controllers/table-column-preset");
5
+ const utils_1 = require("../utils");
6
+ const authorization_1 = require("../utils/authorization");
7
+ const oauth_1 = require("./oauth");
6
8
  async function getLayoutConfig(req, params) {
7
9
  var _a;
8
10
  const { login, ytConfig, settings } = params;
@@ -15,6 +17,7 @@ async function getLayoutConfig(req, params) {
15
17
  version: uiVersion,
16
18
  },
17
19
  login,
20
+ authWay: (0, authorization_1.getAuthWay)(req),
18
21
  };
19
22
  const isProduction = (0, utils_1.isProductionEnv)();
20
23
  const res = {
@@ -39,6 +42,8 @@ async function getLayoutConfig(req, params) {
39
42
  uiSettings,
40
43
  metrikaCounterId: (_a = metrikaCounter === null || metrikaCounter === void 0 ? void 0 : metrikaCounter[0]) === null || _a === void 0 ? void 0 : _a.id,
41
44
  allowLoginDialog: Boolean(ytAuthCluster),
45
+ allowOAuth: (0, oauth_1.isOAuthAllowed)(req),
46
+ oauthButtonLabel: (0, oauth_1.isOAuthAllowed)(req) ? (0, oauth_1.getOAuthSettings)(req).buttonLabel : undefined,
42
47
  allowUserColumnPresets: (0, table_column_preset_1.isUserColumnPresetsEnabled)(req),
43
48
  odinPageEnabled: Boolean(odinBaseUrl),
44
49
  },
@@ -1 +1 @@
1
- {"version":3,"names":["_utils","require","_tableColumnPreset","_interopRequireDefault","obj","__esModule","default","getLayoutConfig","_x","_x2","_getLayoutConfig","apply","arguments","_asyncToGenerator","_regeneratorRuntime","mark","_callee","req","params","_metrikaCounter$","login","ytConfig","settings","_ref","ytApiUseCORS","uiSettings","metrikaCounter","ytAuthCluster","odinBaseUrl","YT","uiVersion","parameters","isProduction","res","wrap","_callee$","_context","prev","next","ctx","config","getInterfaceVersion","version","isProductionEnv","bodyContent","root","title","lang","meta","name","content","inlineScripts","concat","JSON","stringify","data","metrikaCounterId","id","allowLoginDialog","Boolean","allowUserColumnPresets","isUserColumnPresetsEnabled","odinPageEnabled","pluginsOptions","yandexMetrika","counter","layout","abrupt","stop"],"sources":["layout-config.ts"],"sourcesContent":["import _ from 'lodash';\nimport {getInterfaceVersion, isProductionEnv} from '../utils';\nimport type {Request} from 'express';\nimport {YTCoreConfig} from '../../@types/core';\nimport {ConfigData, YTConfig} from '../../shared/yt-types';\nimport {AppLayoutConfig} from '../render-layout';\nimport {isUserColumnPresetsEnabled} from '../controllers/table-column-preset';\n\ninterface Params {\n login?: string;\n uid?: string;\n cluster: string | undefined;\n settings: ConfigData['settings'];\n ytConfig: Partial<YTConfig>;\n}\n\nexport async function getLayoutConfig(req: Request, params: Params): Promise<AppLayoutConfig> {\n const {login, ytConfig, settings} = params;\n const {ytApiUseCORS, uiSettings, metrikaCounter, ytAuthCluster, odinBaseUrl} = req.ctx\n .config as YTCoreConfig;\n const YT = ytConfig;\n const uiVersion = getInterfaceVersion();\n\n const parameters = {\n interface: {\n version: uiVersion,\n },\n login,\n };\n\n const isProduction = isProductionEnv();\n\n const res: AppLayoutConfig = {\n bodyContent: {root: ''},\n title: 'YT',\n lang: 'en',\n meta: [\n {\n name: 'viewport',\n content: 'width=device-width, initial-scale=1.0',\n },\n ],\n inlineScripts: [\n `window.YT = Object.assign(window.YT || {}, ${JSON.stringify(YT)}, ${JSON.stringify({\n parameters,\n })});`,\n `window.YT.environment = window.YT.environment || (${isProduction} ? 'production' : 'development');`,\n ],\n data: {\n settings,\n ytApiUseCORS,\n uiSettings,\n metrikaCounterId: metrikaCounter?.[0]?.id,\n allowLoginDialog: Boolean(ytAuthCluster),\n allowUserColumnPresets: isUserColumnPresetsEnabled(req),\n odinPageEnabled: Boolean(odinBaseUrl),\n },\n pluginsOptions: {\n yandexMetrika: {\n counter: metrikaCounter,\n },\n layout: {\n name: 'main',\n },\n },\n };\n return res;\n}\n"],"mappings":";;;;;;;;AACA,IAAAA,MAAA,GAAAC,OAAA;AAKA,IAAAC,kBAAA,GAAAD,OAAA;AAA6E,SAAAE,uBAAAC,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAU7E,SAAsBG,eAAeA,CAAAC,EAAA,EAAAC,GAAA;EAAA,OAAAC,gBAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAmDpC,SAAAF,iBAAA;EAAAA,gBAAA,OAAAG,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CAnDM,SAAAC,QAA+BC,GAAY,EAAEC,MAAc;IAAA,IAAAC,gBAAA;IAAA,IAAAC,KAAA,EAAAC,QAAA,EAAAC,QAAA,EAAAC,IAAA,EAAAC,YAAA,EAAAC,UAAA,EAAAC,cAAA,EAAAC,aAAA,EAAAC,WAAA,EAAAC,EAAA,EAAAC,SAAA,EAAAC,UAAA,EAAAC,YAAA,EAAAC,GAAA;IAAA,OAAAnB,oBAAA,CAAAoB,IAAA,UAAAC,SAAAC,QAAA;MAAA,kBAAAA,QAAA,CAAAC,IAAA,GAAAD,QAAA,CAAAE,IAAA;QAAA;UACvDlB,KAAK,GAAwBF,MAAM,CAAnCE,KAAK,EAAEC,QAAQ,GAAcH,MAAM,CAA5BG,QAAQ,EAAEC,QAAQ,GAAIJ,MAAM,CAAlBI,QAAQ;UAAAC,IAAA,GAC+CN,GAAG,CAACsB,GAAG,CACjFC,MAAM,EADJhB,YAAY,GAAAD,IAAA,CAAZC,YAAY,EAAEC,UAAU,GAAAF,IAAA,CAAVE,UAAU,EAAEC,cAAc,GAAAH,IAAA,CAAdG,cAAc,EAAEC,aAAa,GAAAJ,IAAA,CAAbI,aAAa,EAAEC,WAAW,GAAAL,IAAA,CAAXK,WAAW;UAErEC,EAAE,GAAGR,QAAQ;UACbS,SAAS,GAAG,IAAAW,0BAAmB,EAAC,CAAC;UAEjCV,UAAU,GAAG;YACf,aAAW;cACPW,OAAO,EAAEZ;YACb,CAAC;YACDV,KAAK,EAALA;UACJ,CAAC;UAEKY,YAAY,GAAG,IAAAW,sBAAe,EAAC,CAAC;UAEhCV,GAAoB,GAAG;YACzBW,WAAW,EAAE;cAACC,IAAI,EAAE;YAAE,CAAC;YACvBC,KAAK,EAAE,IAAI;YACXC,IAAI,EAAE,IAAI;YACVC,IAAI,EAAE,CACF;cACIC,IAAI,EAAE,UAAU;cAChBC,OAAO,EAAE;YACb,CAAC,CACJ;YACDC,aAAa,EAAE,+CAAAC,MAAA,CACmCC,IAAI,CAACC,SAAS,CAACzB,EAAE,CAAC,QAAAuB,MAAA,CAAKC,IAAI,CAACC,SAAS,CAAC;cAChFvB,UAAU,EAAVA;YACJ,CAAC,CAAC,8DAAAqB,MAAA,CACmDpB,YAAY,uCACpE;YACDuB,IAAI,EAAE;cACFjC,QAAQ,EAARA,QAAQ;cACRE,YAAY,EAAZA,YAAY;cACZC,UAAU,EAAVA,UAAU;cACV+B,gBAAgB,EAAE9B,cAAc,aAAdA,cAAc,gBAAAP,gBAAA,GAAdO,cAAc,CAAG,CAAC,CAAC,cAAAP,gBAAA,uBAAnBA,gBAAA,CAAqBsC,EAAE;cACzCC,gBAAgB,EAAEC,OAAO,CAAChC,aAAa,CAAC;cACxCiC,sBAAsB,EAAE,IAAAC,6CAA0B,EAAC5C,GAAG,CAAC;cACvD6C,eAAe,EAAEH,OAAO,CAAC/B,WAAW;YACxC,CAAC;YACDmC,cAAc,EAAE;cACZC,aAAa,EAAE;gBACXC,OAAO,EAAEvC;cACb,CAAC;cACDwC,MAAM,EAAE;gBACJjB,IAAI,EAAE;cACV;YACJ;UACJ,CAAC;UAAA,OAAAb,QAAA,CAAA+B,MAAA,WACMlC,GAAG;QAAA;QAAA;UAAA,OAAAG,QAAA,CAAAgC,IAAA;MAAA;IAAA,GAAApD,OAAA;EAAA,CACb;EAAA,OAAAN,gBAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA"}
1
+ {"version":3,"names":["_tableColumnPreset","require","_utils","_authorization","_oauth","_interopRequireDefault","obj","__esModule","default","getLayoutConfig","_x","_x2","_getLayoutConfig","apply","arguments","_asyncToGenerator","_regeneratorRuntime","mark","_callee","req","params","_metrikaCounter$","login","ytConfig","settings","_ref","ytApiUseCORS","uiSettings","metrikaCounter","ytAuthCluster","odinBaseUrl","YT","uiVersion","parameters","isProduction","res","wrap","_callee$","_context","prev","next","ctx","config","getInterfaceVersion","version","authWay","getAuthWay","isProductionEnv","bodyContent","root","title","lang","meta","name","content","inlineScripts","concat","JSON","stringify","data","metrikaCounterId","id","allowLoginDialog","Boolean","allowOAuth","isOAuthAllowed","oauthButtonLabel","getOAuthSettings","buttonLabel","undefined","allowUserColumnPresets","isUserColumnPresetsEnabled","odinPageEnabled","pluginsOptions","yandexMetrika","counter","layout","abrupt","stop"],"sources":["layout-config.ts"],"sourcesContent":["import type {Request} from 'express';\nimport {YTCoreConfig} from '../../@types/core';\nimport {ConfigData, YTConfig} from '../../shared/yt-types';\nimport {AppLayoutConfig} from '../render-layout';\nimport {isUserColumnPresetsEnabled} from '../controllers/table-column-preset';\nimport {getInterfaceVersion, isProductionEnv} from '../utils';\nimport {getAuthWay} from '../utils/authorization';\nimport {getOAuthSettings, isOAuthAllowed} from './oauth';\n\ninterface Params {\n login?: string;\n uid?: string;\n cluster: string | undefined;\n settings: ConfigData['settings'];\n ytConfig: Partial<YTConfig>;\n}\n\nexport async function getLayoutConfig(req: Request, params: Params): Promise<AppLayoutConfig> {\n const {login, ytConfig, settings} = params;\n const {ytApiUseCORS, uiSettings, metrikaCounter, ytAuthCluster, odinBaseUrl} = req.ctx\n .config as YTCoreConfig;\n const YT = ytConfig;\n const uiVersion = getInterfaceVersion();\n\n const parameters = {\n interface: {\n version: uiVersion,\n },\n login,\n authWay: getAuthWay(req),\n };\n\n const isProduction = isProductionEnv();\n\n const res: AppLayoutConfig = {\n bodyContent: {root: ''},\n title: 'YT',\n lang: 'en',\n meta: [\n {\n name: 'viewport',\n content: 'width=device-width, initial-scale=1.0',\n },\n ],\n inlineScripts: [\n `window.YT = Object.assign(window.YT || {}, ${JSON.stringify(YT)}, ${JSON.stringify({\n parameters,\n })});`,\n `window.YT.environment = window.YT.environment || (${isProduction} ? 'production' : 'development');`,\n ],\n data: {\n settings,\n ytApiUseCORS,\n uiSettings,\n metrikaCounterId: metrikaCounter?.[0]?.id,\n allowLoginDialog: Boolean(ytAuthCluster),\n allowOAuth: isOAuthAllowed(req),\n oauthButtonLabel: isOAuthAllowed(req) ? getOAuthSettings(req).buttonLabel : undefined,\n allowUserColumnPresets: isUserColumnPresetsEnabled(req),\n odinPageEnabled: Boolean(odinBaseUrl),\n },\n pluginsOptions: {\n yandexMetrika: {\n counter: metrikaCounter,\n },\n layout: {\n name: 'main',\n },\n },\n };\n return res;\n}\n"],"mappings":";;;;;;;;AAIA,IAAAA,kBAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,cAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAAwD,SAAAI,uBAAAC,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAUxD,SAAsBG,eAAeA,CAAAC,EAAA,EAAAC,GAAA;EAAA,OAAAC,gBAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAsDpC,SAAAF,iBAAA;EAAAA,gBAAA,OAAAG,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CAtDM,SAAAC,QAA+BC,GAAY,EAAEC,MAAc;IAAA,IAAAC,gBAAA;IAAA,IAAAC,KAAA,EAAAC,QAAA,EAAAC,QAAA,EAAAC,IAAA,EAAAC,YAAA,EAAAC,UAAA,EAAAC,cAAA,EAAAC,aAAA,EAAAC,WAAA,EAAAC,EAAA,EAAAC,SAAA,EAAAC,UAAA,EAAAC,YAAA,EAAAC,GAAA;IAAA,OAAAnB,oBAAA,CAAAoB,IAAA,UAAAC,SAAAC,QAAA;MAAA,kBAAAA,QAAA,CAAAC,IAAA,GAAAD,QAAA,CAAAE,IAAA;QAAA;UACvDlB,KAAK,GAAwBF,MAAM,CAAnCE,KAAK,EAAEC,QAAQ,GAAcH,MAAM,CAA5BG,QAAQ,EAAEC,QAAQ,GAAIJ,MAAM,CAAlBI,QAAQ;UAAAC,IAAA,GAC+CN,GAAG,CAACsB,GAAG,CACjFC,MAAM,EADJhB,YAAY,GAAAD,IAAA,CAAZC,YAAY,EAAEC,UAAU,GAAAF,IAAA,CAAVE,UAAU,EAAEC,cAAc,GAAAH,IAAA,CAAdG,cAAc,EAAEC,aAAa,GAAAJ,IAAA,CAAbI,aAAa,EAAEC,WAAW,GAAAL,IAAA,CAAXK,WAAW;UAErEC,EAAE,GAAGR,QAAQ;UACbS,SAAS,GAAG,IAAAW,0BAAmB,EAAC,CAAC;UAEjCV,UAAU,GAAG;YACf,aAAW;cACPW,OAAO,EAAEZ;YACb,CAAC;YACDV,KAAK,EAALA,KAAK;YACLuB,OAAO,EAAE,IAAAC,yBAAU,EAAC3B,GAAG;UAC3B,CAAC;UAEKe,YAAY,GAAG,IAAAa,sBAAe,EAAC,CAAC;UAEhCZ,GAAoB,GAAG;YACzBa,WAAW,EAAE;cAACC,IAAI,EAAE;YAAE,CAAC;YACvBC,KAAK,EAAE,IAAI;YACXC,IAAI,EAAE,IAAI;YACVC,IAAI,EAAE,CACF;cACIC,IAAI,EAAE,UAAU;cAChBC,OAAO,EAAE;YACb,CAAC,CACJ;YACDC,aAAa,EAAE,+CAAAC,MAAA,CACmCC,IAAI,CAACC,SAAS,CAAC3B,EAAE,CAAC,QAAAyB,MAAA,CAAKC,IAAI,CAACC,SAAS,CAAC;cAChFzB,UAAU,EAAVA;YACJ,CAAC,CAAC,8DAAAuB,MAAA,CACmDtB,YAAY,uCACpE;YACDyB,IAAI,EAAE;cACFnC,QAAQ,EAARA,QAAQ;cACRE,YAAY,EAAZA,YAAY;cACZC,UAAU,EAAVA,UAAU;cACViC,gBAAgB,EAAEhC,cAAc,aAAdA,cAAc,gBAAAP,gBAAA,GAAdO,cAAc,CAAG,CAAC,CAAC,cAAAP,gBAAA,uBAAnBA,gBAAA,CAAqBwC,EAAE;cACzCC,gBAAgB,EAAEC,OAAO,CAAClC,aAAa,CAAC;cACxCmC,UAAU,EAAE,IAAAC,qBAAc,EAAC9C,GAAG,CAAC;cAC/B+C,gBAAgB,EAAE,IAAAD,qBAAc,EAAC9C,GAAG,CAAC,GAAG,IAAAgD,uBAAgB,EAAChD,GAAG,CAAC,CAACiD,WAAW,GAAGC,SAAS;cACrFC,sBAAsB,EAAE,IAAAC,6CAA0B,EAACpD,GAAG,CAAC;cACvDqD,eAAe,EAAET,OAAO,CAACjC,WAAW;YACxC,CAAC;YACD2C,cAAc,EAAE;cACZC,aAAa,EAAE;gBACXC,OAAO,EAAE/C;cACb,CAAC;cACDgD,MAAM,EAAE;gBACJvB,IAAI,EAAE;cACV;YACJ;UACJ,CAAC;UAAA,OAAAf,QAAA,CAAAuC,MAAA,WACM1C,GAAG;QAAA;QAAA;UAAA,OAAAG,QAAA,CAAAwC,IAAA;MAAA;IAAA,GAAA5D,OAAA;EAAA,CACb;EAAA,OAAAN,gBAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA"}
@@ -0,0 +1,26 @@
1
+ import type { Request, Response } from 'express';
2
+ export declare function isOAuthAllowed(req: Request): boolean;
3
+ export declare function getOAuthSettings(req: Request): {
4
+ baseURL: string;
5
+ authPath: string;
6
+ logoutPath: string;
7
+ tokenPath: string;
8
+ clientId: string;
9
+ clientSecret: string;
10
+ scope: string;
11
+ buttonLabel?: string | undefined;
12
+ };
13
+ export type OAuthAuthorizationTokens = {
14
+ access_token: string;
15
+ expires_in: number;
16
+ refresh_token: string;
17
+ refresh_expires_in: number;
18
+ };
19
+ export declare function isUserOAuthLogged(req: Request): boolean;
20
+ export declare function getOAuthAccessToken(req: Request, res: Response): Promise<any>;
21
+ export declare function removeOAuthCookies(res: Response): void;
22
+ export declare function saveOAuthTokensInCookies(res: Response, tokens: OAuthAuthorizationTokens): void;
23
+ export declare function getOAuthLoginPath(req: Request): string;
24
+ export declare function getOAuthLogoutPath(req: Request): string;
25
+ export declare function refreshOAuthToken(req: Request, token: string): Promise<OAuthAuthorizationTokens>;
26
+ export declare function exchangeOAuthToken(req: Request, code: string): Promise<OAuthAuthorizationTokens>;
@@ -0,0 +1,123 @@
1
+ "use strict";
2
+ var __importDefault = (this && this.__importDefault) || function (mod) {
3
+ return (mod && mod.__esModule) ? mod : { "default": mod };
4
+ };
5
+ Object.defineProperty(exports, "__esModule", { value: true });
6
+ exports.exchangeOAuthToken = exports.refreshOAuthToken = exports.getOAuthLogoutPath = exports.getOAuthLoginPath = exports.saveOAuthTokensInCookies = exports.removeOAuthCookies = exports.getOAuthAccessToken = exports.isUserOAuthLogged = exports.getOAuthSettings = exports.isOAuthAllowed = void 0;
7
+ const axios_1 = __importDefault(require("axios"));
8
+ const constants_1 = require("../../shared/constants");
9
+ function isOAuthAllowed(req) {
10
+ const config = req.ctx.config.ytOAuthSettings;
11
+ return Boolean(config &&
12
+ config.baseURL &&
13
+ config.authPath &&
14
+ config.tokenPath &&
15
+ config.clientId &&
16
+ config.clientSecret);
17
+ }
18
+ exports.isOAuthAllowed = isOAuthAllowed;
19
+ function getOAuthSettings(req) {
20
+ const config = req.ctx.config.ytOAuthSettings;
21
+ if (!config) {
22
+ throw new Error('OAuth settings is not specified');
23
+ }
24
+ return config;
25
+ }
26
+ exports.getOAuthSettings = getOAuthSettings;
27
+ function isUserOAuthLogged(req) {
28
+ return (Boolean(req.cookies[constants_1.YT_OAUTH_ACCESS_TOKEN_NAME]) ||
29
+ Boolean(req.cookies[constants_1.YT_OAUTH_REFRESH_TOKEN_NAME]));
30
+ }
31
+ exports.isUserOAuthLogged = isUserOAuthLogged;
32
+ async function getOAuthAccessToken(req, res) {
33
+ if (req.cookies[constants_1.YT_OAUTH_ACCESS_TOKEN_NAME]) {
34
+ return req.cookies[constants_1.YT_OAUTH_ACCESS_TOKEN_NAME];
35
+ }
36
+ else if (req.cookies[constants_1.YT_OAUTH_REFRESH_TOKEN_NAME]) {
37
+ const tokens = await refreshOAuthToken(req, req.cookies[constants_1.YT_OAUTH_REFRESH_TOKEN_NAME]);
38
+ saveOAuthTokensInCookies(res, tokens);
39
+ return tokens.access_token;
40
+ }
41
+ return undefined;
42
+ }
43
+ exports.getOAuthAccessToken = getOAuthAccessToken;
44
+ function removeOAuthCookies(res) {
45
+ res.clearCookie(constants_1.YT_OAUTH_ACCESS_TOKEN_NAME);
46
+ res.clearCookie(constants_1.YT_OAUTH_REFRESH_TOKEN_NAME);
47
+ }
48
+ exports.removeOAuthCookies = removeOAuthCookies;
49
+ function saveOAuthTokensInCookies(res, tokens) {
50
+ res.cookie(constants_1.YT_OAUTH_ACCESS_TOKEN_NAME, tokens.access_token, {
51
+ maxAge: tokens.expires_in * 1000,
52
+ httpOnly: true,
53
+ secure: true,
54
+ });
55
+ if (tokens.refresh_token) {
56
+ res.cookie(constants_1.YT_OAUTH_REFRESH_TOKEN_NAME, tokens.refresh_token, {
57
+ maxAge: tokens.refresh_expires_in,
58
+ httpOnly: true,
59
+ secure: true,
60
+ });
61
+ }
62
+ }
63
+ exports.saveOAuthTokensInCookies = saveOAuthTokensInCookies;
64
+ function getOAuthLoginPath(req) {
65
+ const config = getOAuthSettings(req);
66
+ const host = req.get('host');
67
+ const params = new URLSearchParams({
68
+ response_type: 'code',
69
+ client_id: config.clientId,
70
+ scope: config.scope,
71
+ redirect_uri: `https://${host}/api/oauth/callback`,
72
+ });
73
+ const url = new URL(config.authPath, config.baseURL);
74
+ url.search = params.toString();
75
+ return url.toString();
76
+ }
77
+ exports.getOAuthLoginPath = getOAuthLoginPath;
78
+ function getOAuthLogoutPath(req) {
79
+ const config = getOAuthSettings(req);
80
+ const host = req.get('host');
81
+ const params = new URLSearchParams({
82
+ post_logout_redirect_uri: `https://${host}/api/oauth/logout/callback`,
83
+ client_id: config.clientId,
84
+ });
85
+ const url = new URL(config.logoutPath, config.baseURL);
86
+ url.search = params.toString();
87
+ return url.toString();
88
+ }
89
+ exports.getOAuthLogoutPath = getOAuthLogoutPath;
90
+ async function refreshOAuthToken(req, token) {
91
+ const config = getOAuthSettings(req);
92
+ const params = new URLSearchParams({
93
+ grant_type: 'refresh_token',
94
+ client_id: config === null || config === void 0 ? void 0 : config.clientId,
95
+ refresh_token: token,
96
+ client_secret: config === null || config === void 0 ? void 0 : config.clientSecret,
97
+ });
98
+ const { data } = await axios_1.default.post(new URL(config.tokenPath, config.baseURL).toString(), params.toString(), {
99
+ headers: {
100
+ 'Content-type': 'application/x-www-form-urlencoded',
101
+ },
102
+ });
103
+ return data;
104
+ }
105
+ exports.refreshOAuthToken = refreshOAuthToken;
106
+ async function exchangeOAuthToken(req, code) {
107
+ const config = getOAuthSettings(req);
108
+ const host = req.get('host');
109
+ const params = new URLSearchParams({
110
+ grant_type: 'authorization_code',
111
+ client_id: config.clientId,
112
+ code: code,
113
+ client_secret: config.clientSecret,
114
+ redirect_uri: `https://${host}/api/oauth/callback`,
115
+ });
116
+ const { data } = await axios_1.default.post(new URL(config.tokenPath, config.baseURL).toString(), params.toString(), {
117
+ headers: {
118
+ 'Content-type': 'application/x-www-form-urlencoded',
119
+ },
120
+ });
121
+ return data;
122
+ }
123
+ exports.exchangeOAuthToken = exchangeOAuthToken;
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_axios","_interopRequireDefault","require","_constants","obj","__esModule","default","isOAuthAllowed","req","config","ctx","ytOAuthSettings","Boolean","baseURL","authPath","tokenPath","clientId","clientSecret","getOAuthSettings","Error","isUserOAuthLogged","cookies","YT_OAUTH_ACCESS_TOKEN_NAME","YT_OAUTH_REFRESH_TOKEN_NAME","getOAuthAccessToken","_x","_x2","_getOAuthAccessToken","apply","arguments","_asyncToGenerator","_regeneratorRuntime","mark","_callee","res","tokens","wrap","_callee$","_context","prev","next","abrupt","refreshOAuthToken","sent","saveOAuthTokensInCookies","access_token","undefined","stop","removeOAuthCookies","clearCookie","cookie","maxAge","expires_in","httpOnly","secure","refresh_token","refresh_expires_in","getOAuthLoginPath","host","get","params","URLSearchParams","response_type","client_id","scope","redirect_uri","concat","url","URL","search","toString","getOAuthLogoutPath","post_logout_redirect_uri","logoutPath","_x3","_x4","_refreshOAuthToken","_callee2","token","_yield$axios$post","data","_callee2$","_context2","grant_type","client_secret","axios","post","headers","exchangeOAuthToken","_x5","_x6","_exchangeOAuthToken","_callee3","code","_yield$axios$post2","_callee3$","_context3"],"sources":["oauth.ts"],"sourcesContent":["import axios from 'axios';\nimport type {Request, Response} from 'express';\nimport {YT_OAUTH_ACCESS_TOKEN_NAME, YT_OAUTH_REFRESH_TOKEN_NAME} from '../../shared/constants';\n\nexport function isOAuthAllowed(req: Request) {\n const config = req.ctx.config.ytOAuthSettings;\n return Boolean(\n config &&\n config.baseURL &&\n config.authPath &&\n config.tokenPath &&\n config.clientId &&\n config.clientSecret,\n );\n}\n\nexport function getOAuthSettings(req: Request) {\n const config = req.ctx.config.ytOAuthSettings;\n if (!config) {\n throw new Error('OAuth settings is not specified');\n }\n return config;\n}\n\n// See https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.3.3\nexport type OAuthAuthorizationTokens = {\n access_token: string;\n expires_in: number;\n refresh_token: string;\n refresh_expires_in: number;\n};\n\nexport function isUserOAuthLogged(req: Request) {\n return (\n Boolean(req.cookies[YT_OAUTH_ACCESS_TOKEN_NAME]) ||\n Boolean(req.cookies[YT_OAUTH_REFRESH_TOKEN_NAME])\n );\n}\n\nexport async function getOAuthAccessToken(req: Request, res: Response) {\n if (req.cookies[YT_OAUTH_ACCESS_TOKEN_NAME]) {\n return req.cookies[YT_OAUTH_ACCESS_TOKEN_NAME];\n } else if (req.cookies[YT_OAUTH_REFRESH_TOKEN_NAME]) {\n const tokens = await refreshOAuthToken(\n req,\n req.cookies[YT_OAUTH_REFRESH_TOKEN_NAME] as string,\n );\n saveOAuthTokensInCookies(res, tokens);\n return tokens.access_token;\n }\n return undefined;\n}\n\nexport function removeOAuthCookies(res: Response) {\n res.clearCookie(YT_OAUTH_ACCESS_TOKEN_NAME);\n res.clearCookie(YT_OAUTH_REFRESH_TOKEN_NAME);\n}\n\nexport function saveOAuthTokensInCookies(res: Response, tokens: OAuthAuthorizationTokens) {\n res.cookie(YT_OAUTH_ACCESS_TOKEN_NAME, tokens.access_token, {\n maxAge: tokens.expires_in * 1000,\n httpOnly: true,\n secure: true,\n });\n\n if (tokens.refresh_token) {\n res.cookie(YT_OAUTH_REFRESH_TOKEN_NAME, tokens.refresh_token, {\n maxAge: tokens.refresh_expires_in,\n httpOnly: true,\n secure: true,\n });\n }\n}\n\nexport function getOAuthLoginPath(req: Request) {\n const config = getOAuthSettings(req);\n const host = req.get('host');\n const params = new URLSearchParams({\n response_type: 'code',\n client_id: config.clientId,\n scope: config.scope,\n redirect_uri: `https://${host}/api/oauth/callback`,\n });\n\n const url = new URL(config.authPath, config.baseURL);\n url.search = params.toString();\n\n return url.toString();\n}\n\nexport function getOAuthLogoutPath(req: Request) {\n const config = getOAuthSettings(req);\n const host = req.get('host');\n const params = new URLSearchParams({\n post_logout_redirect_uri: `https://${host}/api/oauth/logout/callback`,\n client_id: config.clientId,\n });\n\n const url = new URL(config.logoutPath, config.baseURL);\n url.search = params.toString();\n\n return url.toString();\n}\n\nexport async function refreshOAuthToken(\n req: Request,\n token: string,\n): Promise<OAuthAuthorizationTokens> {\n const config = getOAuthSettings(req);\n const params = new URLSearchParams({\n grant_type: 'refresh_token',\n client_id: config?.clientId,\n refresh_token: token,\n client_secret: config?.clientSecret,\n });\n const {data} = await axios.post(\n new URL(config.tokenPath, config.baseURL).toString(),\n params.toString(),\n {\n headers: {\n 'Content-type': 'application/x-www-form-urlencoded',\n },\n },\n );\n return data;\n}\n\nexport async function exchangeOAuthToken(\n req: Request,\n code: string,\n): Promise<OAuthAuthorizationTokens> {\n const config = getOAuthSettings(req);\n const host = req.get('host');\n const params = new URLSearchParams({\n grant_type: 'authorization_code',\n client_id: config.clientId,\n code: code as string,\n client_secret: config.clientSecret,\n redirect_uri: `https://${host}/api/oauth/callback`,\n });\n\n const {data} = await axios.post(\n new URL(config.tokenPath, config.baseURL).toString(),\n params.toString(),\n {\n headers: {\n 'Content-type': 'application/x-www-form-urlencoded',\n },\n },\n );\n return data;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;AAAA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AAEA,IAAAC,UAAA,GAAAD,OAAA;AAA8F,SAAAD,uBAAAG,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAEvF,SAASG,cAAcA,CAACC,GAAY,EAAE;EACzC,IAAMC,MAAM,GAAGD,GAAG,CAACE,GAAG,CAACD,MAAM,CAACE,eAAe;EAC7C,OAAOC,OAAO,CACVH,MAAM,IACFA,MAAM,CAACI,OAAO,IACdJ,MAAM,CAACK,QAAQ,IACfL,MAAM,CAACM,SAAS,IAChBN,MAAM,CAACO,QAAQ,IACfP,MAAM,CAACQ,YACf,CAAC;AACL;AAEO,SAASC,gBAAgBA,CAACV,GAAY,EAAE;EAC3C,IAAMC,MAAM,GAAGD,GAAG,CAACE,GAAG,CAACD,MAAM,CAACE,eAAe;EAC7C,IAAI,CAACF,MAAM,EAAE;IACT,MAAM,IAAIU,KAAK,CAAC,iCAAiC,CAAC;EACtD;EACA,OAAOV,MAAM;AACjB;;AAEA;;AAQO,SAASW,iBAAiBA,CAACZ,GAAY,EAAE;EAC5C,OACII,OAAO,CAACJ,GAAG,CAACa,OAAO,CAACC,qCAA0B,CAAC,CAAC,IAChDV,OAAO,CAACJ,GAAG,CAACa,OAAO,CAACE,sCAA2B,CAAC,CAAC;AAEzD;AAEA,SAAsBC,mBAAmBA,CAAAC,EAAA,EAAAC,GAAA;EAAA,OAAAC,oBAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAYxC,SAAAF,qBAAA;EAAAA,oBAAA,OAAAG,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CAZM,SAAAC,QAAmCzB,GAAY,EAAE0B,GAAa;IAAA,IAAAC,MAAA;IAAA,OAAAJ,oBAAA,CAAAK,IAAA,UAAAC,SAAAC,QAAA;MAAA,kBAAAA,QAAA,CAAAC,IAAA,GAAAD,QAAA,CAAAE,IAAA;QAAA;UAAA,KAC7DhC,GAAG,CAACa,OAAO,CAACC,qCAA0B,CAAC;YAAAgB,QAAA,CAAAE,IAAA;YAAA;UAAA;UAAA,OAAAF,QAAA,CAAAG,MAAA,WAChCjC,GAAG,CAACa,OAAO,CAACC,qCAA0B,CAAC;QAAA;UAAA,KACvCd,GAAG,CAACa,OAAO,CAACE,sCAA2B,CAAC;YAAAe,QAAA,CAAAE,IAAA;YAAA;UAAA;UAAAF,QAAA,CAAAE,IAAA;UAAA,OAC1BE,iBAAiB,CAClClC,GAAG,EACHA,GAAG,CAACa,OAAO,CAACE,sCAA2B,CAC3C,CAAC;QAAA;UAHKY,MAAM,GAAAG,QAAA,CAAAK,IAAA;UAIZC,wBAAwB,CAACV,GAAG,EAAEC,MAAM,CAAC;UAAC,OAAAG,QAAA,CAAAG,MAAA,WAC/BN,MAAM,CAACU,YAAY;QAAA;UAAA,OAAAP,QAAA,CAAAG,MAAA,WAEvBK,SAAS;QAAA;QAAA;UAAA,OAAAR,QAAA,CAAAS,IAAA;MAAA;IAAA,GAAAd,OAAA;EAAA,CACnB;EAAA,OAAAN,oBAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAEM,SAASmB,kBAAkBA,CAACd,GAAa,EAAE;EAC9CA,GAAG,CAACe,WAAW,CAAC3B,qCAA0B,CAAC;EAC3CY,GAAG,CAACe,WAAW,CAAC1B,sCAA2B,CAAC;AAChD;AAEO,SAASqB,wBAAwBA,CAACV,GAAa,EAAEC,MAAgC,EAAE;EACtFD,GAAG,CAACgB,MAAM,CAAC5B,qCAA0B,EAAEa,MAAM,CAACU,YAAY,EAAE;IACxDM,MAAM,EAAEhB,MAAM,CAACiB,UAAU,GAAG,IAAI;IAChCC,QAAQ,EAAE,IAAI;IACdC,MAAM,EAAE;EACZ,CAAC,CAAC;EAEF,IAAInB,MAAM,CAACoB,aAAa,EAAE;IACtBrB,GAAG,CAACgB,MAAM,CAAC3B,sCAA2B,EAAEY,MAAM,CAACoB,aAAa,EAAE;MAC1DJ,MAAM,EAAEhB,MAAM,CAACqB,kBAAkB;MACjCH,QAAQ,EAAE,IAAI;MACdC,MAAM,EAAE;IACZ,CAAC,CAAC;EACN;AACJ;AAEO,SAASG,iBAAiBA,CAACjD,GAAY,EAAE;EAC5C,IAAMC,MAAM,GAAGS,gBAAgB,CAACV,GAAG,CAAC;EACpC,IAAMkD,IAAI,GAAGlD,GAAG,CAACmD,GAAG,CAAC,MAAM,CAAC;EAC5B,IAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IAC/BC,aAAa,EAAE,MAAM;IACrBC,SAAS,EAAEtD,MAAM,CAACO,QAAQ;IAC1BgD,KAAK,EAAEvD,MAAM,CAACuD,KAAK;IACnBC,YAAY,aAAAC,MAAA,CAAaR,IAAI;EACjC,CAAC,CAAC;EAEF,IAAMS,GAAG,GAAG,IAAIC,GAAG,CAAC3D,MAAM,CAACK,QAAQ,EAAEL,MAAM,CAACI,OAAO,CAAC;EACpDsD,GAAG,CAACE,MAAM,GAAGT,MAAM,CAACU,QAAQ,CAAC,CAAC;EAE9B,OAAOH,GAAG,CAACG,QAAQ,CAAC,CAAC;AACzB;AAEO,SAASC,kBAAkBA,CAAC/D,GAAY,EAAE;EAC7C,IAAMC,MAAM,GAAGS,gBAAgB,CAACV,GAAG,CAAC;EACpC,IAAMkD,IAAI,GAAGlD,GAAG,CAACmD,GAAG,CAAC,MAAM,CAAC;EAC5B,IAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IAC/BW,wBAAwB,aAAAN,MAAA,CAAaR,IAAI,+BAA4B;IACrEK,SAAS,EAAEtD,MAAM,CAACO;EACtB,CAAC,CAAC;EAEF,IAAMmD,GAAG,GAAG,IAAIC,GAAG,CAAC3D,MAAM,CAACgE,UAAU,EAAEhE,MAAM,CAACI,OAAO,CAAC;EACtDsD,GAAG,CAACE,MAAM,GAAGT,MAAM,CAACU,QAAQ,CAAC,CAAC;EAE9B,OAAOH,GAAG,CAACG,QAAQ,CAAC,CAAC;AACzB;AAEA,SAAsB5B,iBAAiBA,CAAAgC,GAAA,EAAAC,GAAA;EAAA,OAAAC,kBAAA,CAAAhD,KAAA,OAAAC,SAAA;AAAA;AAqBtC,SAAA+C,mBAAA;EAAAA,kBAAA,OAAA9C,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CArBM,SAAA6C,SACHrE,GAAY,EACZsE,KAAa;IAAA,IAAArE,MAAA,EAAAmD,MAAA,EAAAmB,iBAAA,EAAAC,IAAA;IAAA,OAAAjD,oBAAA,CAAAK,IAAA,UAAA6C,UAAAC,SAAA;MAAA,kBAAAA,SAAA,CAAA3C,IAAA,GAAA2C,SAAA,CAAA1C,IAAA;QAAA;UAEP/B,MAAM,GAAGS,gBAAgB,CAACV,GAAG,CAAC;UAC9BoD,MAAM,GAAG,IAAIC,eAAe,CAAC;YAC/BsB,UAAU,EAAE,eAAe;YAC3BpB,SAAS,EAAEtD,MAAM,aAANA,MAAM,uBAANA,MAAM,CAAEO,QAAQ;YAC3BuC,aAAa,EAAEuB,KAAK;YACpBM,aAAa,EAAE3E,MAAM,aAANA,MAAM,uBAANA,MAAM,CAAEQ;UAC3B,CAAC,CAAC;UAAAiE,SAAA,CAAA1C,IAAA;UAAA,OACmB6C,cAAK,CAACC,IAAI,CAC3B,IAAIlB,GAAG,CAAC3D,MAAM,CAACM,SAAS,EAAEN,MAAM,CAACI,OAAO,CAAC,CAACyD,QAAQ,CAAC,CAAC,EACpDV,MAAM,CAACU,QAAQ,CAAC,CAAC,EACjB;YACIiB,OAAO,EAAE;cACL,cAAc,EAAE;YACpB;UACJ,CACJ,CAAC;QAAA;UAAAR,iBAAA,GAAAG,SAAA,CAAAvC,IAAA;UARMqC,IAAI,GAAAD,iBAAA,CAAJC,IAAI;UAAA,OAAAE,SAAA,CAAAzC,MAAA,WASJuC,IAAI;QAAA;QAAA;UAAA,OAAAE,SAAA,CAAAnC,IAAA;MAAA;IAAA,GAAA8B,QAAA;EAAA,CACd;EAAA,OAAAD,kBAAA,CAAAhD,KAAA,OAAAC,SAAA;AAAA;AAED,SAAsB2D,kBAAkBA,CAAAC,GAAA,EAAAC,GAAA;EAAA,OAAAC,mBAAA,CAAA/D,KAAA,OAAAC,SAAA;AAAA;AAwBvC,SAAA8D,oBAAA;EAAAA,mBAAA,OAAA7D,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CAxBM,SAAA4D,SACHpF,GAAY,EACZqF,IAAY;IAAA,IAAApF,MAAA,EAAAiD,IAAA,EAAAE,MAAA,EAAAkC,kBAAA,EAAAd,IAAA;IAAA,OAAAjD,oBAAA,CAAAK,IAAA,UAAA2D,UAAAC,SAAA;MAAA,kBAAAA,SAAA,CAAAzD,IAAA,GAAAyD,SAAA,CAAAxD,IAAA;QAAA;UAEN/B,MAAM,GAAGS,gBAAgB,CAACV,GAAG,CAAC;UAC9BkD,IAAI,GAAGlD,GAAG,CAACmD,GAAG,CAAC,MAAM,CAAC;UACtBC,MAAM,GAAG,IAAIC,eAAe,CAAC;YAC/BsB,UAAU,EAAE,oBAAoB;YAChCpB,SAAS,EAAEtD,MAAM,CAACO,QAAQ;YAC1B6E,IAAI,EAAEA,IAAc;YACpBT,aAAa,EAAE3E,MAAM,CAACQ,YAAY;YAClCgD,YAAY,aAAAC,MAAA,CAAaR,IAAI;UACjC,CAAC,CAAC;UAAAsC,SAAA,CAAAxD,IAAA;UAAA,OAEmB6C,cAAK,CAACC,IAAI,CAC3B,IAAIlB,GAAG,CAAC3D,MAAM,CAACM,SAAS,EAAEN,MAAM,CAACI,OAAO,CAAC,CAACyD,QAAQ,CAAC,CAAC,EACpDV,MAAM,CAACU,QAAQ,CAAC,CAAC,EACjB;YACIiB,OAAO,EAAE;cACL,cAAc,EAAE;YACpB;UACJ,CACJ,CAAC;QAAA;UAAAO,kBAAA,GAAAE,SAAA,CAAArD,IAAA;UARMqC,IAAI,GAAAc,kBAAA,CAAJd,IAAI;UAAA,OAAAgB,SAAA,CAAAvD,MAAA,WASJuC,IAAI;QAAA;QAAA;UAAA,OAAAgB,SAAA,CAAAjD,IAAA;MAAA;IAAA,GAAA6C,QAAA;EAAA,CACd;EAAA,OAAAD,mBAAA,CAAA/D,KAAA,OAAAC,SAAA;AAAA"}
@@ -0,0 +1,6 @@
1
+ import { AppConfig } from '@gravity-ui/nodekit';
2
+ import type { Response } from 'express';
3
+ export declare function isYtAuthEnabled(config: AppConfig): boolean;
4
+ export declare function assertAuthEnabled(ytAuthCluster?: string): asserts ytAuthCluster is string;
5
+ export declare function getAuthCluster(config: AppConfig): string;
6
+ export declare function YTAuthLogout(res: Response): void;
@@ -0,0 +1,23 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.YTAuthLogout = exports.getAuthCluster = exports.assertAuthEnabled = exports.isYtAuthEnabled = void 0;
4
+ const constants_1 = require("../../shared/constants");
5
+ function isYtAuthEnabled(config) {
6
+ return Boolean(config.ytAuthCluster);
7
+ }
8
+ exports.isYtAuthEnabled = isYtAuthEnabled;
9
+ function assertAuthEnabled(ytAuthCluster) {
10
+ if (!ytAuthCluster) {
11
+ throw new Error('Cluster for password authentication is disabled. You have to define ytAuthCluster to use it.');
12
+ }
13
+ }
14
+ exports.assertAuthEnabled = assertAuthEnabled;
15
+ function getAuthCluster(config) {
16
+ assertAuthEnabled(config.ytAuthCluster);
17
+ return config.ytAuthCluster;
18
+ }
19
+ exports.getAuthCluster = getAuthCluster;
20
+ function YTAuthLogout(res) {
21
+ res.setHeader('set-cookie', `${constants_1.YT_CYPRESS_COOKIE_NAME}=deleted; Path=/; Max-Age=0;`);
22
+ }
23
+ exports.YTAuthLogout = YTAuthLogout;
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_constants","require","isYtAuthEnabled","config","Boolean","ytAuthCluster","assertAuthEnabled","Error","getAuthCluster","YTAuthLogout","res","setHeader","concat","YT_CYPRESS_COOKIE_NAME"],"sources":["yt-auth.ts"],"sourcesContent":["import {AppConfig} from '@gravity-ui/nodekit';\nimport type {Response} from 'express';\nimport {YT_CYPRESS_COOKIE_NAME} from '../../shared/constants';\n\nexport function isYtAuthEnabled(config: AppConfig) {\n return Boolean(config.ytAuthCluster);\n}\n\nexport function assertAuthEnabled(ytAuthCluster?: string): asserts ytAuthCluster is string {\n if (!ytAuthCluster) {\n throw new Error(\n 'Cluster for password authentication is disabled. You have to define ytAuthCluster to use it.',\n );\n }\n}\n\nexport function getAuthCluster(config: AppConfig) {\n assertAuthEnabled(config.ytAuthCluster);\n return config.ytAuthCluster;\n}\n\nexport function YTAuthLogout(res: Response) {\n res.setHeader('set-cookie', `${YT_CYPRESS_COOKIE_NAME}=deleted; Path=/; Max-Age=0;`);\n}\n"],"mappings":";;;;;;;;;AAEA,IAAAA,UAAA,GAAAC,OAAA;AAEO,SAASC,eAAeA,CAACC,MAAiB,EAAE;EAC/C,OAAOC,OAAO,CAACD,MAAM,CAACE,aAAa,CAAC;AACxC;AAEO,SAASC,iBAAiBA,CAACD,aAAsB,EAAmC;EACvF,IAAI,CAACA,aAAa,EAAE;IAChB,MAAM,IAAIE,KAAK,CACX,8FACJ,CAAC;EACL;AACJ;AAEO,SAASC,cAAcA,CAACL,MAAiB,EAAE;EAC9CG,iBAAiB,CAACH,MAAM,CAACE,aAAa,CAAC;EACvC,OAAOF,MAAM,CAACE,aAAa;AAC/B;AAEO,SAASI,YAAYA,CAACC,GAAa,EAAE;EACxCA,GAAG,CAACC,SAAS,CAAC,YAAY,KAAAC,MAAA,CAAKC,iCAAsB,iCAA8B,CAAC;AACxF"}
@@ -1,4 +1,3 @@
1
1
  import type { Request, Response } from 'express';
2
2
  export declare function handleLogin(req: Request, res: Response): Promise<void>;
3
- export declare function handleLogout(req: Request, res: Response): Promise<void>;
4
3
  export declare function handleChangePassword(req: Request, res: Response): Promise<void>;
@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
3
3
  return (mod && mod.__esModule) ? mod : { "default": mod };
4
4
  };
5
5
  Object.defineProperty(exports, "__esModule", { value: true });
6
- exports.handleChangePassword = exports.handleLogout = exports.handleLogin = void 0;
6
+ exports.handleChangePassword = exports.handleLogin = void 0;
7
7
  const axios_1 = __importDefault(require("axios"));
8
8
  const lodash_1 = __importDefault(require("lodash"));
9
9
  const constants_1 = require("../../shared/constants");
@@ -13,16 +13,11 @@ const crypto_1 = __importDefault(require("crypto"));
13
13
  // @ts-ignore
14
14
  const javascript_wrapper_1 = __importDefault(require("@ytsaurus/javascript-wrapper"));
15
15
  const cluster_queries_1 = require("../components/cluster-queries");
16
+ const yt_auth_1 = require("../components/yt-auth");
16
17
  const yt = (0, javascript_wrapper_1.default)();
17
- function throwAuthDisabled() {
18
- throw new Error('Cluster for password authentication is disabled. You have to define ytAuthCluster to use it.');
19
- }
20
18
  async function handleLogin(req, res) {
21
19
  try {
22
- const { ytAuthCluster } = req.ctx.config;
23
- if (!ytAuthCluster) {
24
- return throwAuthDisabled();
25
- }
20
+ const ytAuthCluster = (0, yt_auth_1.getAuthCluster)(req.ctx.config);
26
21
  const { username, password } = JSON.parse(req.body) || {};
27
22
  if (!username || !password) {
28
23
  throw new Error('Username and password must not be empty');
@@ -72,26 +67,9 @@ function removeSecureFlagIfOriginInsecure(req, headers) {
72
67
  return acc;
73
68
  }, {});
74
69
  }
75
- async function handleLogout(req, res) {
76
- try {
77
- const { ytAuthCluster } = req.ctx.config;
78
- if (!ytAuthCluster) {
79
- return throwAuthDisabled();
80
- }
81
- res.setHeader('set-cookie', `${constants_1.YT_CYPRESS_COOKIE_NAME}=deleted; Path=/; Max-Age=0;`);
82
- res.sendStatus(401).send('Logout');
83
- }
84
- catch (e) {
85
- (0, utils_1.sendAndLogError)(req.ctx, res, 500, e);
86
- }
87
- }
88
- exports.handleLogout = handleLogout;
89
70
  async function handleChangePassword(req, res) {
90
71
  try {
91
- const { ytAuthCluster } = req.ctx.config;
92
- if (!ytAuthCluster) {
93
- return throwAuthDisabled();
94
- }
72
+ const ytAuthCluster = (0, yt_auth_1.getAuthCluster)(req.ctx.config);
95
73
  const { newPassword, currentPassword } = JSON.parse(req.body) || {};
96
74
  if (!newPassword || !currentPassword) {
97
75
  throw new Error('New and current password must not be empty');
@@ -1 +1 @@
1
- {"version":3,"names":["_axios","_interopRequireDefault","require","_constants","_requestsSetup","_utils","_crypto","_javascriptWrapper","_clusterQueries","obj","__esModule","default","yt","ytLib","throwAuthDisabled","Error","handleLogin","_x","_x2","_handleLogin","apply","arguments","_asyncToGenerator","_regeneratorRuntime","mark","_callee2","req","res","ytAuthCluster","_ref","username","password","_getYTApiClusterSetup","proxyBaseUrl","requestUrl","basicAuth","wrap","_callee2$","_context2","prev","next","ctx","config","abrupt","JSON","parse","body","getYTApiClusterSetup","concat","Buffer","from","toString","axios","request","url","method","headers","_objectSpread","getMetadata","Authorization","timeout","responseType","then","_ref2","_callee","response","pipedSize","_callee$","_context","pipeAxiosResponse","undefined","removeSecureFlagIfOriginInsecure","sent","UNEXPECTED_PIPE_AXIOS_RESPONSE","stop","_x7","t0","sendAndLogError","ytAuthAllowInsecure","origin","startsWith","_reduce","acc","v","k","tmp","_map","item","YT_CYPRESS_COOKIE_NAME","replace","handleLogout","_x3","_x4","_handleLogout","_callee3","_callee3$","_context3","setHeader","sendStatus","send","handleChangePassword","_x5","_x6","_handleChangePassword","_callee4","_ref3","newPassword","currentPassword","new_password_sha256","current_password_sha256","cfg","_cfg","setup","_yield$getXSRFToken","login","csrf_token","_callee4$","_context4","crypto","createHash","update","digest","getUserYTApiSetup","getXSRFToken","createOption","v4","setUserPassword","parameters","user","result","status","err","t1"],"sources":["login.ts"],"sourcesContent":["import type {Request, Response} from 'express';\nimport axios from 'axios';\nimport _ from 'lodash';\nimport {YT_CYPRESS_COOKIE_NAME} from '../../shared/constants';\nimport {getUserYTApiSetup, getYTApiClusterSetup} from '../components/requestsSetup';\nimport {UNEXPECTED_PIPE_AXIOS_RESPONSE, pipeAxiosResponse, sendAndLogError} from '../utils';\nimport crypto from 'crypto';\n\n// @ts-ignore\nimport ytLib from '@ytsaurus/javascript-wrapper';\nimport {getXSRFToken} from '../components/cluster-queries';\n\nconst yt = ytLib();\n\nfunction throwAuthDisabled() {\n throw new Error(\n 'Cluster for password authentication is disabled. You have to define ytAuthCluster to use it.',\n );\n}\n\nexport async function handleLogin(req: Request, res: Response) {\n try {\n const {ytAuthCluster} = req.ctx.config;\n if (!ytAuthCluster) {\n return throwAuthDisabled();\n }\n\n const {username, password} = JSON.parse(req.body) || {};\n if (!username || !password) {\n throw new Error('Username and password must not be empty');\n }\n\n const {proxyBaseUrl} = getYTApiClusterSetup(ytAuthCluster);\n const requestUrl = `${proxyBaseUrl}/login`;\n\n const basicAuth = Buffer.from(`${username}:${password}`).toString('base64');\n\n await axios\n .request({\n url: requestUrl,\n method: req.method as any,\n headers: {...req.ctx.getMetadata(), Authorization: `Basic ${basicAuth}`},\n timeout: 10000,\n responseType: 'stream',\n })\n .then(async (response) => {\n const pipedSize = await pipeAxiosResponse(\n req.ctx,\n res,\n response,\n undefined,\n (headers) => removeSecureFlagIfOriginInsecure(req, headers),\n );\n if (!pipedSize) {\n throw new Error(UNEXPECTED_PIPE_AXIOS_RESPONSE);\n }\n });\n } catch (e: any) {\n sendAndLogError(req.ctx, res, 500, e);\n }\n}\n\nfunction removeSecureFlagIfOriginInsecure(\n req: Request,\n headers: Record<string, string | Array<string>>,\n) {\n const {ytAuthAllowInsecure} = req.ctx.config;\n const {origin} = req.headers;\n\n if (!ytAuthAllowInsecure || 'string' !== typeof origin || !origin.startsWith('http://')) {\n return headers;\n }\n\n return _.reduce(\n headers,\n (acc, v, k) => {\n if (k !== 'set-cookie') {\n acc[k] = v;\n } else {\n const tmp = _.map(v as Array<string>, (item) => {\n if (item.startsWith(YT_CYPRESS_COOKIE_NAME)) {\n return item.replace(/\\s*Secure;/, '');\n }\n return item;\n });\n acc[k] = tmp;\n }\n return acc;\n },\n {} as typeof headers,\n );\n}\n\nexport async function handleLogout(req: Request, res: Response) {\n try {\n const {ytAuthCluster} = req.ctx.config;\n if (!ytAuthCluster) {\n return throwAuthDisabled();\n }\n res.setHeader('set-cookie', `${YT_CYPRESS_COOKIE_NAME}=deleted; Path=/; Max-Age=0;`);\n res.sendStatus(401).send('Logout');\n } catch (e: any) {\n sendAndLogError(req.ctx, res, 500, e);\n }\n}\n\nexport async function handleChangePassword(req: Request, res: Response) {\n try {\n const {ytAuthCluster} = req.ctx.config;\n if (!ytAuthCluster) {\n return throwAuthDisabled();\n }\n\n const {newPassword, currentPassword} = JSON.parse(req.body) || {};\n if (!newPassword || !currentPassword) {\n throw new Error('New and current password must not be empty');\n }\n\n const new_password_sha256 = crypto.createHash('sha256').update(newPassword).digest('hex');\n const current_password_sha256 = crypto\n .createHash('sha256')\n .update(currentPassword)\n .digest('hex');\n\n let cfg;\n try {\n cfg = getUserYTApiSetup(ytAuthCluster, req);\n } catch (e: any) {\n sendAndLogError(req.ctx, res, 400, e);\n return;\n }\n\n const {setup} = cfg;\n const {login, csrf_token} = await getXSRFToken(req, cfg);\n\n yt.setup.createOption('requestHeaders', 'object', {\n 'X-Csrf-Token': csrf_token,\n });\n\n await yt.v4\n .setUserPassword({\n setup,\n parameters: {user: login, new_password_sha256, current_password_sha256},\n })\n .then((result: unknown) => {\n res.status(200).send({result});\n })\n .catch((err: any) => {\n sendAndLogError(req.ctx, res, 500, err);\n });\n } catch (e: any) {\n sendAndLogError(req.ctx, res, 500, e);\n }\n}\n"],"mappings":";;;;;;;;;;;;;AACA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AAEA,IAAAC,UAAA,GAAAD,OAAA;AACA,IAAAE,cAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AACA,IAAAI,OAAA,GAAAL,sBAAA,CAAAC,OAAA;AAGA,IAAAK,kBAAA,GAAAN,sBAAA,CAAAC,OAAA;AACA,IAAAM,eAAA,GAAAN,OAAA;AAA0D,SAAAD,uBAAAQ,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAF1D;;AAIA,IAAMG,EAAE,GAAG,IAAAC,0BAAK,EAAC,CAAC;AAElB,SAASC,iBAAiBA,CAAA,EAAG;EACzB,MAAM,IAAIC,KAAK,CACX,8FACJ,CAAC;AACL;AAEA,SAAsBC,WAAWA,CAAAC,EAAA,EAAAC,GAAA;EAAA,OAAAC,YAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAwChC,SAAAF,aAAA;EAAAA,YAAA,OAAAG,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CAxCM,SAAAC,SAA2BC,GAAY,EAAEC,GAAa;IAAA,IAAAC,aAAA,EAAAC,IAAA,EAAAC,QAAA,EAAAC,QAAA,EAAAC,qBAAA,EAAAC,YAAA,EAAAC,UAAA,EAAAC,SAAA;IAAA,OAAAZ,oBAAA,CAAAa,IAAA,UAAAC,UAAAC,SAAA;MAAA,kBAAAA,SAAA,CAAAC,IAAA,GAAAD,SAAA,CAAAE,IAAA;QAAA;UAAAF,SAAA,CAAAC,IAAA;UAE9CX,aAAa,GAAIF,GAAG,CAACe,GAAG,CAACC,MAAM,CAA/Bd,aAAa;UAAA,IACfA,aAAa;YAAAU,SAAA,CAAAE,IAAA;YAAA;UAAA;UAAA,OAAAF,SAAA,CAAAK,MAAA,WACP7B,iBAAiB,CAAC,CAAC;QAAA;UAAAe,IAAA,GAGDe,IAAI,CAACC,KAAK,CAACnB,GAAG,CAACoB,IAAI,CAAC,IAAI,CAAC,CAAC,EAAhDhB,QAAQ,GAAAD,IAAA,CAARC,QAAQ,EAAEC,QAAQ,GAAAF,IAAA,CAARE,QAAQ;UAAA,MACrB,CAACD,QAAQ,IAAI,CAACC,QAAQ;YAAAO,SAAA,CAAAE,IAAA;YAAA;UAAA;UAAA,MAChB,IAAIzB,KAAK,CAAC,yCAAyC,CAAC;QAAA;UAAAiB,qBAAA,GAGvC,IAAAe,mCAAoB,EAACnB,aAAa,CAAC,EAAnDK,YAAY,GAAAD,qBAAA,CAAZC,YAAY;UACbC,UAAU,MAAAc,MAAA,CAAMf,YAAY;UAE5BE,SAAS,GAAGc,MAAM,CAACC,IAAI,IAAAF,MAAA,CAAIlB,QAAQ,OAAAkB,MAAA,CAAIjB,QAAQ,CAAE,CAAC,CAACoB,QAAQ,CAAC,QAAQ,CAAC;UAAAb,SAAA,CAAAE,IAAA;UAAA,OAErEY,cAAK,CACNC,OAAO,CAAC;YACLC,GAAG,EAAEpB,UAAU;YACfqB,MAAM,EAAE7B,GAAG,CAAC6B,MAAa;YACzBC,OAAO,MAAAC,sBAAA,MAAAA,sBAAA,MAAM/B,GAAG,CAACe,GAAG,CAACiB,WAAW,CAAC,CAAC;cAAEC,aAAa,WAAAX,MAAA,CAAWb,SAAS;YAAE,EAAC;YACxEyB,OAAO,EAAE,KAAK;YACdC,YAAY,EAAE;UAClB,CAAC,CAAC,CACDC,IAAI;YAAA,IAAAC,KAAA,OAAAzC,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CAAC,SAAAwC,QAAOC,QAAQ;cAAA,IAAAC,SAAA;cAAA,OAAA3C,oBAAA,CAAAa,IAAA,UAAA+B,SAAAC,QAAA;gBAAA,kBAAAA,QAAA,CAAA7B,IAAA,GAAA6B,QAAA,CAAA5B,IAAA;kBAAA;oBAAA4B,QAAA,CAAA5B,IAAA;oBAAA,OACO,IAAA6B,wBAAiB,EACrC3C,GAAG,CAACe,GAAG,EACPd,GAAG,EACHsC,QAAQ,EACRK,SAAS,EACT,UAACd,OAAO;sBAAA,OAAKe,gCAAgC,CAAC7C,GAAG,EAAE8B,OAAO,CAAC;oBAAA,CAC/D,CAAC;kBAAA;oBANKU,SAAS,GAAAE,QAAA,CAAAI,IAAA;oBAAA,IAOVN,SAAS;sBAAAE,QAAA,CAAA5B,IAAA;sBAAA;oBAAA;oBAAA,MACJ,IAAIzB,KAAK,CAAC0D,qCAA8B,CAAC;kBAAA;kBAAA;oBAAA,OAAAL,QAAA,CAAAM,IAAA;gBAAA;cAAA,GAAAV,OAAA;YAAA,CAEtD;YAAA,iBAAAW,GAAA;cAAA,OAAAZ,KAAA,CAAA3C,KAAA,OAAAC,SAAA;YAAA;UAAA,IAAC;QAAA;UAAAiB,SAAA,CAAAE,IAAA;UAAA;QAAA;UAAAF,SAAA,CAAAC,IAAA;UAAAD,SAAA,CAAAsC,EAAA,GAAAtC,SAAA;UAEN,IAAAuC,sBAAe,EAACnD,GAAG,CAACe,GAAG,EAAEd,GAAG,EAAE,GAAG,EAAAW,SAAA,CAAAsC,EAAG,CAAC;QAAC;QAAA;UAAA,OAAAtC,SAAA,CAAAoC,IAAA;MAAA;IAAA,GAAAjD,QAAA;EAAA,CAE7C;EAAA,OAAAN,YAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAED,SAASkD,gCAAgCA,CACrC7C,GAAY,EACZ8B,OAA+C,EACjD;EACE,IAAOsB,mBAAmB,GAAIpD,GAAG,CAACe,GAAG,CAACC,MAAM,CAArCoC,mBAAmB;EAC1B,IAAOC,MAAM,GAAIrD,GAAG,CAAC8B,OAAO,CAArBuB,MAAM;EAEb,IAAI,CAACD,mBAAmB,IAAI,QAAQ,KAAK,OAAOC,MAAM,IAAI,CAACA,MAAM,CAACC,UAAU,CAAC,SAAS,CAAC,EAAE;IACrF,OAAOxB,OAAO;EAClB;EAEA,OAAO,IAAAyB,gBAAA,EACHzB,OAAO,EACP,UAAC0B,GAAG,EAAEC,CAAC,EAAEC,CAAC,EAAK;IACX,IAAIA,CAAC,KAAK,YAAY,EAAE;MACpBF,GAAG,CAACE,CAAC,CAAC,GAAGD,CAAC;IACd,CAAC,MAAM;MACH,IAAME,GAAG,GAAG,IAAAC,aAAA,EAAMH,CAAC,EAAmB,UAACI,IAAI,EAAK;QAC5C,IAAIA,IAAI,CAACP,UAAU,CAACQ,iCAAsB,CAAC,EAAE;UACzC,OAAOD,IAAI,CAACE,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC;QACzC;QACA,OAAOF,IAAI;MACf,CAAC,CAAC;MACFL,GAAG,CAACE,CAAC,CAAC,GAAGC,GAAG;IAChB;IACA,OAAOH,GAAG;EACd,CAAC,EACD,CAAC,CACL,CAAC;AACL;AAEA,SAAsBQ,YAAYA,CAAAC,GAAA,EAAAC,GAAA;EAAA,OAAAC,aAAA,CAAAzE,KAAA,OAAAC,SAAA;AAAA;AAWjC,SAAAwE,cAAA;EAAAA,aAAA,OAAAvE,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CAXM,SAAAsE,SAA4BpE,GAAY,EAAEC,GAAa;IAAA,IAAAC,aAAA;IAAA,OAAAL,oBAAA,CAAAa,IAAA,UAAA2D,UAAAC,SAAA;MAAA,kBAAAA,SAAA,CAAAzD,IAAA,GAAAyD,SAAA,CAAAxD,IAAA;QAAA;UAAAwD,SAAA,CAAAzD,IAAA;UAE/CX,aAAa,GAAIF,GAAG,CAACe,GAAG,CAACC,MAAM,CAA/Bd,aAAa;UAAA,IACfA,aAAa;YAAAoE,SAAA,CAAAxD,IAAA;YAAA;UAAA;UAAA,OAAAwD,SAAA,CAAArD,MAAA,WACP7B,iBAAiB,CAAC,CAAC;QAAA;UAE9Ba,GAAG,CAACsE,SAAS,CAAC,YAAY,KAAAjD,MAAA,CAAKwC,iCAAsB,iCAA8B,CAAC;UACpF7D,GAAG,CAACuE,UAAU,CAAC,GAAG,CAAC,CAACC,IAAI,CAAC,QAAQ,CAAC;UAACH,SAAA,CAAAxD,IAAA;UAAA;QAAA;UAAAwD,SAAA,CAAAzD,IAAA;UAAAyD,SAAA,CAAApB,EAAA,GAAAoB,SAAA;UAEnC,IAAAnB,sBAAe,EAACnD,GAAG,CAACe,GAAG,EAAEd,GAAG,EAAE,GAAG,EAAAqE,SAAA,CAAApB,EAAG,CAAC;QAAC;QAAA;UAAA,OAAAoB,SAAA,CAAAtB,IAAA;MAAA;IAAA,GAAAoB,QAAA;EAAA,CAE7C;EAAA,OAAAD,aAAA,CAAAzE,KAAA,OAAAC,SAAA;AAAA;AAED,SAAsB+E,oBAAoBA,CAAAC,GAAA,EAAAC,GAAA;EAAA,OAAAC,qBAAA,CAAAnF,KAAA,OAAAC,SAAA;AAAA;AA+CzC,SAAAkF,sBAAA;EAAAA,qBAAA,OAAAjF,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CA/CM,SAAAgF,SAAoC9E,GAAY,EAAEC,GAAa;IAAA,IAAAC,aAAA,EAAA6E,KAAA,EAAAC,WAAA,EAAAC,eAAA,EAAAC,mBAAA,EAAAC,uBAAA,EAAAC,GAAA,EAAAC,IAAA,EAAAC,KAAA,EAAAC,mBAAA,EAAAC,KAAA,EAAAC,UAAA;IAAA,OAAA5F,oBAAA,CAAAa,IAAA,UAAAgF,UAAAC,SAAA;MAAA,kBAAAA,SAAA,CAAA9E,IAAA,GAAA8E,SAAA,CAAA7E,IAAA;QAAA;UAAA6E,SAAA,CAAA9E,IAAA;UAEvDX,aAAa,GAAIF,GAAG,CAACe,GAAG,CAACC,MAAM,CAA/Bd,aAAa;UAAA,IACfA,aAAa;YAAAyF,SAAA,CAAA7E,IAAA;YAAA;UAAA;UAAA,OAAA6E,SAAA,CAAA1E,MAAA,WACP7B,iBAAiB,CAAC,CAAC;QAAA;UAAA2F,KAAA,GAGS7D,IAAI,CAACC,KAAK,CAACnB,GAAG,CAACoB,IAAI,CAAC,IAAI,CAAC,CAAC,EAA1D4D,WAAW,GAAAD,KAAA,CAAXC,WAAW,EAAEC,eAAe,GAAAF,KAAA,CAAfE,eAAe;UAAA,MAC/B,CAACD,WAAW,IAAI,CAACC,eAAe;YAAAU,SAAA,CAAA7E,IAAA;YAAA;UAAA;UAAA,MAC1B,IAAIzB,KAAK,CAAC,4CAA4C,CAAC;QAAA;UAG3D6F,mBAAmB,GAAGU,eAAM,CAACC,UAAU,CAAC,QAAQ,CAAC,CAACC,MAAM,CAACd,WAAW,CAAC,CAACe,MAAM,CAAC,KAAK,CAAC;UACnFZ,uBAAuB,GAAGS,eAAM,CACjCC,UAAU,CAAC,QAAQ,CAAC,CACpBC,MAAM,CAACb,eAAe,CAAC,CACvBc,MAAM,CAAC,KAAK,CAAC;UAAAJ,SAAA,CAAA9E,IAAA;UAIduE,GAAG,GAAG,IAAAY,gCAAiB,EAAC9F,aAAa,EAAEF,GAAG,CAAC;UAAC2F,SAAA,CAAA7E,IAAA;UAAA;QAAA;UAAA6E,SAAA,CAAA9E,IAAA;UAAA8E,SAAA,CAAAzC,EAAA,GAAAyC,SAAA;UAE5C,IAAAxC,sBAAe,EAACnD,GAAG,CAACe,GAAG,EAAEd,GAAG,EAAE,GAAG,EAAA0F,SAAA,CAAAzC,EAAG,CAAC;UAAC,OAAAyC,SAAA,CAAA1E,MAAA;QAAA;UAAAoE,IAAA,GAI1BD,GAAG,EAAZE,KAAK,GAAAD,IAAA,CAALC,KAAK;UAAAK,SAAA,CAAA7E,IAAA;UAAA,OACsB,IAAAmF,4BAAY,EAACjG,GAAG,EAAEoF,GAAG,CAAC;QAAA;UAAAG,mBAAA,GAAAI,SAAA,CAAA7C,IAAA;UAAjD0C,KAAK,GAAAD,mBAAA,CAALC,KAAK;UAAEC,UAAU,GAAAF,mBAAA,CAAVE,UAAU;UAExBvG,EAAE,CAACoG,KAAK,CAACY,YAAY,CAAC,gBAAgB,EAAE,QAAQ,EAAE;YAC9C,cAAc,EAAET;UACpB,CAAC,CAAC;UAACE,SAAA,CAAA7E,IAAA;UAAA,OAEG5B,EAAE,CAACiH,EAAE,CACNC,eAAe,CAAC;YACbd,KAAK,EAALA,KAAK;YACLe,UAAU,EAAE;cAACC,IAAI,EAAEd,KAAK;cAAEN,mBAAmB,EAAnBA,mBAAmB;cAAEC,uBAAuB,EAAvBA;YAAuB;UAC1E,CAAC,CAAC,CACD/C,IAAI,CAAC,UAACmE,MAAe,EAAK;YACvBtG,GAAG,CAACuG,MAAM,CAAC,GAAG,CAAC,CAAC/B,IAAI,CAAC;cAAC8B,MAAM,EAANA;YAAM,CAAC,CAAC;UAClC,CAAC,CAAC,SACI,CAAC,UAACE,GAAQ,EAAK;YACjB,IAAAtD,sBAAe,EAACnD,GAAG,CAACe,GAAG,EAAEd,GAAG,EAAE,GAAG,EAAEwG,GAAG,CAAC;UAC3C,CAAC,CAAC;QAAA;UAAAd,SAAA,CAAA7E,IAAA;UAAA;QAAA;UAAA6E,SAAA,CAAA9E,IAAA;UAAA8E,SAAA,CAAAe,EAAA,GAAAf,SAAA;UAEN,IAAAxC,sBAAe,EAACnD,GAAG,CAACe,GAAG,EAAEd,GAAG,EAAE,GAAG,EAAA0F,SAAA,CAAAe,EAAG,CAAC;QAAC;QAAA;UAAA,OAAAf,SAAA,CAAA3C,IAAA;MAAA;IAAA,GAAA8B,QAAA;EAAA,CAE7C;EAAA,OAAAD,qBAAA,CAAAnF,KAAA,OAAAC,SAAA;AAAA"}
1
+ {"version":3,"names":["_axios","_interopRequireDefault","require","_constants","_requestsSetup","_utils","_crypto","_javascriptWrapper","_clusterQueries","_ytAuth","obj","__esModule","default","yt","ytLib","handleLogin","_x","_x2","_handleLogin","apply","arguments","_asyncToGenerator","_regeneratorRuntime","mark","_callee2","req","res","ytAuthCluster","_ref","username","password","_getYTApiClusterSetup","proxyBaseUrl","requestUrl","basicAuth","wrap","_callee2$","_context2","prev","next","getAuthCluster","ctx","config","JSON","parse","body","Error","getYTApiClusterSetup","concat","Buffer","from","toString","axios","request","url","method","headers","_objectSpread","getMetadata","Authorization","timeout","responseType","then","_ref2","_callee","response","pipedSize","_callee$","_context","pipeAxiosResponse","undefined","removeSecureFlagIfOriginInsecure","sent","UNEXPECTED_PIPE_AXIOS_RESPONSE","stop","_x5","t0","sendAndLogError","ytAuthAllowInsecure","origin","startsWith","_reduce","acc","v","k","tmp","_map","item","YT_CYPRESS_COOKIE_NAME","replace","handleChangePassword","_x3","_x4","_handleChangePassword","_callee3","_ref3","newPassword","currentPassword","new_password_sha256","current_password_sha256","cfg","_cfg","setup","_yield$getXSRFToken","login","csrf_token","_callee3$","_context3","crypto","createHash","update","digest","getUserYTApiSetup","abrupt","getXSRFToken","createOption","v4","setUserPassword","parameters","user","result","status","send","err","t1"],"sources":["login.ts"],"sourcesContent":["import type {Request, Response} from 'express';\nimport axios from 'axios';\nimport _ from 'lodash';\nimport {YT_CYPRESS_COOKIE_NAME} from '../../shared/constants';\nimport {getUserYTApiSetup, getYTApiClusterSetup} from '../components/requestsSetup';\nimport {UNEXPECTED_PIPE_AXIOS_RESPONSE, pipeAxiosResponse, sendAndLogError} from '../utils';\nimport crypto from 'crypto';\n\n// @ts-ignore\nimport ytLib from '@ytsaurus/javascript-wrapper';\nimport {getXSRFToken} from '../components/cluster-queries';\nimport {getAuthCluster} from '../components/yt-auth';\n\nconst yt = ytLib();\n\nexport async function handleLogin(req: Request, res: Response) {\n try {\n const ytAuthCluster = getAuthCluster(req.ctx.config);\n\n const {username, password} = JSON.parse(req.body) || {};\n if (!username || !password) {\n throw new Error('Username and password must not be empty');\n }\n\n const {proxyBaseUrl} = getYTApiClusterSetup(ytAuthCluster);\n const requestUrl = `${proxyBaseUrl}/login`;\n\n const basicAuth = Buffer.from(`${username}:${password}`).toString('base64');\n\n await axios\n .request({\n url: requestUrl,\n method: req.method as any,\n headers: {...req.ctx.getMetadata(), Authorization: `Basic ${basicAuth}`},\n timeout: 10000,\n responseType: 'stream',\n })\n .then(async (response) => {\n const pipedSize = await pipeAxiosResponse(\n req.ctx,\n res,\n response,\n undefined,\n (headers) => removeSecureFlagIfOriginInsecure(req, headers),\n );\n if (!pipedSize) {\n throw new Error(UNEXPECTED_PIPE_AXIOS_RESPONSE);\n }\n });\n } catch (e: any) {\n sendAndLogError(req.ctx, res, 500, e);\n }\n}\n\nfunction removeSecureFlagIfOriginInsecure(\n req: Request,\n headers: Record<string, string | Array<string>>,\n) {\n const {ytAuthAllowInsecure} = req.ctx.config;\n const {origin} = req.headers;\n\n if (!ytAuthAllowInsecure || 'string' !== typeof origin || !origin.startsWith('http://')) {\n return headers;\n }\n\n return _.reduce(\n headers,\n (acc, v, k) => {\n if (k !== 'set-cookie') {\n acc[k] = v;\n } else {\n const tmp = _.map(v as Array<string>, (item) => {\n if (item.startsWith(YT_CYPRESS_COOKIE_NAME)) {\n return item.replace(/\\s*Secure;/, '');\n }\n return item;\n });\n acc[k] = tmp;\n }\n return acc;\n },\n {} as typeof headers,\n );\n}\n\nexport async function handleChangePassword(req: Request, res: Response) {\n try {\n const ytAuthCluster = getAuthCluster(req.ctx.config);\n\n const {newPassword, currentPassword} = JSON.parse(req.body) || {};\n if (!newPassword || !currentPassword) {\n throw new Error('New and current password must not be empty');\n }\n\n const new_password_sha256 = crypto.createHash('sha256').update(newPassword).digest('hex');\n const current_password_sha256 = crypto\n .createHash('sha256')\n .update(currentPassword)\n .digest('hex');\n\n let cfg;\n try {\n cfg = getUserYTApiSetup(ytAuthCluster, req);\n } catch (e: any) {\n sendAndLogError(req.ctx, res, 400, e);\n return;\n }\n\n const {setup} = cfg;\n const {login, csrf_token} = await getXSRFToken(req, cfg);\n\n yt.setup.createOption('requestHeaders', 'object', {\n 'X-Csrf-Token': csrf_token,\n });\n\n await yt.v4\n .setUserPassword({\n setup,\n parameters: {user: login, new_password_sha256, current_password_sha256},\n })\n .then((result: unknown) => {\n res.status(200).send({result});\n })\n .catch((err: any) => {\n sendAndLogError(req.ctx, res, 500, err);\n });\n } catch (e: any) {\n sendAndLogError(req.ctx, res, 500, e);\n }\n}\n"],"mappings":";;;;;;;;;;;;AACA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AAEA,IAAAC,UAAA,GAAAD,OAAA;AACA,IAAAE,cAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AACA,IAAAI,OAAA,GAAAL,sBAAA,CAAAC,OAAA;AAGA,IAAAK,kBAAA,GAAAN,sBAAA,CAAAC,OAAA;AACA,IAAAM,eAAA,GAAAN,OAAA;AACA,IAAAO,OAAA,GAAAP,OAAA;AAAoD,SAAAD,uBAAAS,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAHpD;;AAKA,IAAMG,EAAE,GAAG,IAAAC,0BAAK,EAAC,CAAC;AAElB,SAAsBC,WAAWA,CAAAC,EAAA,EAAAC,GAAA;EAAA,OAAAC,YAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAqChC,SAAAF,aAAA;EAAAA,YAAA,OAAAG,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CArCM,SAAAC,SAA2BC,GAAY,EAAEC,GAAa;IAAA,IAAAC,aAAA,EAAAC,IAAA,EAAAC,QAAA,EAAAC,QAAA,EAAAC,qBAAA,EAAAC,YAAA,EAAAC,UAAA,EAAAC,SAAA;IAAA,OAAAZ,oBAAA,CAAAa,IAAA,UAAAC,UAAAC,SAAA;MAAA,kBAAAA,SAAA,CAAAC,IAAA,GAAAD,SAAA,CAAAE,IAAA;QAAA;UAAAF,SAAA,CAAAC,IAAA;UAE/CX,aAAa,GAAG,IAAAa,sBAAc,EAACf,GAAG,CAACgB,GAAG,CAACC,MAAM,CAAC;UAAAd,IAAA,GAEvBe,IAAI,CAACC,KAAK,CAACnB,GAAG,CAACoB,IAAI,CAAC,IAAI,CAAC,CAAC,EAAhDhB,QAAQ,GAAAD,IAAA,CAARC,QAAQ,EAAEC,QAAQ,GAAAF,IAAA,CAARE,QAAQ;UAAA,MACrB,CAACD,QAAQ,IAAI,CAACC,QAAQ;YAAAO,SAAA,CAAAE,IAAA;YAAA;UAAA;UAAA,MAChB,IAAIO,KAAK,CAAC,yCAAyC,CAAC;QAAA;UAAAf,qBAAA,GAGvC,IAAAgB,mCAAoB,EAACpB,aAAa,CAAC,EAAnDK,YAAY,GAAAD,qBAAA,CAAZC,YAAY;UACbC,UAAU,MAAAe,MAAA,CAAMhB,YAAY;UAE5BE,SAAS,GAAGe,MAAM,CAACC,IAAI,IAAAF,MAAA,CAAInB,QAAQ,OAAAmB,MAAA,CAAIlB,QAAQ,CAAE,CAAC,CAACqB,QAAQ,CAAC,QAAQ,CAAC;UAAAd,SAAA,CAAAE,IAAA;UAAA,OAErEa,cAAK,CACNC,OAAO,CAAC;YACLC,GAAG,EAAErB,UAAU;YACfsB,MAAM,EAAE9B,GAAG,CAAC8B,MAAa;YACzBC,OAAO,MAAAC,sBAAA,MAAAA,sBAAA,MAAMhC,GAAG,CAACgB,GAAG,CAACiB,WAAW,CAAC,CAAC;cAAEC,aAAa,WAAAX,MAAA,CAAWd,SAAS;YAAE,EAAC;YACxE0B,OAAO,EAAE,KAAK;YACdC,YAAY,EAAE;UAClB,CAAC,CAAC,CACDC,IAAI;YAAA,IAAAC,KAAA,OAAA1C,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CAAC,SAAAyC,QAAOC,QAAQ;cAAA,IAAAC,SAAA;cAAA,OAAA5C,oBAAA,CAAAa,IAAA,UAAAgC,SAAAC,QAAA;gBAAA,kBAAAA,QAAA,CAAA9B,IAAA,GAAA8B,QAAA,CAAA7B,IAAA;kBAAA;oBAAA6B,QAAA,CAAA7B,IAAA;oBAAA,OACO,IAAA8B,wBAAiB,EACrC5C,GAAG,CAACgB,GAAG,EACPf,GAAG,EACHuC,QAAQ,EACRK,SAAS,EACT,UAACd,OAAO;sBAAA,OAAKe,gCAAgC,CAAC9C,GAAG,EAAE+B,OAAO,CAAC;oBAAA,CAC/D,CAAC;kBAAA;oBANKU,SAAS,GAAAE,QAAA,CAAAI,IAAA;oBAAA,IAOVN,SAAS;sBAAAE,QAAA,CAAA7B,IAAA;sBAAA;oBAAA;oBAAA,MACJ,IAAIO,KAAK,CAAC2B,qCAA8B,CAAC;kBAAA;kBAAA;oBAAA,OAAAL,QAAA,CAAAM,IAAA;gBAAA;cAAA,GAAAV,OAAA;YAAA,CAEtD;YAAA,iBAAAW,GAAA;cAAA,OAAAZ,KAAA,CAAA5C,KAAA,OAAAC,SAAA;YAAA;UAAA,IAAC;QAAA;UAAAiB,SAAA,CAAAE,IAAA;UAAA;QAAA;UAAAF,SAAA,CAAAC,IAAA;UAAAD,SAAA,CAAAuC,EAAA,GAAAvC,SAAA;UAEN,IAAAwC,sBAAe,EAACpD,GAAG,CAACgB,GAAG,EAAEf,GAAG,EAAE,GAAG,EAAAW,SAAA,CAAAuC,EAAG,CAAC;QAAC;QAAA;UAAA,OAAAvC,SAAA,CAAAqC,IAAA;MAAA;IAAA,GAAAlD,QAAA;EAAA,CAE7C;EAAA,OAAAN,YAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAED,SAASmD,gCAAgCA,CACrC9C,GAAY,EACZ+B,OAA+C,EACjD;EACE,IAAOsB,mBAAmB,GAAIrD,GAAG,CAACgB,GAAG,CAACC,MAAM,CAArCoC,mBAAmB;EAC1B,IAAOC,MAAM,GAAItD,GAAG,CAAC+B,OAAO,CAArBuB,MAAM;EAEb,IAAI,CAACD,mBAAmB,IAAI,QAAQ,KAAK,OAAOC,MAAM,IAAI,CAACA,MAAM,CAACC,UAAU,CAAC,SAAS,CAAC,EAAE;IACrF,OAAOxB,OAAO;EAClB;EAEA,OAAO,IAAAyB,gBAAA,EACHzB,OAAO,EACP,UAAC0B,GAAG,EAAEC,CAAC,EAAEC,CAAC,EAAK;IACX,IAAIA,CAAC,KAAK,YAAY,EAAE;MACpBF,GAAG,CAACE,CAAC,CAAC,GAAGD,CAAC;IACd,CAAC,MAAM;MACH,IAAME,GAAG,GAAG,IAAAC,aAAA,EAAMH,CAAC,EAAmB,UAACI,IAAI,EAAK;QAC5C,IAAIA,IAAI,CAACP,UAAU,CAACQ,iCAAsB,CAAC,EAAE;UACzC,OAAOD,IAAI,CAACE,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC;QACzC;QACA,OAAOF,IAAI;MACf,CAAC,CAAC;MACFL,GAAG,CAACE,CAAC,CAAC,GAAGC,GAAG;IAChB;IACA,OAAOH,GAAG;EACd,CAAC,EACD,CAAC,CACL,CAAC;AACL;AAEA,SAAsBQ,oBAAoBA,CAAAC,GAAA,EAAAC,GAAA;EAAA,OAAAC,qBAAA,CAAA1E,KAAA,OAAAC,SAAA;AAAA;AA4CzC,SAAAyE,sBAAA;EAAAA,qBAAA,OAAAxE,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CA5CM,SAAAuE,SAAoCrE,GAAY,EAAEC,GAAa;IAAA,IAAAC,aAAA,EAAAoE,KAAA,EAAAC,WAAA,EAAAC,eAAA,EAAAC,mBAAA,EAAAC,uBAAA,EAAAC,GAAA,EAAAC,IAAA,EAAAC,KAAA,EAAAC,mBAAA,EAAAC,KAAA,EAAAC,UAAA;IAAA,OAAAnF,oBAAA,CAAAa,IAAA,UAAAuE,UAAAC,SAAA;MAAA,kBAAAA,SAAA,CAAArE,IAAA,GAAAqE,SAAA,CAAApE,IAAA;QAAA;UAAAoE,SAAA,CAAArE,IAAA;UAExDX,aAAa,GAAG,IAAAa,sBAAc,EAACf,GAAG,CAACgB,GAAG,CAACC,MAAM,CAAC;UAAAqD,KAAA,GAEbpD,IAAI,CAACC,KAAK,CAACnB,GAAG,CAACoB,IAAI,CAAC,IAAI,CAAC,CAAC,EAA1DmD,WAAW,GAAAD,KAAA,CAAXC,WAAW,EAAEC,eAAe,GAAAF,KAAA,CAAfE,eAAe;UAAA,MAC/B,CAACD,WAAW,IAAI,CAACC,eAAe;YAAAU,SAAA,CAAApE,IAAA;YAAA;UAAA;UAAA,MAC1B,IAAIO,KAAK,CAAC,4CAA4C,CAAC;QAAA;UAG3DoD,mBAAmB,GAAGU,eAAM,CAACC,UAAU,CAAC,QAAQ,CAAC,CAACC,MAAM,CAACd,WAAW,CAAC,CAACe,MAAM,CAAC,KAAK,CAAC;UACnFZ,uBAAuB,GAAGS,eAAM,CACjCC,UAAU,CAAC,QAAQ,CAAC,CACpBC,MAAM,CAACb,eAAe,CAAC,CACvBc,MAAM,CAAC,KAAK,CAAC;UAAAJ,SAAA,CAAArE,IAAA;UAId8D,GAAG,GAAG,IAAAY,gCAAiB,EAACrF,aAAa,EAAEF,GAAG,CAAC;UAACkF,SAAA,CAAApE,IAAA;UAAA;QAAA;UAAAoE,SAAA,CAAArE,IAAA;UAAAqE,SAAA,CAAA/B,EAAA,GAAA+B,SAAA;UAE5C,IAAA9B,sBAAe,EAACpD,GAAG,CAACgB,GAAG,EAAEf,GAAG,EAAE,GAAG,EAAAiF,SAAA,CAAA/B,EAAG,CAAC;UAAC,OAAA+B,SAAA,CAAAM,MAAA;QAAA;UAAAZ,IAAA,GAI1BD,GAAG,EAAZE,KAAK,GAAAD,IAAA,CAALC,KAAK;UAAAK,SAAA,CAAApE,IAAA;UAAA,OACsB,IAAA2E,4BAAY,EAACzF,GAAG,EAAE2E,GAAG,CAAC;QAAA;UAAAG,mBAAA,GAAAI,SAAA,CAAAnC,IAAA;UAAjDgC,KAAK,GAAAD,mBAAA,CAALC,KAAK;UAAEC,UAAU,GAAAF,mBAAA,CAAVE,UAAU;UAExB5F,EAAE,CAACyF,KAAK,CAACa,YAAY,CAAC,gBAAgB,EAAE,QAAQ,EAAE;YAC9C,cAAc,EAAEV;UACpB,CAAC,CAAC;UAACE,SAAA,CAAApE,IAAA;UAAA,OAEG1B,EAAE,CAACuG,EAAE,CACNC,eAAe,CAAC;YACbf,KAAK,EAALA,KAAK;YACLgB,UAAU,EAAE;cAACC,IAAI,EAAEf,KAAK;cAAEN,mBAAmB,EAAnBA,mBAAmB;cAAEC,uBAAuB,EAAvBA;YAAuB;UAC1E,CAAC,CAAC,CACDrC,IAAI,CAAC,UAAC0D,MAAe,EAAK;YACvB9F,GAAG,CAAC+F,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAAC;cAACF,MAAM,EAANA;YAAM,CAAC,CAAC;UAClC,CAAC,CAAC,SACI,CAAC,UAACG,GAAQ,EAAK;YACjB,IAAA9C,sBAAe,EAACpD,GAAG,CAACgB,GAAG,EAAEf,GAAG,EAAE,GAAG,EAAEiG,GAAG,CAAC;UAC3C,CAAC,CAAC;QAAA;UAAAhB,SAAA,CAAApE,IAAA;UAAA;QAAA;UAAAoE,SAAA,CAAArE,IAAA;UAAAqE,SAAA,CAAAiB,EAAA,GAAAjB,SAAA;UAEN,IAAA9B,sBAAe,EAACpD,GAAG,CAACgB,GAAG,EAAEf,GAAG,EAAE,GAAG,EAAAiF,SAAA,CAAAiB,EAAG,CAAC;QAAC;QAAA;UAAA,OAAAjB,SAAA,CAAAjC,IAAA;MAAA;IAAA,GAAAoB,QAAA;EAAA,CAE7C;EAAA,OAAAD,qBAAA,CAAA1E,KAAA,OAAAC,SAAA;AAAA"}
@@ -0,0 +1,2 @@
1
+ import type { Request, Response } from 'express';
2
+ export declare function handleLogout(req: Request, res: Response): void;
@@ -0,0 +1,15 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.handleLogout = void 0;
4
+ const oauth_1 = require("../components/oauth");
5
+ const yt_auth_1 = require("../components/yt-auth");
6
+ function handleLogout(req, res) {
7
+ if ((0, oauth_1.isOAuthAllowed)(req) && (0, oauth_1.isUserOAuthLogged)(req)) {
8
+ res.redirect((0, oauth_1.getOAuthLogoutPath)(req));
9
+ }
10
+ else if ((0, yt_auth_1.isYtAuthEnabled)(req.ctx.config)) {
11
+ (0, yt_auth_1.YTAuthLogout)(res);
12
+ }
13
+ res.redirect('/');
14
+ }
15
+ exports.handleLogout = handleLogout;
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_oauth","require","_ytAuth","handleLogout","req","res","isOAuthAllowed","isUserOAuthLogged","redirect","getOAuthLogoutPath","isYtAuthEnabled","ctx","config","YTAuthLogout"],"sources":["logout.ts"],"sourcesContent":["import type {Request, Response} from 'express';\nimport {getOAuthLogoutPath, isOAuthAllowed, isUserOAuthLogged} from '../components/oauth';\nimport {YTAuthLogout, isYtAuthEnabled} from '../components/yt-auth';\n\nexport function handleLogout(req: Request, res: Response) {\n if (isOAuthAllowed(req) && isUserOAuthLogged(req)) {\n res.redirect(getOAuthLogoutPath(req));\n } else if (isYtAuthEnabled(req.ctx.config)) {\n YTAuthLogout(res);\n }\n res.redirect('/');\n}\n"],"mappings":";;;;;;AACA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AAEO,SAASE,YAAYA,CAACC,GAAY,EAAEC,GAAa,EAAE;EACtD,IAAI,IAAAC,qBAAc,EAACF,GAAG,CAAC,IAAI,IAAAG,wBAAiB,EAACH,GAAG,CAAC,EAAE;IAC/CC,GAAG,CAACG,QAAQ,CAAC,IAAAC,yBAAkB,EAACL,GAAG,CAAC,CAAC;EACzC,CAAC,MAAM,IAAI,IAAAM,uBAAe,EAACN,GAAG,CAACO,GAAG,CAACC,MAAM,CAAC,EAAE;IACxC,IAAAC,oBAAY,EAACR,GAAG,CAAC;EACrB;EACAA,GAAG,CAACG,QAAQ,CAAC,GAAG,CAAC;AACrB"}
@@ -0,0 +1,4 @@
1
+ import type { Request, Response } from 'express';
2
+ export declare function oauthLogin(req: Request, res: Response): void;
3
+ export declare function oauthLogout(_: Request, res: Response): void;
4
+ export declare function oauthCallback(req: Request, res: Response): Promise<void>;
@@ -0,0 +1,30 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.oauthCallback = exports.oauthLogout = exports.oauthLogin = void 0;
4
+ const oauth_1 = require("../components/oauth");
5
+ function oauthLogin(req, res) {
6
+ res.redirect((0, oauth_1.getOAuthLoginPath)(req));
7
+ }
8
+ exports.oauthLogin = oauthLogin;
9
+ function oauthLogout(_, res) {
10
+ (0, oauth_1.removeOAuthCookies)(res);
11
+ res.redirect('/');
12
+ }
13
+ exports.oauthLogout = oauthLogout;
14
+ async function oauthCallback(req, res) {
15
+ const { code } = req.query;
16
+ if (!code) {
17
+ throw new Error('Authorization code is not specified');
18
+ }
19
+ try {
20
+ const tokens = await (0, oauth_1.exchangeOAuthToken)(req, code);
21
+ (0, oauth_1.saveOAuthTokensInCookies)(res, tokens);
22
+ res.redirect('/');
23
+ }
24
+ catch (e) {
25
+ req.ctx.logError('exchange token error', e);
26
+ const message = e instanceof Error ? e.message : 'Unknown error';
27
+ res.status(500).send(message);
28
+ }
29
+ }
30
+ exports.oauthCallback = oauthCallback;
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_oauth","require","_interopRequireDefault","obj","__esModule","default","oauthLogin","req","res","redirect","getOAuthLoginPath","oauthLogout","_","removeOAuthCookies","oauthCallback","_x","_x2","_oauthCallback","apply","arguments","_asyncToGenerator","_regeneratorRuntime","mark","_callee","code","tokens","message","wrap","_callee$","_context","prev","next","query","Error","exchangeOAuthToken","sent","saveOAuthTokensInCookies","t0","ctx","logError","status","send","stop"],"sources":["oauth-login.ts"],"sourcesContent":["import type {Request, Response} from 'express';\nimport {\n exchangeOAuthToken,\n getOAuthLoginPath,\n removeOAuthCookies,\n saveOAuthTokensInCookies,\n} from '../components/oauth';\n\nexport function oauthLogin(req: Request, res: Response) {\n res.redirect(getOAuthLoginPath(req));\n}\n\nexport function oauthLogout(_: Request, res: Response) {\n removeOAuthCookies(res);\n res.redirect('/');\n}\n\nexport async function oauthCallback(req: Request, res: Response) {\n const {code} = req.query;\n if (!code) {\n throw new Error('Authorization code is not specified');\n }\n\n try {\n const tokens = await exchangeOAuthToken(req, code as string);\n\n saveOAuthTokensInCookies(res, tokens);\n\n res.redirect('/');\n } catch (e) {\n req.ctx.logError('exchange token error', e);\n const message = e instanceof Error ? e.message : 'Unknown error';\n res.status(500).send(message);\n }\n}\n"],"mappings":";;;;;;;;;;AACA,IAAAA,MAAA,GAAAC,OAAA;AAK4B,SAAAC,uBAAAC,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAErB,SAASG,UAAUA,CAACC,GAAY,EAAEC,GAAa,EAAE;EACpDA,GAAG,CAACC,QAAQ,CAAC,IAAAC,wBAAiB,EAACH,GAAG,CAAC,CAAC;AACxC;AAEO,SAASI,WAAWA,CAACC,CAAU,EAAEJ,GAAa,EAAE;EACnD,IAAAK,yBAAkB,EAACL,GAAG,CAAC;EACvBA,GAAG,CAACC,QAAQ,CAAC,GAAG,CAAC;AACrB;AAEA,SAAsBK,aAAaA,CAAAC,EAAA,EAAAC,GAAA;EAAA,OAAAC,cAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAiBlC,SAAAF,eAAA;EAAAA,cAAA,OAAAG,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CAjBM,SAAAC,QAA6BhB,GAAY,EAAEC,GAAa;IAAA,IAAAgB,IAAA,EAAAC,MAAA,EAAAC,OAAA;IAAA,OAAAL,oBAAA,CAAAM,IAAA,UAAAC,SAAAC,QAAA;MAAA,kBAAAA,QAAA,CAAAC,IAAA,GAAAD,QAAA,CAAAE,IAAA;QAAA;UACpDP,IAAI,GAAIjB,GAAG,CAACyB,KAAK,CAAjBR,IAAI;UAAA,IACNA,IAAI;YAAAK,QAAA,CAAAE,IAAA;YAAA;UAAA;UAAA,MACC,IAAIE,KAAK,CAAC,qCAAqC,CAAC;QAAA;UAAAJ,QAAA,CAAAC,IAAA;UAAAD,QAAA,CAAAE,IAAA;UAAA,OAIjC,IAAAG,yBAAkB,EAAC3B,GAAG,EAAEiB,IAAc,CAAC;QAAA;UAAtDC,MAAM,GAAAI,QAAA,CAAAM,IAAA;UAEZ,IAAAC,+BAAwB,EAAC5B,GAAG,EAAEiB,MAAM,CAAC;UAErCjB,GAAG,CAACC,QAAQ,CAAC,GAAG,CAAC;UAACoB,QAAA,CAAAE,IAAA;UAAA;QAAA;UAAAF,QAAA,CAAAC,IAAA;UAAAD,QAAA,CAAAQ,EAAA,GAAAR,QAAA;UAElBtB,GAAG,CAAC+B,GAAG,CAACC,QAAQ,CAAC,sBAAsB,EAAAV,QAAA,CAAAQ,EAAG,CAAC;UACrCX,OAAO,GAAGG,QAAA,CAAAQ,EAAA,YAAaJ,KAAK,GAAGJ,QAAA,CAAAQ,EAAA,CAAEX,OAAO,GAAG,eAAe;UAChElB,GAAG,CAACgC,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAACf,OAAO,CAAC;QAAC;QAAA;UAAA,OAAAG,QAAA,CAAAa,IAAA;MAAA;IAAA,GAAAnB,OAAA;EAAA,CAErC;EAAA,OAAAN,cAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA"}
@@ -10,6 +10,9 @@ const expresskit_1 = require("@gravity-ui/expresskit");
10
10
  const configure_app_1 = require("./configure-app");
11
11
  const yt_auth_1 = require("./middlewares/yt-auth");
12
12
  const routes_1 = __importDefault(require("./routes"));
13
+ const oauth_1 = require("./middlewares/oauth");
14
+ const authorization_1 = require("./middlewares/authorization");
15
+ const authorization_2 = require("./utils/authorization");
13
16
  const nodekit = new nodekit_1.NodeKit({ configsPath: path_1.default.resolve(__dirname, './configs') });
14
17
  const { appName, appEnv, appInstallation, appDevMode } = nodekit.config;
15
18
  nodekit.ctx.log('AppConfig details', {
@@ -23,7 +26,12 @@ if (ytAuthCluster) {
23
26
  if (appAuthHandler) {
24
27
  nodekit.ctx.fail(new Error('"appAuthHandler" option will be ignored cause "ytAuthCluster" option is provided.'));
25
28
  }
26
- nodekit.config.appAuthHandler = (0, yt_auth_1.createYTAuthMiddleware)(ytAuthCluster);
29
+ nodekit.config.appBeforeAuthMiddleware = [
30
+ ...(nodekit.config.appBeforeAuthMiddleware || []),
31
+ (0, authorization_2.authorizationResolver)((0, oauth_1.createOAuthAuthorizationResolver)()),
32
+ (0, authorization_2.authorizationResolver)((0, yt_auth_1.createYTAuthorizationResolver)()),
33
+ ];
34
+ nodekit.config.appAuthHandler = (0, authorization_1.createAuthMiddleware)(ytAuthCluster);
27
35
  }
28
36
  (_b = (_a = nodekit.config).adjustAppConfig) === null || _b === void 0 ? void 0 : _b.call(_a, nodekit);
29
37
  const app = new expresskit_1.ExpressKit(nodekit, routes_1.default);
@@ -1 +1 @@
1
- {"version":3,"names":["_path","_interopRequireDefault","require","_nodekit","_expresskit","_configureApp","_ytAuth","_routes","obj","__esModule","default","nodekit","NodeKit","configsPath","path","resolve","__dirname","_nodekit$config","config","appName","appEnv","appInstallation","appDevMode","ctx","log","_nodekit$config2","ytAuthCluster","appAuthHandler","fail","Error","createYTAuthMiddleware","_nodekit$config$adjus","_nodekit$config3","adjustAppConfig","call","app","ExpressKit","routes","configureApp","main","module","run","_default","exports"],"sources":["index.ts"],"sourcesContent":["import path from 'path';\nimport _reduce from 'lodash/reduce';\nimport {NodeKit} from '@gravity-ui/nodekit';\nimport {ExpressKit} from '@gravity-ui/expresskit';\n\nimport {configureApp} from './configure-app';\n\nimport {createYTAuthMiddleware} from './middlewares/yt-auth';\nimport routes from './routes';\n\nconst nodekit = new NodeKit({configsPath: path.resolve(__dirname, './configs')});\n\nconst {appName, appEnv, appInstallation, appDevMode} = nodekit.config;\nnodekit.ctx.log('AppConfig details', {\n appName,\n appEnv,\n appInstallation,\n appDevMode,\n});\n\nconst {ytAuthCluster, appAuthHandler} = nodekit.config;\n\nif (ytAuthCluster) {\n if (appAuthHandler) {\n nodekit.ctx.fail(\n new Error(\n '\"appAuthHandler\" option will be ignored cause \"ytAuthCluster\" option is provided.',\n ),\n );\n }\n\n nodekit.config.appAuthHandler = createYTAuthMiddleware(ytAuthCluster);\n}\n\nnodekit.config.adjustAppConfig?.(nodekit);\n\nconst app = new ExpressKit(nodekit, routes);\nconfigureApp(app);\n\nif (require.main === module) {\n app.run();\n}\n\nexport default app;\n"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AAEA,IAAAC,QAAA,GAAAD,OAAA;AACA,IAAAE,WAAA,GAAAF,OAAA;AAEA,IAAAG,aAAA,GAAAH,OAAA;AAEA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAN,sBAAA,CAAAC,OAAA;AAA6B,SAAAD,uBAAAO,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;;AAE7B,IAAMG,OAAO,GAAG,IAAIC,gBAAO,CAAC;EAACC,WAAW,EAAEC,aAAI,CAACC,OAAO,CAACC,SAAS,EAAE,WAAW;AAAC,CAAC,CAAC;AAEhF,IAAAC,eAAA,GAAuDN,OAAO,CAACO,MAAM;EAA9DC,OAAO,GAAAF,eAAA,CAAPE,OAAO;EAAEC,MAAM,GAAAH,eAAA,CAANG,MAAM;EAAEC,eAAe,GAAAJ,eAAA,CAAfI,eAAe;EAAEC,UAAU,GAAAL,eAAA,CAAVK,UAAU;AACnDX,OAAO,CAACY,GAAG,CAACC,GAAG,CAAC,mBAAmB,EAAE;EACjCL,OAAO,EAAPA,OAAO;EACPC,MAAM,EAANA,MAAM;EACNC,eAAe,EAAfA,eAAe;EACfC,UAAU,EAAVA;AACJ,CAAC,CAAC;AAEF,IAAAG,gBAAA,GAAwCd,OAAO,CAACO,MAAM;EAA/CQ,aAAa,GAAAD,gBAAA,CAAbC,aAAa;EAAEC,cAAc,GAAAF,gBAAA,CAAdE,cAAc;AAEpC,IAAID,aAAa,EAAE;EACf,IAAIC,cAAc,EAAE;IAChBhB,OAAO,CAACY,GAAG,CAACK,IAAI,CACZ,IAAIC,KAAK,CACL,mFACJ,CACJ,CAAC;EACL;EAEAlB,OAAO,CAACO,MAAM,CAACS,cAAc,GAAG,IAAAG,8BAAsB,EAACJ,aAAa,CAAC;AACzE;AAEA,CAAAK,qBAAA,IAAAC,gBAAA,GAAArB,OAAO,CAACO,MAAM,EAACe,eAAe,cAAAF,qBAAA,eAA9BA,qBAAA,CAAAG,IAAA,CAAAF,gBAAA,EAAiCrB,OAAO,CAAC;AAEzC,IAAMwB,GAAG,GAAG,IAAIC,sBAAU,CAACzB,OAAO,EAAE0B,eAAM,CAAC;AAC3C,IAAAC,0BAAY,EAACH,GAAG,CAAC;AAEjB,IAAIjC,OAAO,CAACqC,IAAI,KAAKC,MAAM,EAAE;EACzBL,GAAG,CAACM,GAAG,CAAC,CAAC;AACb;AAAA,IAAAC,QAAA,GAAAC,OAAA,CAAAjC,OAAA,GAEeyB,GAAG"}
1
+ {"version":3,"names":["_path","_interopRequireDefault","require","_nodekit","_expresskit","_configureApp","_ytAuth","_routes","_oauth","_authorization","_authorization2","obj","__esModule","default","nodekit","NodeKit","configsPath","path","resolve","__dirname","_nodekit$config","config","appName","appEnv","appInstallation","appDevMode","ctx","log","_nodekit$config2","ytAuthCluster","appAuthHandler","fail","Error","appBeforeAuthMiddleware","concat","_toConsumableArray","authorizationResolver","createOAuthAuthorizationResolver","createYTAuthorizationResolver","createAuthMiddleware","_nodekit$config$adjus","_nodekit$config3","adjustAppConfig","call","app","ExpressKit","routes","configureApp","main","module","run","_default","exports"],"sources":["index.ts"],"sourcesContent":["import path from 'path';\nimport _reduce from 'lodash/reduce';\nimport {NodeKit} from '@gravity-ui/nodekit';\nimport {ExpressKit} from '@gravity-ui/expresskit';\n\nimport {configureApp} from './configure-app';\n\nimport {createYTAuthorizationResolver} from './middlewares/yt-auth';\nimport routes from './routes';\nimport {createOAuthAuthorizationResolver} from './middlewares/oauth';\nimport {createAuthMiddleware} from './middlewares/authorization';\nimport {authorizationResolver} from './utils/authorization';\n\nconst nodekit = new NodeKit({configsPath: path.resolve(__dirname, './configs')});\n\nconst {appName, appEnv, appInstallation, appDevMode} = nodekit.config;\nnodekit.ctx.log('AppConfig details', {\n appName,\n appEnv,\n appInstallation,\n appDevMode,\n});\n\nconst {ytAuthCluster, appAuthHandler} = nodekit.config;\n\nif (ytAuthCluster) {\n if (appAuthHandler) {\n nodekit.ctx.fail(\n new Error(\n '\"appAuthHandler\" option will be ignored cause \"ytAuthCluster\" option is provided.',\n ),\n );\n }\n\n nodekit.config.appBeforeAuthMiddleware = [\n ...(nodekit.config.appBeforeAuthMiddleware || []),\n authorizationResolver(createOAuthAuthorizationResolver()),\n authorizationResolver(createYTAuthorizationResolver()),\n ];\n nodekit.config.appAuthHandler = createAuthMiddleware(ytAuthCluster);\n}\n\nnodekit.config.adjustAppConfig?.(nodekit);\n\nconst app = new ExpressKit(nodekit, routes);\nconfigureApp(app);\n\nif (require.main === module) {\n app.run();\n}\n\nexport default app;\n"],"mappings":";;;;;;;AAAA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AAEA,IAAAC,QAAA,GAAAD,OAAA;AACA,IAAAE,WAAA,GAAAF,OAAA;AAEA,IAAAG,aAAA,GAAAH,OAAA;AAEA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAN,sBAAA,CAAAC,OAAA;AACA,IAAAM,MAAA,GAAAN,OAAA;AACA,IAAAO,cAAA,GAAAP,OAAA;AACA,IAAAQ,eAAA,GAAAR,OAAA;AAA2D,SAAAD,uBAAAU,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;;AAE3D,IAAMG,OAAO,GAAG,IAAIC,gBAAO,CAAC;EAACC,WAAW,EAAEC,aAAI,CAACC,OAAO,CAACC,SAAS,EAAE,WAAW;AAAC,CAAC,CAAC;AAEhF,IAAAC,eAAA,GAAuDN,OAAO,CAACO,MAAM;EAA9DC,OAAO,GAAAF,eAAA,CAAPE,OAAO;EAAEC,MAAM,GAAAH,eAAA,CAANG,MAAM;EAAEC,eAAe,GAAAJ,eAAA,CAAfI,eAAe;EAAEC,UAAU,GAAAL,eAAA,CAAVK,UAAU;AACnDX,OAAO,CAACY,GAAG,CAACC,GAAG,CAAC,mBAAmB,EAAE;EACjCL,OAAO,EAAPA,OAAO;EACPC,MAAM,EAANA,MAAM;EACNC,eAAe,EAAfA,eAAe;EACfC,UAAU,EAAVA;AACJ,CAAC,CAAC;AAEF,IAAAG,gBAAA,GAAwCd,OAAO,CAACO,MAAM;EAA/CQ,aAAa,GAAAD,gBAAA,CAAbC,aAAa;EAAEC,cAAc,GAAAF,gBAAA,CAAdE,cAAc;AAEpC,IAAID,aAAa,EAAE;EACf,IAAIC,cAAc,EAAE;IAChBhB,OAAO,CAACY,GAAG,CAACK,IAAI,CACZ,IAAIC,KAAK,CACL,mFACJ,CACJ,CAAC;EACL;EAEAlB,OAAO,CAACO,MAAM,CAACY,uBAAuB,MAAAC,MAAA,KAAAC,2BAAA,EAC9BrB,OAAO,CAACO,MAAM,CAACY,uBAAuB,IAAI,EAAE,IAChD,IAAAG,qCAAqB,EAAC,IAAAC,uCAAgC,EAAC,CAAC,CAAC,EACzD,IAAAD,qCAAqB,EAAC,IAAAE,qCAA6B,EAAC,CAAC,CAAC,EACzD;EACDxB,OAAO,CAACO,MAAM,CAACS,cAAc,GAAG,IAAAS,mCAAoB,EAACV,aAAa,CAAC;AACvE;AAEA,CAAAW,qBAAA,IAAAC,gBAAA,GAAA3B,OAAO,CAACO,MAAM,EAACqB,eAAe,cAAAF,qBAAA,eAA9BA,qBAAA,CAAAG,IAAA,CAAAF,gBAAA,EAAiC3B,OAAO,CAAC;AAEzC,IAAM8B,GAAG,GAAG,IAAIC,sBAAU,CAAC/B,OAAO,EAAEgC,eAAM,CAAC;AAC3C,IAAAC,0BAAY,EAACH,GAAG,CAAC;AAEjB,IAAI1C,OAAO,CAAC8C,IAAI,KAAKC,MAAM,EAAE;EACzBL,GAAG,CAACM,GAAG,CAAC,CAAC;AACb;AAAA,IAAAC,QAAA,GAAAC,OAAA,CAAAvC,OAAA,GAEe+B,GAAG"}
@@ -0,0 +1,2 @@
1
+ import { AppMiddleware } from '@gravity-ui/expresskit';
2
+ export declare function createAuthMiddleware(ytAuthCluster: string): AppMiddleware;
@@ -0,0 +1,42 @@
1
+ "use strict";
2
+ var __importDefault = (this && this.__importDefault) || function (mod) {
3
+ return (mod && mod.__esModule) ? mod : { "default": mod };
4
+ };
5
+ Object.defineProperty(exports, "__esModule", { value: true });
6
+ exports.createAuthMiddleware = void 0;
7
+ const axios_1 = __importDefault(require("axios"));
8
+ const authorization_1 = require("../utils/authorization");
9
+ const requestsSetup_1 = require("../components/requestsSetup");
10
+ const cluster_queries_1 = require("../components/cluster-queries");
11
+ const utils_1 = require("../utils");
12
+ class AuthError extends Error {
13
+ constructor() {
14
+ super('Authorization required');
15
+ }
16
+ }
17
+ function isAuthError(e) {
18
+ var _a;
19
+ return e instanceof AuthError || (axios_1.default.isAxiosError(e) && ((_a = e.response) === null || _a === void 0 ? void 0 : _a.status) === 401);
20
+ }
21
+ function createAuthMiddleware(ytAuthCluster) {
22
+ return async function authMiddleware(req, res, next) {
23
+ try {
24
+ if (!(0, authorization_1.isAuthorized)(req)) {
25
+ throw new AuthError();
26
+ }
27
+ const cfg = (0, requestsSetup_1.getUserYTApiSetup)(ytAuthCluster, req);
28
+ const { login } = await (0, cluster_queries_1.getXSRFToken)(req, cfg);
29
+ req.yt.login = login;
30
+ }
31
+ catch (e) {
32
+ const isAuthFailed = isAuthError(e);
33
+ const error = isAuthFailed ? undefined : e;
34
+ if (!req.routeInfo.ui && isAuthFailed) {
35
+ (0, utils_1.sendError)(res, error, 401);
36
+ return;
37
+ }
38
+ }
39
+ next();
40
+ };
41
+ }
42
+ exports.createAuthMiddleware = createAuthMiddleware;