@ytsaurus/ui 1.12.2 → 1.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/cjs/@types/core.d.ts +38 -0
- package/build/cjs/server/components/layout-config.js +6 -1
- package/build/cjs/server/components/layout-config.js.map +1 -1
- package/build/cjs/server/components/oauth.d.ts +26 -0
- package/build/cjs/server/components/oauth.js +123 -0
- package/build/cjs/server/components/oauth.js.map +1 -0
- package/build/cjs/server/components/yt-auth.d.ts +6 -0
- package/build/cjs/server/components/yt-auth.js +23 -0
- package/build/cjs/server/components/yt-auth.js.map +1 -0
- package/build/cjs/server/controllers/login.d.ts +0 -1
- package/build/cjs/server/controllers/login.js +4 -26
- package/build/cjs/server/controllers/login.js.map +1 -1
- package/build/cjs/server/controllers/logout.d.ts +2 -0
- package/build/cjs/server/controllers/logout.js +15 -0
- package/build/cjs/server/controllers/logout.js.map +1 -0
- package/build/cjs/server/controllers/oauth-login.d.ts +4 -0
- package/build/cjs/server/controllers/oauth-login.js +30 -0
- package/build/cjs/server/controllers/oauth-login.js.map +1 -0
- package/build/cjs/server/index.js +9 -1
- package/build/cjs/server/index.js.map +1 -1
- package/build/cjs/server/middlewares/authorization.d.ts +2 -0
- package/build/cjs/server/middlewares/authorization.js +42 -0
- package/build/cjs/server/middlewares/authorization.js.map +1 -0
- package/build/cjs/server/middlewares/oauth.d.ts +2 -0
- package/build/cjs/server/middlewares/oauth.js +27 -0
- package/build/cjs/server/middlewares/oauth.js.map +1 -0
- package/build/cjs/server/middlewares/yt-auth.d.ts +1 -1
- package/build/cjs/server/middlewares/yt-auth.js +10 -42
- package/build/cjs/server/middlewares/yt-auth.js.map +1 -1
- package/build/cjs/server/routes.js +6 -1
- package/build/cjs/server/routes.js.map +1 -1
- package/build/cjs/server/utils/authorization.d.ts +6 -0
- package/build/cjs/server/utils/authorization.js +33 -0
- package/build/cjs/server/utils/authorization.js.map +1 -0
- package/build/cjs/shared/constants/index.d.ts +3 -0
- package/build/cjs/shared/constants/index.js +3 -1
- package/build/cjs/shared/constants/index.js.map +1 -1
- package/build/cjs/shared/yt-types.d.ts +2 -0
- package/build/cjs/ui/components/Login/LoginFormPage/LoginFormPage.js +23 -5
- package/build/cjs/ui/components/Login/LoginFormPage/LoginFormPage.js.map +1 -1
- package/build/cjs/ui/components/Login/LoginPageWrapper/LoginPageWrapper.css +8 -0
- package/build/cjs/ui/components/Login/LoginPageWrapper/LoginPageWrapper.css.map +1 -1
- package/build/cjs/ui/components/NumberInput/NumberInput.d.ts +1 -1
- package/build/cjs/ui/containers/AppNavigation/AppNavigation.js +2 -0
- package/build/cjs/ui/containers/AppNavigation/AppNavigation.js.map +1 -1
- package/build/cjs/ui/containers/AppNavigation/AppNavigationComponent.d.ts +1 -1
- package/build/cjs/ui/containers/AppNavigation/AppNavigationComponent.js +5 -7
- package/build/cjs/ui/containers/AppNavigation/AppNavigationComponent.js.map +1 -1
- package/build/cjs/ui/containers/AppNavigation/AppNavigationPageLayout.d.ts +2 -0
- package/build/cjs/ui/containers/AppNavigation/AppNavigationPageLayout.js.map +1 -1
- package/build/cjs/ui/store/reducers/global/index.d.ts +1 -0
- package/build/cjs/ui/store/reducers/global/index.js +1 -0
- package/build/cjs/ui/store/reducers/global/index.js.map +1 -1
- package/build/cjs/ui/store/selectors/global/index.d.ts +4 -0
- package/build/cjs/ui/store/selectors/global/index.js +14 -4
- package/build/cjs/ui/store/selectors/global/index.js.map +1 -1
- package/build/esm/@types/core.d.ts +38 -0
- package/build/esm/server/components/layout-config.js +7 -2
- package/build/esm/server/components/layout-config.js.map +1 -1
- package/build/esm/server/components/oauth.d.ts +26 -0
- package/build/esm/server/components/oauth.js +169 -0
- package/build/esm/server/components/oauth.js.map +1 -0
- package/build/esm/server/components/yt-auth.d.ts +6 -0
- package/build/esm/server/components/yt-auth.js +17 -0
- package/build/esm/server/components/yt-auth.js.map +1 -0
- package/build/esm/server/controllers/login.d.ts +0 -1
- package/build/esm/server/controllers/login.js +41 -88
- package/build/esm/server/controllers/login.js.map +1 -1
- package/build/esm/server/controllers/logout.d.ts +2 -0
- package/build/esm/server/controllers/logout.js +11 -0
- package/build/esm/server/controllers/logout.js.map +1 -0
- package/build/esm/server/controllers/oauth-login.d.ts +4 -0
- package/build/esm/server/controllers/oauth-login.js +50 -0
- package/build/esm/server/controllers/oauth-login.js.map +1 -0
- package/build/esm/server/index.js +7 -2
- package/build/esm/server/index.js.map +1 -1
- package/build/esm/server/middlewares/authorization.d.ts +2 -0
- package/build/esm/server/middlewares/authorization.js +74 -0
- package/build/esm/server/middlewares/authorization.js.map +1 -0
- package/build/esm/server/middlewares/oauth.d.ts +2 -0
- package/build/esm/server/middlewares/oauth.js +50 -0
- package/build/esm/server/middlewares/oauth.js.map +1 -0
- package/build/esm/server/middlewares/yt-auth.d.ts +1 -1
- package/build/esm/server/middlewares/yt-auth.js +8 -58
- package/build/esm/server/middlewares/yt-auth.js.map +1 -1
- package/build/esm/server/routes.js +16 -2
- package/build/esm/server/routes.js.map +1 -1
- package/build/esm/server/utils/authorization.d.ts +6 -0
- package/build/esm/server/utils/authorization.js +28 -0
- package/build/esm/server/utils/authorization.js.map +1 -0
- package/build/esm/shared/constants/index.d.ts +3 -0
- package/build/esm/shared/constants/index.js +2 -1
- package/build/esm/shared/constants/index.js.map +1 -1
- package/build/esm/shared/yt-types.d.ts +2 -0
- package/build/esm/ui/components/Login/LoginFormPage/LoginFormPage.js +24 -6
- package/build/esm/ui/components/Login/LoginFormPage/LoginFormPage.js.map +1 -1
- package/build/esm/ui/components/Login/LoginPageWrapper/LoginPageWrapper.css +8 -0
- package/build/esm/ui/components/Login/LoginPageWrapper/LoginPageWrapper.css.map +1 -1
- package/build/esm/ui/components/Login/LoginPageWrapper/LoginPageWrapper.scss +12 -0
- package/build/esm/ui/components/NumberInput/NumberInput.d.ts +1 -1
- package/build/esm/ui/containers/AppNavigation/AppNavigation.js +3 -1
- package/build/esm/ui/containers/AppNavigation/AppNavigation.js.map +1 -1
- package/build/esm/ui/containers/AppNavigation/AppNavigationComponent.d.ts +1 -1
- package/build/esm/ui/containers/AppNavigation/AppNavigationComponent.js +5 -7
- package/build/esm/ui/containers/AppNavigation/AppNavigationComponent.js.map +1 -1
- package/build/esm/ui/containers/AppNavigation/AppNavigationPageLayout.d.ts +2 -0
- package/build/esm/ui/containers/AppNavigation/AppNavigationPageLayout.js.map +1 -1
- package/build/esm/ui/store/reducers/global/index.d.ts +1 -0
- package/build/esm/ui/store/reducers/global/index.js +1 -0
- package/build/esm/ui/store/reducers/global/index.js.map +1 -1
- package/build/esm/ui/store/selectors/global/index.d.ts +4 -0
- package/build/esm/ui/store/selectors/global/index.js +12 -2
- package/build/esm/ui/store/selectors/global/index.js.map +1 -1
- package/dist/public/build/assets-manifest.json +12 -12
- package/dist/public/build/css/{main.136a49c7.css → main.e919e247.css} +2 -2
- package/dist/public/build/css/main.e919e247.css.map +1 -0
- package/dist/public/build/js/89.07445d46.chunk.js +2 -0
- package/dist/public/build/js/89.07445d46.chunk.js.map +1 -0
- package/dist/public/build/js/main.9d592639.js +3 -0
- package/dist/public/build/js/{main.f91e3651.js.map → main.9d592639.js.map} +1 -1
- package/dist/public/build/js/{runtime.6c8d85d3.js → runtime.9491563b.js} +2 -2
- package/dist/public/build/js/{runtime.6c8d85d3.js.map → runtime.9491563b.js.map} +1 -1
- package/dist/public/build/manifest.json +8 -8
- package/dist/server/components/layout-config.js +6 -1
- package/dist/server/components/oauth.d.ts +26 -0
- package/dist/server/components/oauth.js +123 -0
- package/dist/server/components/yt-auth.d.ts +6 -0
- package/dist/server/components/yt-auth.js +23 -0
- package/dist/server/controllers/login.d.ts +0 -1
- package/dist/server/controllers/login.js +4 -26
- package/dist/server/controllers/logout.d.ts +2 -0
- package/dist/server/controllers/logout.js +15 -0
- package/dist/server/controllers/oauth-login.d.ts +4 -0
- package/dist/server/controllers/oauth-login.js +30 -0
- package/dist/server/index.js +9 -1
- package/dist/server/middlewares/authorization.d.ts +2 -0
- package/dist/server/middlewares/authorization.js +42 -0
- package/dist/server/middlewares/oauth.d.ts +2 -0
- package/dist/server/middlewares/oauth.js +27 -0
- package/dist/server/middlewares/yt-auth.d.ts +1 -1
- package/dist/server/middlewares/yt-auth.js +10 -42
- package/dist/server/routes.js +6 -1
- package/dist/server/utils/authorization.d.ts +6 -0
- package/dist/server/utils/authorization.js +33 -0
- package/dist/shared/constants/index.d.ts +3 -0
- package/dist/shared/constants/index.js +3 -1
- package/package.json +2 -2
- package/dist/public/build/css/main.136a49c7.css.map +0 -1
- package/dist/public/build/js/89.6ea87438.chunk.js +0 -2
- package/dist/public/build/js/89.6ea87438.chunk.js.map +0 -1
- package/dist/public/build/js/main.f91e3651.js +0 -3
- /package/dist/public/build/js/{main.f91e3651.js.LICENSE.txt → main.9d592639.js.LICENSE.txt} +0 -0
@@ -72,6 +72,44 @@ export interface YTCoreConfig {
|
|
72
72
|
* Enables YT-password authentication when defined
|
73
73
|
*/
|
74
74
|
ytAuthCluster?: string;
|
75
|
+
|
76
|
+
/**
|
77
|
+
* OpenID Connect configuration
|
78
|
+
*/
|
79
|
+
ytOAuthSettings?: {
|
80
|
+
/**
|
81
|
+
* URL of the OpenID connect server without the trailing slash
|
82
|
+
*/
|
83
|
+
baseURL: string;
|
84
|
+
/**
|
85
|
+
* Authorization endpoint
|
86
|
+
*/
|
87
|
+
authPath: string;
|
88
|
+
/**
|
89
|
+
* Authorization endpoint
|
90
|
+
*/
|
91
|
+
logoutPath: string;
|
92
|
+
/**
|
93
|
+
* Authorization endpoint
|
94
|
+
*/
|
95
|
+
tokenPath: string;
|
96
|
+
/**
|
97
|
+
* OpenID Client id
|
98
|
+
*/
|
99
|
+
clientId: string;
|
100
|
+
/**
|
101
|
+
* OpenID Client secret
|
102
|
+
*/
|
103
|
+
clientSecret: string;
|
104
|
+
/**
|
105
|
+
* OpenID Scope(Details https://auth0.com/docs/get-started/apis/scopes/openid-connect-scopes)
|
106
|
+
*/
|
107
|
+
scope: string;
|
108
|
+
/**
|
109
|
+
* Label on the Login via OpenID button
|
110
|
+
*/
|
111
|
+
buttonLabel?: string;
|
112
|
+
};
|
75
113
|
/**
|
76
114
|
* Modifies headers of /api/yt/login request:
|
77
115
|
* if enabled removes 'Secure'-option from 'Set-Cookie: YTCypressCookie=...; ...' response-header
|
@@ -1,8 +1,10 @@
|
|
1
1
|
"use strict";
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
3
3
|
exports.getLayoutConfig = void 0;
|
4
|
-
const utils_1 = require("../utils");
|
5
4
|
const table_column_preset_1 = require("../controllers/table-column-preset");
|
5
|
+
const utils_1 = require("../utils");
|
6
|
+
const authorization_1 = require("../utils/authorization");
|
7
|
+
const oauth_1 = require("./oauth");
|
6
8
|
async function getLayoutConfig(req, params) {
|
7
9
|
var _a;
|
8
10
|
const { login, ytConfig, settings } = params;
|
@@ -15,6 +17,7 @@ async function getLayoutConfig(req, params) {
|
|
15
17
|
version: uiVersion,
|
16
18
|
},
|
17
19
|
login,
|
20
|
+
authWay: (0, authorization_1.getAuthWay)(req),
|
18
21
|
};
|
19
22
|
const isProduction = (0, utils_1.isProductionEnv)();
|
20
23
|
const res = {
|
@@ -39,6 +42,8 @@ async function getLayoutConfig(req, params) {
|
|
39
42
|
uiSettings,
|
40
43
|
metrikaCounterId: (_a = metrikaCounter === null || metrikaCounter === void 0 ? void 0 : metrikaCounter[0]) === null || _a === void 0 ? void 0 : _a.id,
|
41
44
|
allowLoginDialog: Boolean(ytAuthCluster),
|
45
|
+
allowOAuth: (0, oauth_1.isOAuthAllowed)(req),
|
46
|
+
oauthButtonLabel: (0, oauth_1.isOAuthAllowed)(req) ? (0, oauth_1.getOAuthSettings)(req).buttonLabel : undefined,
|
42
47
|
allowUserColumnPresets: (0, table_column_preset_1.isUserColumnPresetsEnabled)(req),
|
43
48
|
odinPageEnabled: Boolean(odinBaseUrl),
|
44
49
|
},
|
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"names":["
|
1
|
+
{"version":3,"names":["_tableColumnPreset","require","_utils","_authorization","_oauth","_interopRequireDefault","obj","__esModule","default","getLayoutConfig","_x","_x2","_getLayoutConfig","apply","arguments","_asyncToGenerator","_regeneratorRuntime","mark","_callee","req","params","_metrikaCounter$","login","ytConfig","settings","_ref","ytApiUseCORS","uiSettings","metrikaCounter","ytAuthCluster","odinBaseUrl","YT","uiVersion","parameters","isProduction","res","wrap","_callee$","_context","prev","next","ctx","config","getInterfaceVersion","version","authWay","getAuthWay","isProductionEnv","bodyContent","root","title","lang","meta","name","content","inlineScripts","concat","JSON","stringify","data","metrikaCounterId","id","allowLoginDialog","Boolean","allowOAuth","isOAuthAllowed","oauthButtonLabel","getOAuthSettings","buttonLabel","undefined","allowUserColumnPresets","isUserColumnPresetsEnabled","odinPageEnabled","pluginsOptions","yandexMetrika","counter","layout","abrupt","stop"],"sources":["layout-config.ts"],"sourcesContent":["import type {Request} from 'express';\nimport {YTCoreConfig} from '../../@types/core';\nimport {ConfigData, YTConfig} from '../../shared/yt-types';\nimport {AppLayoutConfig} from '../render-layout';\nimport {isUserColumnPresetsEnabled} from '../controllers/table-column-preset';\nimport {getInterfaceVersion, isProductionEnv} from '../utils';\nimport {getAuthWay} from '../utils/authorization';\nimport {getOAuthSettings, isOAuthAllowed} from './oauth';\n\ninterface Params {\n login?: string;\n uid?: string;\n cluster: string | undefined;\n settings: ConfigData['settings'];\n ytConfig: Partial<YTConfig>;\n}\n\nexport async function getLayoutConfig(req: Request, params: Params): Promise<AppLayoutConfig> {\n const {login, ytConfig, settings} = params;\n const {ytApiUseCORS, uiSettings, metrikaCounter, ytAuthCluster, odinBaseUrl} = req.ctx\n .config as YTCoreConfig;\n const YT = ytConfig;\n const uiVersion = getInterfaceVersion();\n\n const parameters = {\n interface: {\n version: uiVersion,\n },\n login,\n authWay: getAuthWay(req),\n };\n\n const isProduction = isProductionEnv();\n\n const res: AppLayoutConfig = {\n bodyContent: {root: ''},\n title: 'YT',\n lang: 'en',\n meta: [\n {\n name: 'viewport',\n content: 'width=device-width, initial-scale=1.0',\n },\n ],\n inlineScripts: [\n `window.YT = Object.assign(window.YT || {}, ${JSON.stringify(YT)}, ${JSON.stringify({\n parameters,\n })});`,\n `window.YT.environment = window.YT.environment || (${isProduction} ? 'production' : 'development');`,\n ],\n data: {\n settings,\n ytApiUseCORS,\n uiSettings,\n metrikaCounterId: metrikaCounter?.[0]?.id,\n allowLoginDialog: Boolean(ytAuthCluster),\n allowOAuth: isOAuthAllowed(req),\n oauthButtonLabel: isOAuthAllowed(req) ? getOAuthSettings(req).buttonLabel : undefined,\n allowUserColumnPresets: isUserColumnPresetsEnabled(req),\n odinPageEnabled: Boolean(odinBaseUrl),\n },\n pluginsOptions: {\n yandexMetrika: {\n counter: metrikaCounter,\n },\n layout: {\n name: 'main',\n },\n },\n };\n return res;\n}\n"],"mappings":";;;;;;;;AAIA,IAAAA,kBAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,cAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAAwD,SAAAI,uBAAAC,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAUxD,SAAsBG,eAAeA,CAAAC,EAAA,EAAAC,GAAA;EAAA,OAAAC,gBAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAsDpC,SAAAF,iBAAA;EAAAA,gBAAA,OAAAG,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CAtDM,SAAAC,QAA+BC,GAAY,EAAEC,MAAc;IAAA,IAAAC,gBAAA;IAAA,IAAAC,KAAA,EAAAC,QAAA,EAAAC,QAAA,EAAAC,IAAA,EAAAC,YAAA,EAAAC,UAAA,EAAAC,cAAA,EAAAC,aAAA,EAAAC,WAAA,EAAAC,EAAA,EAAAC,SAAA,EAAAC,UAAA,EAAAC,YAAA,EAAAC,GAAA;IAAA,OAAAnB,oBAAA,CAAAoB,IAAA,UAAAC,SAAAC,QAAA;MAAA,kBAAAA,QAAA,CAAAC,IAAA,GAAAD,QAAA,CAAAE,IAAA;QAAA;UACvDlB,KAAK,GAAwBF,MAAM,CAAnCE,KAAK,EAAEC,QAAQ,GAAcH,MAAM,CAA5BG,QAAQ,EAAEC,QAAQ,GAAIJ,MAAM,CAAlBI,QAAQ;UAAAC,IAAA,GAC+CN,GAAG,CAACsB,GAAG,CACjFC,MAAM,EADJhB,YAAY,GAAAD,IAAA,CAAZC,YAAY,EAAEC,UAAU,GAAAF,IAAA,CAAVE,UAAU,EAAEC,cAAc,GAAAH,IAAA,CAAdG,cAAc,EAAEC,aAAa,GAAAJ,IAAA,CAAbI,aAAa,EAAEC,WAAW,GAAAL,IAAA,CAAXK,WAAW;UAErEC,EAAE,GAAGR,QAAQ;UACbS,SAAS,GAAG,IAAAW,0BAAmB,EAAC,CAAC;UAEjCV,UAAU,GAAG;YACf,aAAW;cACPW,OAAO,EAAEZ;YACb,CAAC;YACDV,KAAK,EAALA,KAAK;YACLuB,OAAO,EAAE,IAAAC,yBAAU,EAAC3B,GAAG;UAC3B,CAAC;UAEKe,YAAY,GAAG,IAAAa,sBAAe,EAAC,CAAC;UAEhCZ,GAAoB,GAAG;YACzBa,WAAW,EAAE;cAACC,IAAI,EAAE;YAAE,CAAC;YACvBC,KAAK,EAAE,IAAI;YACXC,IAAI,EAAE,IAAI;YACVC,IAAI,EAAE,CACF;cACIC,IAAI,EAAE,UAAU;cAChBC,OAAO,EAAE;YACb,CAAC,CACJ;YACDC,aAAa,EAAE,+CAAAC,MAAA,CACmCC,IAAI,CAACC,SAAS,CAAC3B,EAAE,CAAC,QAAAyB,MAAA,CAAKC,IAAI,CAACC,SAAS,CAAC;cAChFzB,UAAU,EAAVA;YACJ,CAAC,CAAC,8DAAAuB,MAAA,CACmDtB,YAAY,uCACpE;YACDyB,IAAI,EAAE;cACFnC,QAAQ,EAARA,QAAQ;cACRE,YAAY,EAAZA,YAAY;cACZC,UAAU,EAAVA,UAAU;cACViC,gBAAgB,EAAEhC,cAAc,aAAdA,cAAc,gBAAAP,gBAAA,GAAdO,cAAc,CAAG,CAAC,CAAC,cAAAP,gBAAA,uBAAnBA,gBAAA,CAAqBwC,EAAE;cACzCC,gBAAgB,EAAEC,OAAO,CAAClC,aAAa,CAAC;cACxCmC,UAAU,EAAE,IAAAC,qBAAc,EAAC9C,GAAG,CAAC;cAC/B+C,gBAAgB,EAAE,IAAAD,qBAAc,EAAC9C,GAAG,CAAC,GAAG,IAAAgD,uBAAgB,EAAChD,GAAG,CAAC,CAACiD,WAAW,GAAGC,SAAS;cACrFC,sBAAsB,EAAE,IAAAC,6CAA0B,EAACpD,GAAG,CAAC;cACvDqD,eAAe,EAAET,OAAO,CAACjC,WAAW;YACxC,CAAC;YACD2C,cAAc,EAAE;cACZC,aAAa,EAAE;gBACXC,OAAO,EAAE/C;cACb,CAAC;cACDgD,MAAM,EAAE;gBACJvB,IAAI,EAAE;cACV;YACJ;UACJ,CAAC;UAAA,OAAAf,QAAA,CAAAuC,MAAA,WACM1C,GAAG;QAAA;QAAA;UAAA,OAAAG,QAAA,CAAAwC,IAAA;MAAA;IAAA,GAAA5D,OAAA;EAAA,CACb;EAAA,OAAAN,gBAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA"}
|
@@ -0,0 +1,26 @@
|
|
1
|
+
import type { Request, Response } from 'express';
|
2
|
+
export declare function isOAuthAllowed(req: Request): boolean;
|
3
|
+
export declare function getOAuthSettings(req: Request): {
|
4
|
+
baseURL: string;
|
5
|
+
authPath: string;
|
6
|
+
logoutPath: string;
|
7
|
+
tokenPath: string;
|
8
|
+
clientId: string;
|
9
|
+
clientSecret: string;
|
10
|
+
scope: string;
|
11
|
+
buttonLabel?: string | undefined;
|
12
|
+
};
|
13
|
+
export type OAuthAuthorizationTokens = {
|
14
|
+
access_token: string;
|
15
|
+
expires_in: number;
|
16
|
+
refresh_token: string;
|
17
|
+
refresh_expires_in: number;
|
18
|
+
};
|
19
|
+
export declare function isUserOAuthLogged(req: Request): boolean;
|
20
|
+
export declare function getOAuthAccessToken(req: Request, res: Response): Promise<any>;
|
21
|
+
export declare function removeOAuthCookies(res: Response): void;
|
22
|
+
export declare function saveOAuthTokensInCookies(res: Response, tokens: OAuthAuthorizationTokens): void;
|
23
|
+
export declare function getOAuthLoginPath(req: Request): string;
|
24
|
+
export declare function getOAuthLogoutPath(req: Request): string;
|
25
|
+
export declare function refreshOAuthToken(req: Request, token: string): Promise<OAuthAuthorizationTokens>;
|
26
|
+
export declare function exchangeOAuthToken(req: Request, code: string): Promise<OAuthAuthorizationTokens>;
|
@@ -0,0 +1,123 @@
|
|
1
|
+
"use strict";
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
4
|
+
};
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
6
|
+
exports.exchangeOAuthToken = exports.refreshOAuthToken = exports.getOAuthLogoutPath = exports.getOAuthLoginPath = exports.saveOAuthTokensInCookies = exports.removeOAuthCookies = exports.getOAuthAccessToken = exports.isUserOAuthLogged = exports.getOAuthSettings = exports.isOAuthAllowed = void 0;
|
7
|
+
const axios_1 = __importDefault(require("axios"));
|
8
|
+
const constants_1 = require("../../shared/constants");
|
9
|
+
function isOAuthAllowed(req) {
|
10
|
+
const config = req.ctx.config.ytOAuthSettings;
|
11
|
+
return Boolean(config &&
|
12
|
+
config.baseURL &&
|
13
|
+
config.authPath &&
|
14
|
+
config.tokenPath &&
|
15
|
+
config.clientId &&
|
16
|
+
config.clientSecret);
|
17
|
+
}
|
18
|
+
exports.isOAuthAllowed = isOAuthAllowed;
|
19
|
+
function getOAuthSettings(req) {
|
20
|
+
const config = req.ctx.config.ytOAuthSettings;
|
21
|
+
if (!config) {
|
22
|
+
throw new Error('OAuth settings is not specified');
|
23
|
+
}
|
24
|
+
return config;
|
25
|
+
}
|
26
|
+
exports.getOAuthSettings = getOAuthSettings;
|
27
|
+
function isUserOAuthLogged(req) {
|
28
|
+
return (Boolean(req.cookies[constants_1.YT_OAUTH_ACCESS_TOKEN_NAME]) ||
|
29
|
+
Boolean(req.cookies[constants_1.YT_OAUTH_REFRESH_TOKEN_NAME]));
|
30
|
+
}
|
31
|
+
exports.isUserOAuthLogged = isUserOAuthLogged;
|
32
|
+
async function getOAuthAccessToken(req, res) {
|
33
|
+
if (req.cookies[constants_1.YT_OAUTH_ACCESS_TOKEN_NAME]) {
|
34
|
+
return req.cookies[constants_1.YT_OAUTH_ACCESS_TOKEN_NAME];
|
35
|
+
}
|
36
|
+
else if (req.cookies[constants_1.YT_OAUTH_REFRESH_TOKEN_NAME]) {
|
37
|
+
const tokens = await refreshOAuthToken(req, req.cookies[constants_1.YT_OAUTH_REFRESH_TOKEN_NAME]);
|
38
|
+
saveOAuthTokensInCookies(res, tokens);
|
39
|
+
return tokens.access_token;
|
40
|
+
}
|
41
|
+
return undefined;
|
42
|
+
}
|
43
|
+
exports.getOAuthAccessToken = getOAuthAccessToken;
|
44
|
+
function removeOAuthCookies(res) {
|
45
|
+
res.clearCookie(constants_1.YT_OAUTH_ACCESS_TOKEN_NAME);
|
46
|
+
res.clearCookie(constants_1.YT_OAUTH_REFRESH_TOKEN_NAME);
|
47
|
+
}
|
48
|
+
exports.removeOAuthCookies = removeOAuthCookies;
|
49
|
+
function saveOAuthTokensInCookies(res, tokens) {
|
50
|
+
res.cookie(constants_1.YT_OAUTH_ACCESS_TOKEN_NAME, tokens.access_token, {
|
51
|
+
maxAge: tokens.expires_in * 1000,
|
52
|
+
httpOnly: true,
|
53
|
+
secure: true,
|
54
|
+
});
|
55
|
+
if (tokens.refresh_token) {
|
56
|
+
res.cookie(constants_1.YT_OAUTH_REFRESH_TOKEN_NAME, tokens.refresh_token, {
|
57
|
+
maxAge: tokens.refresh_expires_in,
|
58
|
+
httpOnly: true,
|
59
|
+
secure: true,
|
60
|
+
});
|
61
|
+
}
|
62
|
+
}
|
63
|
+
exports.saveOAuthTokensInCookies = saveOAuthTokensInCookies;
|
64
|
+
function getOAuthLoginPath(req) {
|
65
|
+
const config = getOAuthSettings(req);
|
66
|
+
const host = req.get('host');
|
67
|
+
const params = new URLSearchParams({
|
68
|
+
response_type: 'code',
|
69
|
+
client_id: config.clientId,
|
70
|
+
scope: config.scope,
|
71
|
+
redirect_uri: `https://${host}/api/oauth/callback`,
|
72
|
+
});
|
73
|
+
const url = new URL(config.authPath, config.baseURL);
|
74
|
+
url.search = params.toString();
|
75
|
+
return url.toString();
|
76
|
+
}
|
77
|
+
exports.getOAuthLoginPath = getOAuthLoginPath;
|
78
|
+
function getOAuthLogoutPath(req) {
|
79
|
+
const config = getOAuthSettings(req);
|
80
|
+
const host = req.get('host');
|
81
|
+
const params = new URLSearchParams({
|
82
|
+
post_logout_redirect_uri: `https://${host}/api/oauth/logout/callback`,
|
83
|
+
client_id: config.clientId,
|
84
|
+
});
|
85
|
+
const url = new URL(config.logoutPath, config.baseURL);
|
86
|
+
url.search = params.toString();
|
87
|
+
return url.toString();
|
88
|
+
}
|
89
|
+
exports.getOAuthLogoutPath = getOAuthLogoutPath;
|
90
|
+
async function refreshOAuthToken(req, token) {
|
91
|
+
const config = getOAuthSettings(req);
|
92
|
+
const params = new URLSearchParams({
|
93
|
+
grant_type: 'refresh_token',
|
94
|
+
client_id: config === null || config === void 0 ? void 0 : config.clientId,
|
95
|
+
refresh_token: token,
|
96
|
+
client_secret: config === null || config === void 0 ? void 0 : config.clientSecret,
|
97
|
+
});
|
98
|
+
const { data } = await axios_1.default.post(new URL(config.tokenPath, config.baseURL).toString(), params.toString(), {
|
99
|
+
headers: {
|
100
|
+
'Content-type': 'application/x-www-form-urlencoded',
|
101
|
+
},
|
102
|
+
});
|
103
|
+
return data;
|
104
|
+
}
|
105
|
+
exports.refreshOAuthToken = refreshOAuthToken;
|
106
|
+
async function exchangeOAuthToken(req, code) {
|
107
|
+
const config = getOAuthSettings(req);
|
108
|
+
const host = req.get('host');
|
109
|
+
const params = new URLSearchParams({
|
110
|
+
grant_type: 'authorization_code',
|
111
|
+
client_id: config.clientId,
|
112
|
+
code: code,
|
113
|
+
client_secret: config.clientSecret,
|
114
|
+
redirect_uri: `https://${host}/api/oauth/callback`,
|
115
|
+
});
|
116
|
+
const { data } = await axios_1.default.post(new URL(config.tokenPath, config.baseURL).toString(), params.toString(), {
|
117
|
+
headers: {
|
118
|
+
'Content-type': 'application/x-www-form-urlencoded',
|
119
|
+
},
|
120
|
+
});
|
121
|
+
return data;
|
122
|
+
}
|
123
|
+
exports.exchangeOAuthToken = exchangeOAuthToken;
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"names":["_axios","_interopRequireDefault","require","_constants","obj","__esModule","default","isOAuthAllowed","req","config","ctx","ytOAuthSettings","Boolean","baseURL","authPath","tokenPath","clientId","clientSecret","getOAuthSettings","Error","isUserOAuthLogged","cookies","YT_OAUTH_ACCESS_TOKEN_NAME","YT_OAUTH_REFRESH_TOKEN_NAME","getOAuthAccessToken","_x","_x2","_getOAuthAccessToken","apply","arguments","_asyncToGenerator","_regeneratorRuntime","mark","_callee","res","tokens","wrap","_callee$","_context","prev","next","abrupt","refreshOAuthToken","sent","saveOAuthTokensInCookies","access_token","undefined","stop","removeOAuthCookies","clearCookie","cookie","maxAge","expires_in","httpOnly","secure","refresh_token","refresh_expires_in","getOAuthLoginPath","host","get","params","URLSearchParams","response_type","client_id","scope","redirect_uri","concat","url","URL","search","toString","getOAuthLogoutPath","post_logout_redirect_uri","logoutPath","_x3","_x4","_refreshOAuthToken","_callee2","token","_yield$axios$post","data","_callee2$","_context2","grant_type","client_secret","axios","post","headers","exchangeOAuthToken","_x5","_x6","_exchangeOAuthToken","_callee3","code","_yield$axios$post2","_callee3$","_context3"],"sources":["oauth.ts"],"sourcesContent":["import axios from 'axios';\nimport type {Request, Response} from 'express';\nimport {YT_OAUTH_ACCESS_TOKEN_NAME, YT_OAUTH_REFRESH_TOKEN_NAME} from '../../shared/constants';\n\nexport function isOAuthAllowed(req: Request) {\n const config = req.ctx.config.ytOAuthSettings;\n return Boolean(\n config &&\n config.baseURL &&\n config.authPath &&\n config.tokenPath &&\n config.clientId &&\n config.clientSecret,\n );\n}\n\nexport function getOAuthSettings(req: Request) {\n const config = req.ctx.config.ytOAuthSettings;\n if (!config) {\n throw new Error('OAuth settings is not specified');\n }\n return config;\n}\n\n// See https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.3.3\nexport type OAuthAuthorizationTokens = {\n access_token: string;\n expires_in: number;\n refresh_token: string;\n refresh_expires_in: number;\n};\n\nexport function isUserOAuthLogged(req: Request) {\n return (\n Boolean(req.cookies[YT_OAUTH_ACCESS_TOKEN_NAME]) ||\n Boolean(req.cookies[YT_OAUTH_REFRESH_TOKEN_NAME])\n );\n}\n\nexport async function getOAuthAccessToken(req: Request, res: Response) {\n if (req.cookies[YT_OAUTH_ACCESS_TOKEN_NAME]) {\n return req.cookies[YT_OAUTH_ACCESS_TOKEN_NAME];\n } else if (req.cookies[YT_OAUTH_REFRESH_TOKEN_NAME]) {\n const tokens = await refreshOAuthToken(\n req,\n req.cookies[YT_OAUTH_REFRESH_TOKEN_NAME] as string,\n );\n saveOAuthTokensInCookies(res, tokens);\n return tokens.access_token;\n }\n return undefined;\n}\n\nexport function removeOAuthCookies(res: Response) {\n res.clearCookie(YT_OAUTH_ACCESS_TOKEN_NAME);\n res.clearCookie(YT_OAUTH_REFRESH_TOKEN_NAME);\n}\n\nexport function saveOAuthTokensInCookies(res: Response, tokens: OAuthAuthorizationTokens) {\n res.cookie(YT_OAUTH_ACCESS_TOKEN_NAME, tokens.access_token, {\n maxAge: tokens.expires_in * 1000,\n httpOnly: true,\n secure: true,\n });\n\n if (tokens.refresh_token) {\n res.cookie(YT_OAUTH_REFRESH_TOKEN_NAME, tokens.refresh_token, {\n maxAge: tokens.refresh_expires_in,\n httpOnly: true,\n secure: true,\n });\n }\n}\n\nexport function getOAuthLoginPath(req: Request) {\n const config = getOAuthSettings(req);\n const host = req.get('host');\n const params = new URLSearchParams({\n response_type: 'code',\n client_id: config.clientId,\n scope: config.scope,\n redirect_uri: `https://${host}/api/oauth/callback`,\n });\n\n const url = new URL(config.authPath, config.baseURL);\n url.search = params.toString();\n\n return url.toString();\n}\n\nexport function getOAuthLogoutPath(req: Request) {\n const config = getOAuthSettings(req);\n const host = req.get('host');\n const params = new URLSearchParams({\n post_logout_redirect_uri: `https://${host}/api/oauth/logout/callback`,\n client_id: config.clientId,\n });\n\n const url = new URL(config.logoutPath, config.baseURL);\n url.search = params.toString();\n\n return url.toString();\n}\n\nexport async function refreshOAuthToken(\n req: Request,\n token: string,\n): Promise<OAuthAuthorizationTokens> {\n const config = getOAuthSettings(req);\n const params = new URLSearchParams({\n grant_type: 'refresh_token',\n client_id: config?.clientId,\n refresh_token: token,\n client_secret: config?.clientSecret,\n });\n const {data} = await axios.post(\n new URL(config.tokenPath, config.baseURL).toString(),\n params.toString(),\n {\n headers: {\n 'Content-type': 'application/x-www-form-urlencoded',\n },\n },\n );\n return data;\n}\n\nexport async function exchangeOAuthToken(\n req: Request,\n code: string,\n): Promise<OAuthAuthorizationTokens> {\n const config = getOAuthSettings(req);\n const host = req.get('host');\n const params = new URLSearchParams({\n grant_type: 'authorization_code',\n client_id: config.clientId,\n code: code as string,\n client_secret: config.clientSecret,\n redirect_uri: `https://${host}/api/oauth/callback`,\n });\n\n const {data} = await axios.post(\n new URL(config.tokenPath, config.baseURL).toString(),\n params.toString(),\n {\n headers: {\n 'Content-type': 'application/x-www-form-urlencoded',\n },\n },\n );\n return data;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;AAAA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AAEA,IAAAC,UAAA,GAAAD,OAAA;AAA8F,SAAAD,uBAAAG,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAEvF,SAASG,cAAcA,CAACC,GAAY,EAAE;EACzC,IAAMC,MAAM,GAAGD,GAAG,CAACE,GAAG,CAACD,MAAM,CAACE,eAAe;EAC7C,OAAOC,OAAO,CACVH,MAAM,IACFA,MAAM,CAACI,OAAO,IACdJ,MAAM,CAACK,QAAQ,IACfL,MAAM,CAACM,SAAS,IAChBN,MAAM,CAACO,QAAQ,IACfP,MAAM,CAACQ,YACf,CAAC;AACL;AAEO,SAASC,gBAAgBA,CAACV,GAAY,EAAE;EAC3C,IAAMC,MAAM,GAAGD,GAAG,CAACE,GAAG,CAACD,MAAM,CAACE,eAAe;EAC7C,IAAI,CAACF,MAAM,EAAE;IACT,MAAM,IAAIU,KAAK,CAAC,iCAAiC,CAAC;EACtD;EACA,OAAOV,MAAM;AACjB;;AAEA;;AAQO,SAASW,iBAAiBA,CAACZ,GAAY,EAAE;EAC5C,OACII,OAAO,CAACJ,GAAG,CAACa,OAAO,CAACC,qCAA0B,CAAC,CAAC,IAChDV,OAAO,CAACJ,GAAG,CAACa,OAAO,CAACE,sCAA2B,CAAC,CAAC;AAEzD;AAEA,SAAsBC,mBAAmBA,CAAAC,EAAA,EAAAC,GAAA;EAAA,OAAAC,oBAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAYxC,SAAAF,qBAAA;EAAAA,oBAAA,OAAAG,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CAZM,SAAAC,QAAmCzB,GAAY,EAAE0B,GAAa;IAAA,IAAAC,MAAA;IAAA,OAAAJ,oBAAA,CAAAK,IAAA,UAAAC,SAAAC,QAAA;MAAA,kBAAAA,QAAA,CAAAC,IAAA,GAAAD,QAAA,CAAAE,IAAA;QAAA;UAAA,KAC7DhC,GAAG,CAACa,OAAO,CAACC,qCAA0B,CAAC;YAAAgB,QAAA,CAAAE,IAAA;YAAA;UAAA;UAAA,OAAAF,QAAA,CAAAG,MAAA,WAChCjC,GAAG,CAACa,OAAO,CAACC,qCAA0B,CAAC;QAAA;UAAA,KACvCd,GAAG,CAACa,OAAO,CAACE,sCAA2B,CAAC;YAAAe,QAAA,CAAAE,IAAA;YAAA;UAAA;UAAAF,QAAA,CAAAE,IAAA;UAAA,OAC1BE,iBAAiB,CAClClC,GAAG,EACHA,GAAG,CAACa,OAAO,CAACE,sCAA2B,CAC3C,CAAC;QAAA;UAHKY,MAAM,GAAAG,QAAA,CAAAK,IAAA;UAIZC,wBAAwB,CAACV,GAAG,EAAEC,MAAM,CAAC;UAAC,OAAAG,QAAA,CAAAG,MAAA,WAC/BN,MAAM,CAACU,YAAY;QAAA;UAAA,OAAAP,QAAA,CAAAG,MAAA,WAEvBK,SAAS;QAAA;QAAA;UAAA,OAAAR,QAAA,CAAAS,IAAA;MAAA;IAAA,GAAAd,OAAA;EAAA,CACnB;EAAA,OAAAN,oBAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAEM,SAASmB,kBAAkBA,CAACd,GAAa,EAAE;EAC9CA,GAAG,CAACe,WAAW,CAAC3B,qCAA0B,CAAC;EAC3CY,GAAG,CAACe,WAAW,CAAC1B,sCAA2B,CAAC;AAChD;AAEO,SAASqB,wBAAwBA,CAACV,GAAa,EAAEC,MAAgC,EAAE;EACtFD,GAAG,CAACgB,MAAM,CAAC5B,qCAA0B,EAAEa,MAAM,CAACU,YAAY,EAAE;IACxDM,MAAM,EAAEhB,MAAM,CAACiB,UAAU,GAAG,IAAI;IAChCC,QAAQ,EAAE,IAAI;IACdC,MAAM,EAAE;EACZ,CAAC,CAAC;EAEF,IAAInB,MAAM,CAACoB,aAAa,EAAE;IACtBrB,GAAG,CAACgB,MAAM,CAAC3B,sCAA2B,EAAEY,MAAM,CAACoB,aAAa,EAAE;MAC1DJ,MAAM,EAAEhB,MAAM,CAACqB,kBAAkB;MACjCH,QAAQ,EAAE,IAAI;MACdC,MAAM,EAAE;IACZ,CAAC,CAAC;EACN;AACJ;AAEO,SAASG,iBAAiBA,CAACjD,GAAY,EAAE;EAC5C,IAAMC,MAAM,GAAGS,gBAAgB,CAACV,GAAG,CAAC;EACpC,IAAMkD,IAAI,GAAGlD,GAAG,CAACmD,GAAG,CAAC,MAAM,CAAC;EAC5B,IAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IAC/BC,aAAa,EAAE,MAAM;IACrBC,SAAS,EAAEtD,MAAM,CAACO,QAAQ;IAC1BgD,KAAK,EAAEvD,MAAM,CAACuD,KAAK;IACnBC,YAAY,aAAAC,MAAA,CAAaR,IAAI;EACjC,CAAC,CAAC;EAEF,IAAMS,GAAG,GAAG,IAAIC,GAAG,CAAC3D,MAAM,CAACK,QAAQ,EAAEL,MAAM,CAACI,OAAO,CAAC;EACpDsD,GAAG,CAACE,MAAM,GAAGT,MAAM,CAACU,QAAQ,CAAC,CAAC;EAE9B,OAAOH,GAAG,CAACG,QAAQ,CAAC,CAAC;AACzB;AAEO,SAASC,kBAAkBA,CAAC/D,GAAY,EAAE;EAC7C,IAAMC,MAAM,GAAGS,gBAAgB,CAACV,GAAG,CAAC;EACpC,IAAMkD,IAAI,GAAGlD,GAAG,CAACmD,GAAG,CAAC,MAAM,CAAC;EAC5B,IAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IAC/BW,wBAAwB,aAAAN,MAAA,CAAaR,IAAI,+BAA4B;IACrEK,SAAS,EAAEtD,MAAM,CAACO;EACtB,CAAC,CAAC;EAEF,IAAMmD,GAAG,GAAG,IAAIC,GAAG,CAAC3D,MAAM,CAACgE,UAAU,EAAEhE,MAAM,CAACI,OAAO,CAAC;EACtDsD,GAAG,CAACE,MAAM,GAAGT,MAAM,CAACU,QAAQ,CAAC,CAAC;EAE9B,OAAOH,GAAG,CAACG,QAAQ,CAAC,CAAC;AACzB;AAEA,SAAsB5B,iBAAiBA,CAAAgC,GAAA,EAAAC,GAAA;EAAA,OAAAC,kBAAA,CAAAhD,KAAA,OAAAC,SAAA;AAAA;AAqBtC,SAAA+C,mBAAA;EAAAA,kBAAA,OAAA9C,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CArBM,SAAA6C,SACHrE,GAAY,EACZsE,KAAa;IAAA,IAAArE,MAAA,EAAAmD,MAAA,EAAAmB,iBAAA,EAAAC,IAAA;IAAA,OAAAjD,oBAAA,CAAAK,IAAA,UAAA6C,UAAAC,SAAA;MAAA,kBAAAA,SAAA,CAAA3C,IAAA,GAAA2C,SAAA,CAAA1C,IAAA;QAAA;UAEP/B,MAAM,GAAGS,gBAAgB,CAACV,GAAG,CAAC;UAC9BoD,MAAM,GAAG,IAAIC,eAAe,CAAC;YAC/BsB,UAAU,EAAE,eAAe;YAC3BpB,SAAS,EAAEtD,MAAM,aAANA,MAAM,uBAANA,MAAM,CAAEO,QAAQ;YAC3BuC,aAAa,EAAEuB,KAAK;YACpBM,aAAa,EAAE3E,MAAM,aAANA,MAAM,uBAANA,MAAM,CAAEQ;UAC3B,CAAC,CAAC;UAAAiE,SAAA,CAAA1C,IAAA;UAAA,OACmB6C,cAAK,CAACC,IAAI,CAC3B,IAAIlB,GAAG,CAAC3D,MAAM,CAACM,SAAS,EAAEN,MAAM,CAACI,OAAO,CAAC,CAACyD,QAAQ,CAAC,CAAC,EACpDV,MAAM,CAACU,QAAQ,CAAC,CAAC,EACjB;YACIiB,OAAO,EAAE;cACL,cAAc,EAAE;YACpB;UACJ,CACJ,CAAC;QAAA;UAAAR,iBAAA,GAAAG,SAAA,CAAAvC,IAAA;UARMqC,IAAI,GAAAD,iBAAA,CAAJC,IAAI;UAAA,OAAAE,SAAA,CAAAzC,MAAA,WASJuC,IAAI;QAAA;QAAA;UAAA,OAAAE,SAAA,CAAAnC,IAAA;MAAA;IAAA,GAAA8B,QAAA;EAAA,CACd;EAAA,OAAAD,kBAAA,CAAAhD,KAAA,OAAAC,SAAA;AAAA;AAED,SAAsB2D,kBAAkBA,CAAAC,GAAA,EAAAC,GAAA;EAAA,OAAAC,mBAAA,CAAA/D,KAAA,OAAAC,SAAA;AAAA;AAwBvC,SAAA8D,oBAAA;EAAAA,mBAAA,OAAA7D,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CAxBM,SAAA4D,SACHpF,GAAY,EACZqF,IAAY;IAAA,IAAApF,MAAA,EAAAiD,IAAA,EAAAE,MAAA,EAAAkC,kBAAA,EAAAd,IAAA;IAAA,OAAAjD,oBAAA,CAAAK,IAAA,UAAA2D,UAAAC,SAAA;MAAA,kBAAAA,SAAA,CAAAzD,IAAA,GAAAyD,SAAA,CAAAxD,IAAA;QAAA;UAEN/B,MAAM,GAAGS,gBAAgB,CAACV,GAAG,CAAC;UAC9BkD,IAAI,GAAGlD,GAAG,CAACmD,GAAG,CAAC,MAAM,CAAC;UACtBC,MAAM,GAAG,IAAIC,eAAe,CAAC;YAC/BsB,UAAU,EAAE,oBAAoB;YAChCpB,SAAS,EAAEtD,MAAM,CAACO,QAAQ;YAC1B6E,IAAI,EAAEA,IAAc;YACpBT,aAAa,EAAE3E,MAAM,CAACQ,YAAY;YAClCgD,YAAY,aAAAC,MAAA,CAAaR,IAAI;UACjC,CAAC,CAAC;UAAAsC,SAAA,CAAAxD,IAAA;UAAA,OAEmB6C,cAAK,CAACC,IAAI,CAC3B,IAAIlB,GAAG,CAAC3D,MAAM,CAACM,SAAS,EAAEN,MAAM,CAACI,OAAO,CAAC,CAACyD,QAAQ,CAAC,CAAC,EACpDV,MAAM,CAACU,QAAQ,CAAC,CAAC,EACjB;YACIiB,OAAO,EAAE;cACL,cAAc,EAAE;YACpB;UACJ,CACJ,CAAC;QAAA;UAAAO,kBAAA,GAAAE,SAAA,CAAArD,IAAA;UARMqC,IAAI,GAAAc,kBAAA,CAAJd,IAAI;UAAA,OAAAgB,SAAA,CAAAvD,MAAA,WASJuC,IAAI;QAAA;QAAA;UAAA,OAAAgB,SAAA,CAAAjD,IAAA;MAAA;IAAA,GAAA6C,QAAA;EAAA,CACd;EAAA,OAAAD,mBAAA,CAAA/D,KAAA,OAAAC,SAAA;AAAA"}
|
@@ -0,0 +1,6 @@
|
|
1
|
+
import { AppConfig } from '@gravity-ui/nodekit';
|
2
|
+
import type { Response } from 'express';
|
3
|
+
export declare function isYtAuthEnabled(config: AppConfig): boolean;
|
4
|
+
export declare function assertAuthEnabled(ytAuthCluster?: string): asserts ytAuthCluster is string;
|
5
|
+
export declare function getAuthCluster(config: AppConfig): string;
|
6
|
+
export declare function YTAuthLogout(res: Response): void;
|
@@ -0,0 +1,23 @@
|
|
1
|
+
"use strict";
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
3
|
+
exports.YTAuthLogout = exports.getAuthCluster = exports.assertAuthEnabled = exports.isYtAuthEnabled = void 0;
|
4
|
+
const constants_1 = require("../../shared/constants");
|
5
|
+
function isYtAuthEnabled(config) {
|
6
|
+
return Boolean(config.ytAuthCluster);
|
7
|
+
}
|
8
|
+
exports.isYtAuthEnabled = isYtAuthEnabled;
|
9
|
+
function assertAuthEnabled(ytAuthCluster) {
|
10
|
+
if (!ytAuthCluster) {
|
11
|
+
throw new Error('Cluster for password authentication is disabled. You have to define ytAuthCluster to use it.');
|
12
|
+
}
|
13
|
+
}
|
14
|
+
exports.assertAuthEnabled = assertAuthEnabled;
|
15
|
+
function getAuthCluster(config) {
|
16
|
+
assertAuthEnabled(config.ytAuthCluster);
|
17
|
+
return config.ytAuthCluster;
|
18
|
+
}
|
19
|
+
exports.getAuthCluster = getAuthCluster;
|
20
|
+
function YTAuthLogout(res) {
|
21
|
+
res.setHeader('set-cookie', `${constants_1.YT_CYPRESS_COOKIE_NAME}=deleted; Path=/; Max-Age=0;`);
|
22
|
+
}
|
23
|
+
exports.YTAuthLogout = YTAuthLogout;
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"names":["_constants","require","isYtAuthEnabled","config","Boolean","ytAuthCluster","assertAuthEnabled","Error","getAuthCluster","YTAuthLogout","res","setHeader","concat","YT_CYPRESS_COOKIE_NAME"],"sources":["yt-auth.ts"],"sourcesContent":["import {AppConfig} from '@gravity-ui/nodekit';\nimport type {Response} from 'express';\nimport {YT_CYPRESS_COOKIE_NAME} from '../../shared/constants';\n\nexport function isYtAuthEnabled(config: AppConfig) {\n return Boolean(config.ytAuthCluster);\n}\n\nexport function assertAuthEnabled(ytAuthCluster?: string): asserts ytAuthCluster is string {\n if (!ytAuthCluster) {\n throw new Error(\n 'Cluster for password authentication is disabled. You have to define ytAuthCluster to use it.',\n );\n }\n}\n\nexport function getAuthCluster(config: AppConfig) {\n assertAuthEnabled(config.ytAuthCluster);\n return config.ytAuthCluster;\n}\n\nexport function YTAuthLogout(res: Response) {\n res.setHeader('set-cookie', `${YT_CYPRESS_COOKIE_NAME}=deleted; Path=/; Max-Age=0;`);\n}\n"],"mappings":";;;;;;;;;AAEA,IAAAA,UAAA,GAAAC,OAAA;AAEO,SAASC,eAAeA,CAACC,MAAiB,EAAE;EAC/C,OAAOC,OAAO,CAACD,MAAM,CAACE,aAAa,CAAC;AACxC;AAEO,SAASC,iBAAiBA,CAACD,aAAsB,EAAmC;EACvF,IAAI,CAACA,aAAa,EAAE;IAChB,MAAM,IAAIE,KAAK,CACX,8FACJ,CAAC;EACL;AACJ;AAEO,SAASC,cAAcA,CAACL,MAAiB,EAAE;EAC9CG,iBAAiB,CAACH,MAAM,CAACE,aAAa,CAAC;EACvC,OAAOF,MAAM,CAACE,aAAa;AAC/B;AAEO,SAASI,YAAYA,CAACC,GAAa,EAAE;EACxCA,GAAG,CAACC,SAAS,CAAC,YAAY,KAAAC,MAAA,CAAKC,iCAAsB,iCAA8B,CAAC;AACxF"}
|
@@ -1,4 +1,3 @@
|
|
1
1
|
import type { Request, Response } from 'express';
|
2
2
|
export declare function handleLogin(req: Request, res: Response): Promise<void>;
|
3
|
-
export declare function handleLogout(req: Request, res: Response): Promise<void>;
|
4
3
|
export declare function handleChangePassword(req: Request, res: Response): Promise<void>;
|
@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
4
4
|
};
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
6
|
-
exports.handleChangePassword = exports.
|
6
|
+
exports.handleChangePassword = exports.handleLogin = void 0;
|
7
7
|
const axios_1 = __importDefault(require("axios"));
|
8
8
|
const lodash_1 = __importDefault(require("lodash"));
|
9
9
|
const constants_1 = require("../../shared/constants");
|
@@ -13,16 +13,11 @@ const crypto_1 = __importDefault(require("crypto"));
|
|
13
13
|
// @ts-ignore
|
14
14
|
const javascript_wrapper_1 = __importDefault(require("@ytsaurus/javascript-wrapper"));
|
15
15
|
const cluster_queries_1 = require("../components/cluster-queries");
|
16
|
+
const yt_auth_1 = require("../components/yt-auth");
|
16
17
|
const yt = (0, javascript_wrapper_1.default)();
|
17
|
-
function throwAuthDisabled() {
|
18
|
-
throw new Error('Cluster for password authentication is disabled. You have to define ytAuthCluster to use it.');
|
19
|
-
}
|
20
18
|
async function handleLogin(req, res) {
|
21
19
|
try {
|
22
|
-
const
|
23
|
-
if (!ytAuthCluster) {
|
24
|
-
return throwAuthDisabled();
|
25
|
-
}
|
20
|
+
const ytAuthCluster = (0, yt_auth_1.getAuthCluster)(req.ctx.config);
|
26
21
|
const { username, password } = JSON.parse(req.body) || {};
|
27
22
|
if (!username || !password) {
|
28
23
|
throw new Error('Username and password must not be empty');
|
@@ -72,26 +67,9 @@ function removeSecureFlagIfOriginInsecure(req, headers) {
|
|
72
67
|
return acc;
|
73
68
|
}, {});
|
74
69
|
}
|
75
|
-
async function handleLogout(req, res) {
|
76
|
-
try {
|
77
|
-
const { ytAuthCluster } = req.ctx.config;
|
78
|
-
if (!ytAuthCluster) {
|
79
|
-
return throwAuthDisabled();
|
80
|
-
}
|
81
|
-
res.setHeader('set-cookie', `${constants_1.YT_CYPRESS_COOKIE_NAME}=deleted; Path=/; Max-Age=0;`);
|
82
|
-
res.status(401).send('Logout');
|
83
|
-
}
|
84
|
-
catch (e) {
|
85
|
-
(0, utils_1.sendAndLogError)(req.ctx, res, 500, e);
|
86
|
-
}
|
87
|
-
}
|
88
|
-
exports.handleLogout = handleLogout;
|
89
70
|
async function handleChangePassword(req, res) {
|
90
71
|
try {
|
91
|
-
const
|
92
|
-
if (!ytAuthCluster) {
|
93
|
-
return throwAuthDisabled();
|
94
|
-
}
|
72
|
+
const ytAuthCluster = (0, yt_auth_1.getAuthCluster)(req.ctx.config);
|
95
73
|
const { newPassword, currentPassword } = JSON.parse(req.body) || {};
|
96
74
|
if (!newPassword || !currentPassword) {
|
97
75
|
throw new Error('New and current password must not be empty');
|
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"names":["_axios","_interopRequireDefault","require","_constants","_requestsSetup","_utils","_crypto","_javascriptWrapper","_clusterQueries","obj","__esModule","default","yt","ytLib","throwAuthDisabled","Error","handleLogin","_x","_x2","_handleLogin","apply","arguments","_asyncToGenerator","_regeneratorRuntime","mark","_callee2","req","res","ytAuthCluster","_ref","username","password","_getYTApiClusterSetup","proxyBaseUrl","requestUrl","basicAuth","wrap","_callee2$","_context2","prev","next","ctx","config","abrupt","JSON","parse","body","getYTApiClusterSetup","concat","Buffer","from","toString","axios","request","url","method","headers","_objectSpread","getMetadata","Authorization","timeout","responseType","then","_ref2","_callee","response","pipedSize","_callee$","_context","pipeAxiosResponse","undefined","removeSecureFlagIfOriginInsecure","sent","UNEXPECTED_PIPE_AXIOS_RESPONSE","stop","_x7","t0","sendAndLogError","ytAuthAllowInsecure","origin","startsWith","_reduce","acc","v","k","tmp","_map","item","YT_CYPRESS_COOKIE_NAME","replace","handleLogout","_x3","_x4","_handleLogout","_callee3","_callee3$","_context3","setHeader","status","send","handleChangePassword","_x5","_x6","_handleChangePassword","_callee4","_ref3","newPassword","currentPassword","new_password_sha256","current_password_sha256","cfg","_cfg","setup","_yield$getXSRFToken","login","csrf_token","_callee4$","_context4","crypto","createHash","update","digest","getUserYTApiSetup","getXSRFToken","createOption","v4","setUserPassword","parameters","user","result","err","t1"],"sources":["login.ts"],"sourcesContent":["import type {Request, Response} from 'express';\nimport axios from 'axios';\nimport _ from 'lodash';\nimport {YT_CYPRESS_COOKIE_NAME} from '../../shared/constants';\nimport {getUserYTApiSetup, getYTApiClusterSetup} from '../components/requestsSetup';\nimport {UNEXPECTED_PIPE_AXIOS_RESPONSE, pipeAxiosResponse, sendAndLogError} from '../utils';\nimport crypto from 'crypto';\n\n// @ts-ignore\nimport ytLib from '@ytsaurus/javascript-wrapper';\nimport {getXSRFToken} from '../components/cluster-queries';\n\nconst yt = ytLib();\n\nfunction throwAuthDisabled() {\n throw new Error(\n 'Cluster for password authentication is disabled. You have to define ytAuthCluster to use it.',\n );\n}\n\nexport async function handleLogin(req: Request, res: Response) {\n try {\n const {ytAuthCluster} = req.ctx.config;\n if (!ytAuthCluster) {\n return throwAuthDisabled();\n }\n\n const {username, password} = JSON.parse(req.body) || {};\n if (!username || !password) {\n throw new Error('Username and password must not be empty');\n }\n\n const {proxyBaseUrl} = getYTApiClusterSetup(ytAuthCluster);\n const requestUrl = `${proxyBaseUrl}/login`;\n\n const basicAuth = Buffer.from(`${username}:${password}`).toString('base64');\n\n await axios\n .request({\n url: requestUrl,\n method: req.method as any,\n headers: {...req.ctx.getMetadata(), Authorization: `Basic ${basicAuth}`},\n timeout: 10000,\n responseType: 'stream',\n })\n .then(async (response) => {\n const pipedSize = await pipeAxiosResponse(\n req.ctx,\n res,\n response,\n undefined,\n (headers) => removeSecureFlagIfOriginInsecure(req, headers),\n );\n if (!pipedSize) {\n throw new Error(UNEXPECTED_PIPE_AXIOS_RESPONSE);\n }\n });\n } catch (e: any) {\n sendAndLogError(req.ctx, res, 500, e);\n }\n}\n\nfunction removeSecureFlagIfOriginInsecure(\n req: Request,\n headers: Record<string, string | Array<string>>,\n) {\n const {ytAuthAllowInsecure} = req.ctx.config;\n const {origin} = req.headers;\n\n if (!ytAuthAllowInsecure || 'string' !== typeof origin || !origin.startsWith('http://')) {\n return headers;\n }\n\n return _.reduce(\n headers,\n (acc, v, k) => {\n if (k !== 'set-cookie') {\n acc[k] = v;\n } else {\n const tmp = _.map(v as Array<string>, (item) => {\n if (item.startsWith(YT_CYPRESS_COOKIE_NAME)) {\n return item.replace(/\\s*Secure;/, '');\n }\n return item;\n });\n acc[k] = tmp;\n }\n return acc;\n },\n {} as typeof headers,\n );\n}\n\nexport async function handleLogout(req: Request, res: Response) {\n try {\n const {ytAuthCluster} = req.ctx.config;\n if (!ytAuthCluster) {\n return throwAuthDisabled();\n }\n res.setHeader('set-cookie', `${YT_CYPRESS_COOKIE_NAME}=deleted; Path=/; Max-Age=0;`);\n res.status(401).send('Logout');\n } catch (e: any) {\n sendAndLogError(req.ctx, res, 500, e);\n }\n}\n\nexport async function handleChangePassword(req: Request, res: Response) {\n try {\n const {ytAuthCluster} = req.ctx.config;\n if (!ytAuthCluster) {\n return throwAuthDisabled();\n }\n\n const {newPassword, currentPassword} = JSON.parse(req.body) || {};\n if (!newPassword || !currentPassword) {\n throw new Error('New and current password must not be empty');\n }\n\n const new_password_sha256 = crypto.createHash('sha256').update(newPassword).digest('hex');\n const current_password_sha256 = crypto\n .createHash('sha256')\n .update(currentPassword)\n .digest('hex');\n\n let cfg;\n try {\n cfg = getUserYTApiSetup(ytAuthCluster, req);\n } catch (e: any) {\n sendAndLogError(req.ctx, res, 400, e);\n return;\n }\n\n const {setup} = cfg;\n const {login, csrf_token} = await getXSRFToken(req, cfg);\n\n yt.setup.createOption('requestHeaders', 'object', {\n 'X-Csrf-Token': csrf_token,\n });\n\n await yt.v4\n .setUserPassword({\n setup,\n parameters: {user: login, new_password_sha256, current_password_sha256},\n })\n .then((result: unknown) => {\n res.status(200).send({result});\n })\n .catch((err: any) => {\n sendAndLogError(req.ctx, res, 500, err);\n });\n } catch (e: any) {\n sendAndLogError(req.ctx, res, 500, e);\n }\n}\n"],"mappings":";;;;;;;;;;;;;AACA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AAEA,IAAAC,UAAA,GAAAD,OAAA;AACA,IAAAE,cAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AACA,IAAAI,OAAA,GAAAL,sBAAA,CAAAC,OAAA;AAGA,IAAAK,kBAAA,GAAAN,sBAAA,CAAAC,OAAA;AACA,IAAAM,eAAA,GAAAN,OAAA;AAA0D,SAAAD,uBAAAQ,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAF1D;;AAIA,IAAMG,EAAE,GAAG,IAAAC,0BAAK,EAAC,CAAC;AAElB,SAASC,iBAAiBA,CAAA,EAAG;EACzB,MAAM,IAAIC,KAAK,CACX,8FACJ,CAAC;AACL;AAEA,SAAsBC,WAAWA,CAAAC,EAAA,EAAAC,GAAA;EAAA,OAAAC,YAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAwChC,SAAAF,aAAA;EAAAA,YAAA,OAAAG,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CAxCM,SAAAC,SAA2BC,GAAY,EAAEC,GAAa;IAAA,IAAAC,aAAA,EAAAC,IAAA,EAAAC,QAAA,EAAAC,QAAA,EAAAC,qBAAA,EAAAC,YAAA,EAAAC,UAAA,EAAAC,SAAA;IAAA,OAAAZ,oBAAA,CAAAa,IAAA,UAAAC,UAAAC,SAAA;MAAA,kBAAAA,SAAA,CAAAC,IAAA,GAAAD,SAAA,CAAAE,IAAA;QAAA;UAAAF,SAAA,CAAAC,IAAA;UAE9CX,aAAa,GAAIF,GAAG,CAACe,GAAG,CAACC,MAAM,CAA/Bd,aAAa;UAAA,IACfA,aAAa;YAAAU,SAAA,CAAAE,IAAA;YAAA;UAAA;UAAA,OAAAF,SAAA,CAAAK,MAAA,WACP7B,iBAAiB,CAAC,CAAC;QAAA;UAAAe,IAAA,GAGDe,IAAI,CAACC,KAAK,CAACnB,GAAG,CAACoB,IAAI,CAAC,IAAI,CAAC,CAAC,EAAhDhB,QAAQ,GAAAD,IAAA,CAARC,QAAQ,EAAEC,QAAQ,GAAAF,IAAA,CAARE,QAAQ;UAAA,MACrB,CAACD,QAAQ,IAAI,CAACC,QAAQ;YAAAO,SAAA,CAAAE,IAAA;YAAA;UAAA;UAAA,MAChB,IAAIzB,KAAK,CAAC,yCAAyC,CAAC;QAAA;UAAAiB,qBAAA,GAGvC,IAAAe,mCAAoB,EAACnB,aAAa,CAAC,EAAnDK,YAAY,GAAAD,qBAAA,CAAZC,YAAY;UACbC,UAAU,MAAAc,MAAA,CAAMf,YAAY;UAE5BE,SAAS,GAAGc,MAAM,CAACC,IAAI,IAAAF,MAAA,CAAIlB,QAAQ,OAAAkB,MAAA,CAAIjB,QAAQ,CAAE,CAAC,CAACoB,QAAQ,CAAC,QAAQ,CAAC;UAAAb,SAAA,CAAAE,IAAA;UAAA,OAErEY,cAAK,CACNC,OAAO,CAAC;YACLC,GAAG,EAAEpB,UAAU;YACfqB,MAAM,EAAE7B,GAAG,CAAC6B,MAAa;YACzBC,OAAO,MAAAC,sBAAA,MAAAA,sBAAA,MAAM/B,GAAG,CAACe,GAAG,CAACiB,WAAW,CAAC,CAAC;cAAEC,aAAa,WAAAX,MAAA,CAAWb,SAAS;YAAE,EAAC;YACxEyB,OAAO,EAAE,KAAK;YACdC,YAAY,EAAE;UAClB,CAAC,CAAC,CACDC,IAAI;YAAA,IAAAC,KAAA,OAAAzC,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CAAC,SAAAwC,QAAOC,QAAQ;cAAA,IAAAC,SAAA;cAAA,OAAA3C,oBAAA,CAAAa,IAAA,UAAA+B,SAAAC,QAAA;gBAAA,kBAAAA,QAAA,CAAA7B,IAAA,GAAA6B,QAAA,CAAA5B,IAAA;kBAAA;oBAAA4B,QAAA,CAAA5B,IAAA;oBAAA,OACO,IAAA6B,wBAAiB,EACrC3C,GAAG,CAACe,GAAG,EACPd,GAAG,EACHsC,QAAQ,EACRK,SAAS,EACT,UAACd,OAAO;sBAAA,OAAKe,gCAAgC,CAAC7C,GAAG,EAAE8B,OAAO,CAAC;oBAAA,CAC/D,CAAC;kBAAA;oBANKU,SAAS,GAAAE,QAAA,CAAAI,IAAA;oBAAA,IAOVN,SAAS;sBAAAE,QAAA,CAAA5B,IAAA;sBAAA;oBAAA;oBAAA,MACJ,IAAIzB,KAAK,CAAC0D,qCAA8B,CAAC;kBAAA;kBAAA;oBAAA,OAAAL,QAAA,CAAAM,IAAA;gBAAA;cAAA,GAAAV,OAAA;YAAA,CAEtD;YAAA,iBAAAW,GAAA;cAAA,OAAAZ,KAAA,CAAA3C,KAAA,OAAAC,SAAA;YAAA;UAAA,IAAC;QAAA;UAAAiB,SAAA,CAAAE,IAAA;UAAA;QAAA;UAAAF,SAAA,CAAAC,IAAA;UAAAD,SAAA,CAAAsC,EAAA,GAAAtC,SAAA;UAEN,IAAAuC,sBAAe,EAACnD,GAAG,CAACe,GAAG,EAAEd,GAAG,EAAE,GAAG,EAAAW,SAAA,CAAAsC,EAAG,CAAC;QAAC;QAAA;UAAA,OAAAtC,SAAA,CAAAoC,IAAA;MAAA;IAAA,GAAAjD,QAAA;EAAA,CAE7C;EAAA,OAAAN,YAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAED,SAASkD,gCAAgCA,CACrC7C,GAAY,EACZ8B,OAA+C,EACjD;EACE,IAAOsB,mBAAmB,GAAIpD,GAAG,CAACe,GAAG,CAACC,MAAM,CAArCoC,mBAAmB;EAC1B,IAAOC,MAAM,GAAIrD,GAAG,CAAC8B,OAAO,CAArBuB,MAAM;EAEb,IAAI,CAACD,mBAAmB,IAAI,QAAQ,KAAK,OAAOC,MAAM,IAAI,CAACA,MAAM,CAACC,UAAU,CAAC,SAAS,CAAC,EAAE;IACrF,OAAOxB,OAAO;EAClB;EAEA,OAAO,IAAAyB,gBAAA,EACHzB,OAAO,EACP,UAAC0B,GAAG,EAAEC,CAAC,EAAEC,CAAC,EAAK;IACX,IAAIA,CAAC,KAAK,YAAY,EAAE;MACpBF,GAAG,CAACE,CAAC,CAAC,GAAGD,CAAC;IACd,CAAC,MAAM;MACH,IAAME,GAAG,GAAG,IAAAC,aAAA,EAAMH,CAAC,EAAmB,UAACI,IAAI,EAAK;QAC5C,IAAIA,IAAI,CAACP,UAAU,CAACQ,iCAAsB,CAAC,EAAE;UACzC,OAAOD,IAAI,CAACE,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC;QACzC;QACA,OAAOF,IAAI;MACf,CAAC,CAAC;MACFL,GAAG,CAACE,CAAC,CAAC,GAAGC,GAAG;IAChB;IACA,OAAOH,GAAG;EACd,CAAC,EACD,CAAC,CACL,CAAC;AACL;AAEA,SAAsBQ,YAAYA,CAAAC,GAAA,EAAAC,GAAA;EAAA,OAAAC,aAAA,CAAAzE,KAAA,OAAAC,SAAA;AAAA;AAWjC,SAAAwE,cAAA;EAAAA,aAAA,OAAAvE,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CAXM,SAAAsE,SAA4BpE,GAAY,EAAEC,GAAa;IAAA,IAAAC,aAAA;IAAA,OAAAL,oBAAA,CAAAa,IAAA,UAAA2D,UAAAC,SAAA;MAAA,kBAAAA,SAAA,CAAAzD,IAAA,GAAAyD,SAAA,CAAAxD,IAAA;QAAA;UAAAwD,SAAA,CAAAzD,IAAA;UAE/CX,aAAa,GAAIF,GAAG,CAACe,GAAG,CAACC,MAAM,CAA/Bd,aAAa;UAAA,IACfA,aAAa;YAAAoE,SAAA,CAAAxD,IAAA;YAAA;UAAA;UAAA,OAAAwD,SAAA,CAAArD,MAAA,WACP7B,iBAAiB,CAAC,CAAC;QAAA;UAE9Ba,GAAG,CAACsE,SAAS,CAAC,YAAY,KAAAjD,MAAA,CAAKwC,iCAAsB,iCAA8B,CAAC;UACpF7D,GAAG,CAACuE,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAAC,QAAQ,CAAC;UAACH,SAAA,CAAAxD,IAAA;UAAA;QAAA;UAAAwD,SAAA,CAAAzD,IAAA;UAAAyD,SAAA,CAAApB,EAAA,GAAAoB,SAAA;UAE/B,IAAAnB,sBAAe,EAACnD,GAAG,CAACe,GAAG,EAAEd,GAAG,EAAE,GAAG,EAAAqE,SAAA,CAAApB,EAAG,CAAC;QAAC;QAAA;UAAA,OAAAoB,SAAA,CAAAtB,IAAA;MAAA;IAAA,GAAAoB,QAAA;EAAA,CAE7C;EAAA,OAAAD,aAAA,CAAAzE,KAAA,OAAAC,SAAA;AAAA;AAED,SAAsB+E,oBAAoBA,CAAAC,GAAA,EAAAC,GAAA;EAAA,OAAAC,qBAAA,CAAAnF,KAAA,OAAAC,SAAA;AAAA;AA+CzC,SAAAkF,sBAAA;EAAAA,qBAAA,OAAAjF,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CA/CM,SAAAgF,SAAoC9E,GAAY,EAAEC,GAAa;IAAA,IAAAC,aAAA,EAAA6E,KAAA,EAAAC,WAAA,EAAAC,eAAA,EAAAC,mBAAA,EAAAC,uBAAA,EAAAC,GAAA,EAAAC,IAAA,EAAAC,KAAA,EAAAC,mBAAA,EAAAC,KAAA,EAAAC,UAAA;IAAA,OAAA5F,oBAAA,CAAAa,IAAA,UAAAgF,UAAAC,SAAA;MAAA,kBAAAA,SAAA,CAAA9E,IAAA,GAAA8E,SAAA,CAAA7E,IAAA;QAAA;UAAA6E,SAAA,CAAA9E,IAAA;UAEvDX,aAAa,GAAIF,GAAG,CAACe,GAAG,CAACC,MAAM,CAA/Bd,aAAa;UAAA,IACfA,aAAa;YAAAyF,SAAA,CAAA7E,IAAA;YAAA;UAAA;UAAA,OAAA6E,SAAA,CAAA1E,MAAA,WACP7B,iBAAiB,CAAC,CAAC;QAAA;UAAA2F,KAAA,GAGS7D,IAAI,CAACC,KAAK,CAACnB,GAAG,CAACoB,IAAI,CAAC,IAAI,CAAC,CAAC,EAA1D4D,WAAW,GAAAD,KAAA,CAAXC,WAAW,EAAEC,eAAe,GAAAF,KAAA,CAAfE,eAAe;UAAA,MAC/B,CAACD,WAAW,IAAI,CAACC,eAAe;YAAAU,SAAA,CAAA7E,IAAA;YAAA;UAAA;UAAA,MAC1B,IAAIzB,KAAK,CAAC,4CAA4C,CAAC;QAAA;UAG3D6F,mBAAmB,GAAGU,eAAM,CAACC,UAAU,CAAC,QAAQ,CAAC,CAACC,MAAM,CAACd,WAAW,CAAC,CAACe,MAAM,CAAC,KAAK,CAAC;UACnFZ,uBAAuB,GAAGS,eAAM,CACjCC,UAAU,CAAC,QAAQ,CAAC,CACpBC,MAAM,CAACb,eAAe,CAAC,CACvBc,MAAM,CAAC,KAAK,CAAC;UAAAJ,SAAA,CAAA9E,IAAA;UAIduE,GAAG,GAAG,IAAAY,gCAAiB,EAAC9F,aAAa,EAAEF,GAAG,CAAC;UAAC2F,SAAA,CAAA7E,IAAA;UAAA;QAAA;UAAA6E,SAAA,CAAA9E,IAAA;UAAA8E,SAAA,CAAAzC,EAAA,GAAAyC,SAAA;UAE5C,IAAAxC,sBAAe,EAACnD,GAAG,CAACe,GAAG,EAAEd,GAAG,EAAE,GAAG,EAAA0F,SAAA,CAAAzC,EAAG,CAAC;UAAC,OAAAyC,SAAA,CAAA1E,MAAA;QAAA;UAAAoE,IAAA,GAI1BD,GAAG,EAAZE,KAAK,GAAAD,IAAA,CAALC,KAAK;UAAAK,SAAA,CAAA7E,IAAA;UAAA,OACsB,IAAAmF,4BAAY,EAACjG,GAAG,EAAEoF,GAAG,CAAC;QAAA;UAAAG,mBAAA,GAAAI,SAAA,CAAA7C,IAAA;UAAjD0C,KAAK,GAAAD,mBAAA,CAALC,KAAK;UAAEC,UAAU,GAAAF,mBAAA,CAAVE,UAAU;UAExBvG,EAAE,CAACoG,KAAK,CAACY,YAAY,CAAC,gBAAgB,EAAE,QAAQ,EAAE;YAC9C,cAAc,EAAET;UACpB,CAAC,CAAC;UAACE,SAAA,CAAA7E,IAAA;UAAA,OAEG5B,EAAE,CAACiH,EAAE,CACNC,eAAe,CAAC;YACbd,KAAK,EAALA,KAAK;YACLe,UAAU,EAAE;cAACC,IAAI,EAAEd,KAAK;cAAEN,mBAAmB,EAAnBA,mBAAmB;cAAEC,uBAAuB,EAAvBA;YAAuB;UAC1E,CAAC,CAAC,CACD/C,IAAI,CAAC,UAACmE,MAAe,EAAK;YACvBtG,GAAG,CAACuE,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAAC;cAAC8B,MAAM,EAANA;YAAM,CAAC,CAAC;UAClC,CAAC,CAAC,SACI,CAAC,UAACC,GAAQ,EAAK;YACjB,IAAArD,sBAAe,EAACnD,GAAG,CAACe,GAAG,EAAEd,GAAG,EAAE,GAAG,EAAEuG,GAAG,CAAC;UAC3C,CAAC,CAAC;QAAA;UAAAb,SAAA,CAAA7E,IAAA;UAAA;QAAA;UAAA6E,SAAA,CAAA9E,IAAA;UAAA8E,SAAA,CAAAc,EAAA,GAAAd,SAAA;UAEN,IAAAxC,sBAAe,EAACnD,GAAG,CAACe,GAAG,EAAEd,GAAG,EAAE,GAAG,EAAA0F,SAAA,CAAAc,EAAG,CAAC;QAAC;QAAA;UAAA,OAAAd,SAAA,CAAA3C,IAAA;MAAA;IAAA,GAAA8B,QAAA;EAAA,CAE7C;EAAA,OAAAD,qBAAA,CAAAnF,KAAA,OAAAC,SAAA;AAAA"}
|
1
|
+
{"version":3,"names":["_axios","_interopRequireDefault","require","_constants","_requestsSetup","_utils","_crypto","_javascriptWrapper","_clusterQueries","_ytAuth","obj","__esModule","default","yt","ytLib","handleLogin","_x","_x2","_handleLogin","apply","arguments","_asyncToGenerator","_regeneratorRuntime","mark","_callee2","req","res","ytAuthCluster","_ref","username","password","_getYTApiClusterSetup","proxyBaseUrl","requestUrl","basicAuth","wrap","_callee2$","_context2","prev","next","getAuthCluster","ctx","config","JSON","parse","body","Error","getYTApiClusterSetup","concat","Buffer","from","toString","axios","request","url","method","headers","_objectSpread","getMetadata","Authorization","timeout","responseType","then","_ref2","_callee","response","pipedSize","_callee$","_context","pipeAxiosResponse","undefined","removeSecureFlagIfOriginInsecure","sent","UNEXPECTED_PIPE_AXIOS_RESPONSE","stop","_x5","t0","sendAndLogError","ytAuthAllowInsecure","origin","startsWith","_reduce","acc","v","k","tmp","_map","item","YT_CYPRESS_COOKIE_NAME","replace","handleChangePassword","_x3","_x4","_handleChangePassword","_callee3","_ref3","newPassword","currentPassword","new_password_sha256","current_password_sha256","cfg","_cfg","setup","_yield$getXSRFToken","login","csrf_token","_callee3$","_context3","crypto","createHash","update","digest","getUserYTApiSetup","abrupt","getXSRFToken","createOption","v4","setUserPassword","parameters","user","result","status","send","err","t1"],"sources":["login.ts"],"sourcesContent":["import type {Request, Response} from 'express';\nimport axios from 'axios';\nimport _ from 'lodash';\nimport {YT_CYPRESS_COOKIE_NAME} from '../../shared/constants';\nimport {getUserYTApiSetup, getYTApiClusterSetup} from '../components/requestsSetup';\nimport {UNEXPECTED_PIPE_AXIOS_RESPONSE, pipeAxiosResponse, sendAndLogError} from '../utils';\nimport crypto from 'crypto';\n\n// @ts-ignore\nimport ytLib from '@ytsaurus/javascript-wrapper';\nimport {getXSRFToken} from '../components/cluster-queries';\nimport {getAuthCluster} from '../components/yt-auth';\n\nconst yt = ytLib();\n\nexport async function handleLogin(req: Request, res: Response) {\n try {\n const ytAuthCluster = getAuthCluster(req.ctx.config);\n\n const {username, password} = JSON.parse(req.body) || {};\n if (!username || !password) {\n throw new Error('Username and password must not be empty');\n }\n\n const {proxyBaseUrl} = getYTApiClusterSetup(ytAuthCluster);\n const requestUrl = `${proxyBaseUrl}/login`;\n\n const basicAuth = Buffer.from(`${username}:${password}`).toString('base64');\n\n await axios\n .request({\n url: requestUrl,\n method: req.method as any,\n headers: {...req.ctx.getMetadata(), Authorization: `Basic ${basicAuth}`},\n timeout: 10000,\n responseType: 'stream',\n })\n .then(async (response) => {\n const pipedSize = await pipeAxiosResponse(\n req.ctx,\n res,\n response,\n undefined,\n (headers) => removeSecureFlagIfOriginInsecure(req, headers),\n );\n if (!pipedSize) {\n throw new Error(UNEXPECTED_PIPE_AXIOS_RESPONSE);\n }\n });\n } catch (e: any) {\n sendAndLogError(req.ctx, res, 500, e);\n }\n}\n\nfunction removeSecureFlagIfOriginInsecure(\n req: Request,\n headers: Record<string, string | Array<string>>,\n) {\n const {ytAuthAllowInsecure} = req.ctx.config;\n const {origin} = req.headers;\n\n if (!ytAuthAllowInsecure || 'string' !== typeof origin || !origin.startsWith('http://')) {\n return headers;\n }\n\n return _.reduce(\n headers,\n (acc, v, k) => {\n if (k !== 'set-cookie') {\n acc[k] = v;\n } else {\n const tmp = _.map(v as Array<string>, (item) => {\n if (item.startsWith(YT_CYPRESS_COOKIE_NAME)) {\n return item.replace(/\\s*Secure;/, '');\n }\n return item;\n });\n acc[k] = tmp;\n }\n return acc;\n },\n {} as typeof headers,\n );\n}\n\nexport async function handleChangePassword(req: Request, res: Response) {\n try {\n const ytAuthCluster = getAuthCluster(req.ctx.config);\n\n const {newPassword, currentPassword} = JSON.parse(req.body) || {};\n if (!newPassword || !currentPassword) {\n throw new Error('New and current password must not be empty');\n }\n\n const new_password_sha256 = crypto.createHash('sha256').update(newPassword).digest('hex');\n const current_password_sha256 = crypto\n .createHash('sha256')\n .update(currentPassword)\n .digest('hex');\n\n let cfg;\n try {\n cfg = getUserYTApiSetup(ytAuthCluster, req);\n } catch (e: any) {\n sendAndLogError(req.ctx, res, 400, e);\n return;\n }\n\n const {setup} = cfg;\n const {login, csrf_token} = await getXSRFToken(req, cfg);\n\n yt.setup.createOption('requestHeaders', 'object', {\n 'X-Csrf-Token': csrf_token,\n });\n\n await yt.v4\n .setUserPassword({\n setup,\n parameters: {user: login, new_password_sha256, current_password_sha256},\n })\n .then((result: unknown) => {\n res.status(200).send({result});\n })\n .catch((err: any) => {\n sendAndLogError(req.ctx, res, 500, err);\n });\n } catch (e: any) {\n sendAndLogError(req.ctx, res, 500, e);\n }\n}\n"],"mappings":";;;;;;;;;;;;AACA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AAEA,IAAAC,UAAA,GAAAD,OAAA;AACA,IAAAE,cAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AACA,IAAAI,OAAA,GAAAL,sBAAA,CAAAC,OAAA;AAGA,IAAAK,kBAAA,GAAAN,sBAAA,CAAAC,OAAA;AACA,IAAAM,eAAA,GAAAN,OAAA;AACA,IAAAO,OAAA,GAAAP,OAAA;AAAoD,SAAAD,uBAAAS,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAHpD;;AAKA,IAAMG,EAAE,GAAG,IAAAC,0BAAK,EAAC,CAAC;AAElB,SAAsBC,WAAWA,CAAAC,EAAA,EAAAC,GAAA;EAAA,OAAAC,YAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAqChC,SAAAF,aAAA;EAAAA,YAAA,OAAAG,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CArCM,SAAAC,SAA2BC,GAAY,EAAEC,GAAa;IAAA,IAAAC,aAAA,EAAAC,IAAA,EAAAC,QAAA,EAAAC,QAAA,EAAAC,qBAAA,EAAAC,YAAA,EAAAC,UAAA,EAAAC,SAAA;IAAA,OAAAZ,oBAAA,CAAAa,IAAA,UAAAC,UAAAC,SAAA;MAAA,kBAAAA,SAAA,CAAAC,IAAA,GAAAD,SAAA,CAAAE,IAAA;QAAA;UAAAF,SAAA,CAAAC,IAAA;UAE/CX,aAAa,GAAG,IAAAa,sBAAc,EAACf,GAAG,CAACgB,GAAG,CAACC,MAAM,CAAC;UAAAd,IAAA,GAEvBe,IAAI,CAACC,KAAK,CAACnB,GAAG,CAACoB,IAAI,CAAC,IAAI,CAAC,CAAC,EAAhDhB,QAAQ,GAAAD,IAAA,CAARC,QAAQ,EAAEC,QAAQ,GAAAF,IAAA,CAARE,QAAQ;UAAA,MACrB,CAACD,QAAQ,IAAI,CAACC,QAAQ;YAAAO,SAAA,CAAAE,IAAA;YAAA;UAAA;UAAA,MAChB,IAAIO,KAAK,CAAC,yCAAyC,CAAC;QAAA;UAAAf,qBAAA,GAGvC,IAAAgB,mCAAoB,EAACpB,aAAa,CAAC,EAAnDK,YAAY,GAAAD,qBAAA,CAAZC,YAAY;UACbC,UAAU,MAAAe,MAAA,CAAMhB,YAAY;UAE5BE,SAAS,GAAGe,MAAM,CAACC,IAAI,IAAAF,MAAA,CAAInB,QAAQ,OAAAmB,MAAA,CAAIlB,QAAQ,CAAE,CAAC,CAACqB,QAAQ,CAAC,QAAQ,CAAC;UAAAd,SAAA,CAAAE,IAAA;UAAA,OAErEa,cAAK,CACNC,OAAO,CAAC;YACLC,GAAG,EAAErB,UAAU;YACfsB,MAAM,EAAE9B,GAAG,CAAC8B,MAAa;YACzBC,OAAO,MAAAC,sBAAA,MAAAA,sBAAA,MAAMhC,GAAG,CAACgB,GAAG,CAACiB,WAAW,CAAC,CAAC;cAAEC,aAAa,WAAAX,MAAA,CAAWd,SAAS;YAAE,EAAC;YACxE0B,OAAO,EAAE,KAAK;YACdC,YAAY,EAAE;UAClB,CAAC,CAAC,CACDC,IAAI;YAAA,IAAAC,KAAA,OAAA1C,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CAAC,SAAAyC,QAAOC,QAAQ;cAAA,IAAAC,SAAA;cAAA,OAAA5C,oBAAA,CAAAa,IAAA,UAAAgC,SAAAC,QAAA;gBAAA,kBAAAA,QAAA,CAAA9B,IAAA,GAAA8B,QAAA,CAAA7B,IAAA;kBAAA;oBAAA6B,QAAA,CAAA7B,IAAA;oBAAA,OACO,IAAA8B,wBAAiB,EACrC5C,GAAG,CAACgB,GAAG,EACPf,GAAG,EACHuC,QAAQ,EACRK,SAAS,EACT,UAACd,OAAO;sBAAA,OAAKe,gCAAgC,CAAC9C,GAAG,EAAE+B,OAAO,CAAC;oBAAA,CAC/D,CAAC;kBAAA;oBANKU,SAAS,GAAAE,QAAA,CAAAI,IAAA;oBAAA,IAOVN,SAAS;sBAAAE,QAAA,CAAA7B,IAAA;sBAAA;oBAAA;oBAAA,MACJ,IAAIO,KAAK,CAAC2B,qCAA8B,CAAC;kBAAA;kBAAA;oBAAA,OAAAL,QAAA,CAAAM,IAAA;gBAAA;cAAA,GAAAV,OAAA;YAAA,CAEtD;YAAA,iBAAAW,GAAA;cAAA,OAAAZ,KAAA,CAAA5C,KAAA,OAAAC,SAAA;YAAA;UAAA,IAAC;QAAA;UAAAiB,SAAA,CAAAE,IAAA;UAAA;QAAA;UAAAF,SAAA,CAAAC,IAAA;UAAAD,SAAA,CAAAuC,EAAA,GAAAvC,SAAA;UAEN,IAAAwC,sBAAe,EAACpD,GAAG,CAACgB,GAAG,EAAEf,GAAG,EAAE,GAAG,EAAAW,SAAA,CAAAuC,EAAG,CAAC;QAAC;QAAA;UAAA,OAAAvC,SAAA,CAAAqC,IAAA;MAAA;IAAA,GAAAlD,QAAA;EAAA,CAE7C;EAAA,OAAAN,YAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAED,SAASmD,gCAAgCA,CACrC9C,GAAY,EACZ+B,OAA+C,EACjD;EACE,IAAOsB,mBAAmB,GAAIrD,GAAG,CAACgB,GAAG,CAACC,MAAM,CAArCoC,mBAAmB;EAC1B,IAAOC,MAAM,GAAItD,GAAG,CAAC+B,OAAO,CAArBuB,MAAM;EAEb,IAAI,CAACD,mBAAmB,IAAI,QAAQ,KAAK,OAAOC,MAAM,IAAI,CAACA,MAAM,CAACC,UAAU,CAAC,SAAS,CAAC,EAAE;IACrF,OAAOxB,OAAO;EAClB;EAEA,OAAO,IAAAyB,gBAAA,EACHzB,OAAO,EACP,UAAC0B,GAAG,EAAEC,CAAC,EAAEC,CAAC,EAAK;IACX,IAAIA,CAAC,KAAK,YAAY,EAAE;MACpBF,GAAG,CAACE,CAAC,CAAC,GAAGD,CAAC;IACd,CAAC,MAAM;MACH,IAAME,GAAG,GAAG,IAAAC,aAAA,EAAMH,CAAC,EAAmB,UAACI,IAAI,EAAK;QAC5C,IAAIA,IAAI,CAACP,UAAU,CAACQ,iCAAsB,CAAC,EAAE;UACzC,OAAOD,IAAI,CAACE,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC;QACzC;QACA,OAAOF,IAAI;MACf,CAAC,CAAC;MACFL,GAAG,CAACE,CAAC,CAAC,GAAGC,GAAG;IAChB;IACA,OAAOH,GAAG;EACd,CAAC,EACD,CAAC,CACL,CAAC;AACL;AAEA,SAAsBQ,oBAAoBA,CAAAC,GAAA,EAAAC,GAAA;EAAA,OAAAC,qBAAA,CAAA1E,KAAA,OAAAC,SAAA;AAAA;AA4CzC,SAAAyE,sBAAA;EAAAA,qBAAA,OAAAxE,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CA5CM,SAAAuE,SAAoCrE,GAAY,EAAEC,GAAa;IAAA,IAAAC,aAAA,EAAAoE,KAAA,EAAAC,WAAA,EAAAC,eAAA,EAAAC,mBAAA,EAAAC,uBAAA,EAAAC,GAAA,EAAAC,IAAA,EAAAC,KAAA,EAAAC,mBAAA,EAAAC,KAAA,EAAAC,UAAA;IAAA,OAAAnF,oBAAA,CAAAa,IAAA,UAAAuE,UAAAC,SAAA;MAAA,kBAAAA,SAAA,CAAArE,IAAA,GAAAqE,SAAA,CAAApE,IAAA;QAAA;UAAAoE,SAAA,CAAArE,IAAA;UAExDX,aAAa,GAAG,IAAAa,sBAAc,EAACf,GAAG,CAACgB,GAAG,CAACC,MAAM,CAAC;UAAAqD,KAAA,GAEbpD,IAAI,CAACC,KAAK,CAACnB,GAAG,CAACoB,IAAI,CAAC,IAAI,CAAC,CAAC,EAA1DmD,WAAW,GAAAD,KAAA,CAAXC,WAAW,EAAEC,eAAe,GAAAF,KAAA,CAAfE,eAAe;UAAA,MAC/B,CAACD,WAAW,IAAI,CAACC,eAAe;YAAAU,SAAA,CAAApE,IAAA;YAAA;UAAA;UAAA,MAC1B,IAAIO,KAAK,CAAC,4CAA4C,CAAC;QAAA;UAG3DoD,mBAAmB,GAAGU,eAAM,CAACC,UAAU,CAAC,QAAQ,CAAC,CAACC,MAAM,CAACd,WAAW,CAAC,CAACe,MAAM,CAAC,KAAK,CAAC;UACnFZ,uBAAuB,GAAGS,eAAM,CACjCC,UAAU,CAAC,QAAQ,CAAC,CACpBC,MAAM,CAACb,eAAe,CAAC,CACvBc,MAAM,CAAC,KAAK,CAAC;UAAAJ,SAAA,CAAArE,IAAA;UAId8D,GAAG,GAAG,IAAAY,gCAAiB,EAACrF,aAAa,EAAEF,GAAG,CAAC;UAACkF,SAAA,CAAApE,IAAA;UAAA;QAAA;UAAAoE,SAAA,CAAArE,IAAA;UAAAqE,SAAA,CAAA/B,EAAA,GAAA+B,SAAA;UAE5C,IAAA9B,sBAAe,EAACpD,GAAG,CAACgB,GAAG,EAAEf,GAAG,EAAE,GAAG,EAAAiF,SAAA,CAAA/B,EAAG,CAAC;UAAC,OAAA+B,SAAA,CAAAM,MAAA;QAAA;UAAAZ,IAAA,GAI1BD,GAAG,EAAZE,KAAK,GAAAD,IAAA,CAALC,KAAK;UAAAK,SAAA,CAAApE,IAAA;UAAA,OACsB,IAAA2E,4BAAY,EAACzF,GAAG,EAAE2E,GAAG,CAAC;QAAA;UAAAG,mBAAA,GAAAI,SAAA,CAAAnC,IAAA;UAAjDgC,KAAK,GAAAD,mBAAA,CAALC,KAAK;UAAEC,UAAU,GAAAF,mBAAA,CAAVE,UAAU;UAExB5F,EAAE,CAACyF,KAAK,CAACa,YAAY,CAAC,gBAAgB,EAAE,QAAQ,EAAE;YAC9C,cAAc,EAAEV;UACpB,CAAC,CAAC;UAACE,SAAA,CAAApE,IAAA;UAAA,OAEG1B,EAAE,CAACuG,EAAE,CACNC,eAAe,CAAC;YACbf,KAAK,EAALA,KAAK;YACLgB,UAAU,EAAE;cAACC,IAAI,EAAEf,KAAK;cAAEN,mBAAmB,EAAnBA,mBAAmB;cAAEC,uBAAuB,EAAvBA;YAAuB;UAC1E,CAAC,CAAC,CACDrC,IAAI,CAAC,UAAC0D,MAAe,EAAK;YACvB9F,GAAG,CAAC+F,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAAC;cAACF,MAAM,EAANA;YAAM,CAAC,CAAC;UAClC,CAAC,CAAC,SACI,CAAC,UAACG,GAAQ,EAAK;YACjB,IAAA9C,sBAAe,EAACpD,GAAG,CAACgB,GAAG,EAAEf,GAAG,EAAE,GAAG,EAAEiG,GAAG,CAAC;UAC3C,CAAC,CAAC;QAAA;UAAAhB,SAAA,CAAApE,IAAA;UAAA;QAAA;UAAAoE,SAAA,CAAArE,IAAA;UAAAqE,SAAA,CAAAiB,EAAA,GAAAjB,SAAA;UAEN,IAAA9B,sBAAe,EAACpD,GAAG,CAACgB,GAAG,EAAEf,GAAG,EAAE,GAAG,EAAAiF,SAAA,CAAAiB,EAAG,CAAC;QAAC;QAAA;UAAA,OAAAjB,SAAA,CAAAjC,IAAA;MAAA;IAAA,GAAAoB,QAAA;EAAA,CAE7C;EAAA,OAAAD,qBAAA,CAAA1E,KAAA,OAAAC,SAAA;AAAA"}
|
@@ -0,0 +1,15 @@
|
|
1
|
+
"use strict";
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
3
|
+
exports.handleLogout = void 0;
|
4
|
+
const oauth_1 = require("../components/oauth");
|
5
|
+
const yt_auth_1 = require("../components/yt-auth");
|
6
|
+
function handleLogout(req, res) {
|
7
|
+
if ((0, oauth_1.isOAuthAllowed)(req) && (0, oauth_1.isUserOAuthLogged)(req)) {
|
8
|
+
res.redirect((0, oauth_1.getOAuthLogoutPath)(req));
|
9
|
+
}
|
10
|
+
else if ((0, yt_auth_1.isYtAuthEnabled)(req.ctx.config)) {
|
11
|
+
(0, yt_auth_1.YTAuthLogout)(res);
|
12
|
+
}
|
13
|
+
res.redirect('/');
|
14
|
+
}
|
15
|
+
exports.handleLogout = handleLogout;
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"names":["_oauth","require","_ytAuth","handleLogout","req","res","isOAuthAllowed","isUserOAuthLogged","redirect","getOAuthLogoutPath","isYtAuthEnabled","ctx","config","YTAuthLogout"],"sources":["logout.ts"],"sourcesContent":["import type {Request, Response} from 'express';\nimport {getOAuthLogoutPath, isOAuthAllowed, isUserOAuthLogged} from '../components/oauth';\nimport {YTAuthLogout, isYtAuthEnabled} from '../components/yt-auth';\n\nexport function handleLogout(req: Request, res: Response) {\n if (isOAuthAllowed(req) && isUserOAuthLogged(req)) {\n res.redirect(getOAuthLogoutPath(req));\n } else if (isYtAuthEnabled(req.ctx.config)) {\n YTAuthLogout(res);\n }\n res.redirect('/');\n}\n"],"mappings":";;;;;;AACA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AAEO,SAASE,YAAYA,CAACC,GAAY,EAAEC,GAAa,EAAE;EACtD,IAAI,IAAAC,qBAAc,EAACF,GAAG,CAAC,IAAI,IAAAG,wBAAiB,EAACH,GAAG,CAAC,EAAE;IAC/CC,GAAG,CAACG,QAAQ,CAAC,IAAAC,yBAAkB,EAACL,GAAG,CAAC,CAAC;EACzC,CAAC,MAAM,IAAI,IAAAM,uBAAe,EAACN,GAAG,CAACO,GAAG,CAACC,MAAM,CAAC,EAAE;IACxC,IAAAC,oBAAY,EAACR,GAAG,CAAC;EACrB;EACAA,GAAG,CAACG,QAAQ,CAAC,GAAG,CAAC;AACrB"}
|
@@ -0,0 +1,4 @@
|
|
1
|
+
import type { Request, Response } from 'express';
|
2
|
+
export declare function oauthLogin(req: Request, res: Response): void;
|
3
|
+
export declare function oauthLogout(_: Request, res: Response): void;
|
4
|
+
export declare function oauthCallback(req: Request, res: Response): Promise<void>;
|
@@ -0,0 +1,30 @@
|
|
1
|
+
"use strict";
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
3
|
+
exports.oauthCallback = exports.oauthLogout = exports.oauthLogin = void 0;
|
4
|
+
const oauth_1 = require("../components/oauth");
|
5
|
+
function oauthLogin(req, res) {
|
6
|
+
res.redirect((0, oauth_1.getOAuthLoginPath)(req));
|
7
|
+
}
|
8
|
+
exports.oauthLogin = oauthLogin;
|
9
|
+
function oauthLogout(_, res) {
|
10
|
+
(0, oauth_1.removeOAuthCookies)(res);
|
11
|
+
res.redirect('/');
|
12
|
+
}
|
13
|
+
exports.oauthLogout = oauthLogout;
|
14
|
+
async function oauthCallback(req, res) {
|
15
|
+
const { code } = req.query;
|
16
|
+
if (!code) {
|
17
|
+
throw new Error('Authorization code is not specified');
|
18
|
+
}
|
19
|
+
try {
|
20
|
+
const tokens = await (0, oauth_1.exchangeOAuthToken)(req, code);
|
21
|
+
(0, oauth_1.saveOAuthTokensInCookies)(res, tokens);
|
22
|
+
res.redirect('/');
|
23
|
+
}
|
24
|
+
catch (e) {
|
25
|
+
req.ctx.logError('exchange token error', e);
|
26
|
+
const message = e instanceof Error ? e.message : 'Unknown error';
|
27
|
+
res.status(500).send(message);
|
28
|
+
}
|
29
|
+
}
|
30
|
+
exports.oauthCallback = oauthCallback;
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"names":["_oauth","require","_interopRequireDefault","obj","__esModule","default","oauthLogin","req","res","redirect","getOAuthLoginPath","oauthLogout","_","removeOAuthCookies","oauthCallback","_x","_x2","_oauthCallback","apply","arguments","_asyncToGenerator","_regeneratorRuntime","mark","_callee","code","tokens","message","wrap","_callee$","_context","prev","next","query","Error","exchangeOAuthToken","sent","saveOAuthTokensInCookies","t0","ctx","logError","status","send","stop"],"sources":["oauth-login.ts"],"sourcesContent":["import type {Request, Response} from 'express';\nimport {\n exchangeOAuthToken,\n getOAuthLoginPath,\n removeOAuthCookies,\n saveOAuthTokensInCookies,\n} from '../components/oauth';\n\nexport function oauthLogin(req: Request, res: Response) {\n res.redirect(getOAuthLoginPath(req));\n}\n\nexport function oauthLogout(_: Request, res: Response) {\n removeOAuthCookies(res);\n res.redirect('/');\n}\n\nexport async function oauthCallback(req: Request, res: Response) {\n const {code} = req.query;\n if (!code) {\n throw new Error('Authorization code is not specified');\n }\n\n try {\n const tokens = await exchangeOAuthToken(req, code as string);\n\n saveOAuthTokensInCookies(res, tokens);\n\n res.redirect('/');\n } catch (e) {\n req.ctx.logError('exchange token error', e);\n const message = e instanceof Error ? e.message : 'Unknown error';\n res.status(500).send(message);\n }\n}\n"],"mappings":";;;;;;;;;;AACA,IAAAA,MAAA,GAAAC,OAAA;AAK4B,SAAAC,uBAAAC,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAErB,SAASG,UAAUA,CAACC,GAAY,EAAEC,GAAa,EAAE;EACpDA,GAAG,CAACC,QAAQ,CAAC,IAAAC,wBAAiB,EAACH,GAAG,CAAC,CAAC;AACxC;AAEO,SAASI,WAAWA,CAACC,CAAU,EAAEJ,GAAa,EAAE;EACnD,IAAAK,yBAAkB,EAACL,GAAG,CAAC;EACvBA,GAAG,CAACC,QAAQ,CAAC,GAAG,CAAC;AACrB;AAEA,SAAsBK,aAAaA,CAAAC,EAAA,EAAAC,GAAA;EAAA,OAAAC,cAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAiBlC,SAAAF,eAAA;EAAAA,cAAA,OAAAG,0BAAA,gBAAAC,oBAAA,CAAAC,IAAA,CAjBM,SAAAC,QAA6BhB,GAAY,EAAEC,GAAa;IAAA,IAAAgB,IAAA,EAAAC,MAAA,EAAAC,OAAA;IAAA,OAAAL,oBAAA,CAAAM,IAAA,UAAAC,SAAAC,QAAA;MAAA,kBAAAA,QAAA,CAAAC,IAAA,GAAAD,QAAA,CAAAE,IAAA;QAAA;UACpDP,IAAI,GAAIjB,GAAG,CAACyB,KAAK,CAAjBR,IAAI;UAAA,IACNA,IAAI;YAAAK,QAAA,CAAAE,IAAA;YAAA;UAAA;UAAA,MACC,IAAIE,KAAK,CAAC,qCAAqC,CAAC;QAAA;UAAAJ,QAAA,CAAAC,IAAA;UAAAD,QAAA,CAAAE,IAAA;UAAA,OAIjC,IAAAG,yBAAkB,EAAC3B,GAAG,EAAEiB,IAAc,CAAC;QAAA;UAAtDC,MAAM,GAAAI,QAAA,CAAAM,IAAA;UAEZ,IAAAC,+BAAwB,EAAC5B,GAAG,EAAEiB,MAAM,CAAC;UAErCjB,GAAG,CAACC,QAAQ,CAAC,GAAG,CAAC;UAACoB,QAAA,CAAAE,IAAA;UAAA;QAAA;UAAAF,QAAA,CAAAC,IAAA;UAAAD,QAAA,CAAAQ,EAAA,GAAAR,QAAA;UAElBtB,GAAG,CAAC+B,GAAG,CAACC,QAAQ,CAAC,sBAAsB,EAAAV,QAAA,CAAAQ,EAAG,CAAC;UACrCX,OAAO,GAAGG,QAAA,CAAAQ,EAAA,YAAaJ,KAAK,GAAGJ,QAAA,CAAAQ,EAAA,CAAEX,OAAO,GAAG,eAAe;UAChElB,GAAG,CAACgC,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAACf,OAAO,CAAC;QAAC;QAAA;UAAA,OAAAG,QAAA,CAAAa,IAAA;MAAA;IAAA,GAAAnB,OAAA;EAAA,CAErC;EAAA,OAAAN,cAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA"}
|
@@ -10,6 +10,9 @@ const expresskit_1 = require("@gravity-ui/expresskit");
|
|
10
10
|
const configure_app_1 = require("./configure-app");
|
11
11
|
const yt_auth_1 = require("./middlewares/yt-auth");
|
12
12
|
const routes_1 = __importDefault(require("./routes"));
|
13
|
+
const oauth_1 = require("./middlewares/oauth");
|
14
|
+
const authorization_1 = require("./middlewares/authorization");
|
15
|
+
const authorization_2 = require("./utils/authorization");
|
13
16
|
const nodekit = new nodekit_1.NodeKit({ configsPath: path_1.default.resolve(__dirname, './configs') });
|
14
17
|
const { appName, appEnv, appInstallation, appDevMode } = nodekit.config;
|
15
18
|
nodekit.ctx.log('AppConfig details', {
|
@@ -23,7 +26,12 @@ if (ytAuthCluster) {
|
|
23
26
|
if (appAuthHandler) {
|
24
27
|
nodekit.ctx.fail(new Error('"appAuthHandler" option will be ignored cause "ytAuthCluster" option is provided.'));
|
25
28
|
}
|
26
|
-
nodekit.config.
|
29
|
+
nodekit.config.appBeforeAuthMiddleware = [
|
30
|
+
...(nodekit.config.appBeforeAuthMiddleware || []),
|
31
|
+
(0, authorization_2.authorizationResolver)((0, oauth_1.createOAuthAuthorizationResolver)()),
|
32
|
+
(0, authorization_2.authorizationResolver)((0, yt_auth_1.createYTAuthorizationResolver)()),
|
33
|
+
];
|
34
|
+
nodekit.config.appAuthHandler = (0, authorization_1.createAuthMiddleware)(ytAuthCluster);
|
27
35
|
}
|
28
36
|
(_b = (_a = nodekit.config).adjustAppConfig) === null || _b === void 0 ? void 0 : _b.call(_a, nodekit);
|
29
37
|
const app = new expresskit_1.ExpressKit(nodekit, routes_1.default);
|
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"names":["_path","_interopRequireDefault","require","_nodekit","_expresskit","_configureApp","_ytAuth","_routes","obj","__esModule","default","nodekit","NodeKit","configsPath","path","resolve","__dirname","_nodekit$config","config","appName","appEnv","appInstallation","appDevMode","ctx","log","_nodekit$config2","ytAuthCluster","appAuthHandler","fail","Error","
|
1
|
+
{"version":3,"names":["_path","_interopRequireDefault","require","_nodekit","_expresskit","_configureApp","_ytAuth","_routes","_oauth","_authorization","_authorization2","obj","__esModule","default","nodekit","NodeKit","configsPath","path","resolve","__dirname","_nodekit$config","config","appName","appEnv","appInstallation","appDevMode","ctx","log","_nodekit$config2","ytAuthCluster","appAuthHandler","fail","Error","appBeforeAuthMiddleware","concat","_toConsumableArray","authorizationResolver","createOAuthAuthorizationResolver","createYTAuthorizationResolver","createAuthMiddleware","_nodekit$config$adjus","_nodekit$config3","adjustAppConfig","call","app","ExpressKit","routes","configureApp","main","module","run","_default","exports"],"sources":["index.ts"],"sourcesContent":["import path from 'path';\nimport _reduce from 'lodash/reduce';\nimport {NodeKit} from '@gravity-ui/nodekit';\nimport {ExpressKit} from '@gravity-ui/expresskit';\n\nimport {configureApp} from './configure-app';\n\nimport {createYTAuthorizationResolver} from './middlewares/yt-auth';\nimport routes from './routes';\nimport {createOAuthAuthorizationResolver} from './middlewares/oauth';\nimport {createAuthMiddleware} from './middlewares/authorization';\nimport {authorizationResolver} from './utils/authorization';\n\nconst nodekit = new NodeKit({configsPath: path.resolve(__dirname, './configs')});\n\nconst {appName, appEnv, appInstallation, appDevMode} = nodekit.config;\nnodekit.ctx.log('AppConfig details', {\n appName,\n appEnv,\n appInstallation,\n appDevMode,\n});\n\nconst {ytAuthCluster, appAuthHandler} = nodekit.config;\n\nif (ytAuthCluster) {\n if (appAuthHandler) {\n nodekit.ctx.fail(\n new Error(\n '\"appAuthHandler\" option will be ignored cause \"ytAuthCluster\" option is provided.',\n ),\n );\n }\n\n nodekit.config.appBeforeAuthMiddleware = [\n ...(nodekit.config.appBeforeAuthMiddleware || []),\n authorizationResolver(createOAuthAuthorizationResolver()),\n authorizationResolver(createYTAuthorizationResolver()),\n ];\n nodekit.config.appAuthHandler = createAuthMiddleware(ytAuthCluster);\n}\n\nnodekit.config.adjustAppConfig?.(nodekit);\n\nconst app = new ExpressKit(nodekit, routes);\nconfigureApp(app);\n\nif (require.main === module) {\n app.run();\n}\n\nexport default app;\n"],"mappings":";;;;;;;AAAA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AAEA,IAAAC,QAAA,GAAAD,OAAA;AACA,IAAAE,WAAA,GAAAF,OAAA;AAEA,IAAAG,aAAA,GAAAH,OAAA;AAEA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAN,sBAAA,CAAAC,OAAA;AACA,IAAAM,MAAA,GAAAN,OAAA;AACA,IAAAO,cAAA,GAAAP,OAAA;AACA,IAAAQ,eAAA,GAAAR,OAAA;AAA2D,SAAAD,uBAAAU,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;;AAE3D,IAAMG,OAAO,GAAG,IAAIC,gBAAO,CAAC;EAACC,WAAW,EAAEC,aAAI,CAACC,OAAO,CAACC,SAAS,EAAE,WAAW;AAAC,CAAC,CAAC;AAEhF,IAAAC,eAAA,GAAuDN,OAAO,CAACO,MAAM;EAA9DC,OAAO,GAAAF,eAAA,CAAPE,OAAO;EAAEC,MAAM,GAAAH,eAAA,CAANG,MAAM;EAAEC,eAAe,GAAAJ,eAAA,CAAfI,eAAe;EAAEC,UAAU,GAAAL,eAAA,CAAVK,UAAU;AACnDX,OAAO,CAACY,GAAG,CAACC,GAAG,CAAC,mBAAmB,EAAE;EACjCL,OAAO,EAAPA,OAAO;EACPC,MAAM,EAANA,MAAM;EACNC,eAAe,EAAfA,eAAe;EACfC,UAAU,EAAVA;AACJ,CAAC,CAAC;AAEF,IAAAG,gBAAA,GAAwCd,OAAO,CAACO,MAAM;EAA/CQ,aAAa,GAAAD,gBAAA,CAAbC,aAAa;EAAEC,cAAc,GAAAF,gBAAA,CAAdE,cAAc;AAEpC,IAAID,aAAa,EAAE;EACf,IAAIC,cAAc,EAAE;IAChBhB,OAAO,CAACY,GAAG,CAACK,IAAI,CACZ,IAAIC,KAAK,CACL,mFACJ,CACJ,CAAC;EACL;EAEAlB,OAAO,CAACO,MAAM,CAACY,uBAAuB,MAAAC,MAAA,KAAAC,2BAAA,EAC9BrB,OAAO,CAACO,MAAM,CAACY,uBAAuB,IAAI,EAAE,IAChD,IAAAG,qCAAqB,EAAC,IAAAC,uCAAgC,EAAC,CAAC,CAAC,EACzD,IAAAD,qCAAqB,EAAC,IAAAE,qCAA6B,EAAC,CAAC,CAAC,EACzD;EACDxB,OAAO,CAACO,MAAM,CAACS,cAAc,GAAG,IAAAS,mCAAoB,EAACV,aAAa,CAAC;AACvE;AAEA,CAAAW,qBAAA,IAAAC,gBAAA,GAAA3B,OAAO,CAACO,MAAM,EAACqB,eAAe,cAAAF,qBAAA,eAA9BA,qBAAA,CAAAG,IAAA,CAAAF,gBAAA,EAAiC3B,OAAO,CAAC;AAEzC,IAAM8B,GAAG,GAAG,IAAIC,sBAAU,CAAC/B,OAAO,EAAEgC,eAAM,CAAC;AAC3C,IAAAC,0BAAY,EAACH,GAAG,CAAC;AAEjB,IAAI1C,OAAO,CAAC8C,IAAI,KAAKC,MAAM,EAAE;EACzBL,GAAG,CAACM,GAAG,CAAC,CAAC;AACb;AAAA,IAAAC,QAAA,GAAAC,OAAA,CAAAvC,OAAA,GAEe+B,GAAG"}
|
@@ -0,0 +1,42 @@
|
|
1
|
+
"use strict";
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
4
|
+
};
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
6
|
+
exports.createAuthMiddleware = void 0;
|
7
|
+
const axios_1 = __importDefault(require("axios"));
|
8
|
+
const authorization_1 = require("../utils/authorization");
|
9
|
+
const requestsSetup_1 = require("../components/requestsSetup");
|
10
|
+
const cluster_queries_1 = require("../components/cluster-queries");
|
11
|
+
const utils_1 = require("../utils");
|
12
|
+
class AuthError extends Error {
|
13
|
+
constructor() {
|
14
|
+
super('Authorization required');
|
15
|
+
}
|
16
|
+
}
|
17
|
+
function isAuthError(e) {
|
18
|
+
var _a;
|
19
|
+
return e instanceof AuthError || (axios_1.default.isAxiosError(e) && ((_a = e.response) === null || _a === void 0 ? void 0 : _a.status) === 401);
|
20
|
+
}
|
21
|
+
function createAuthMiddleware(ytAuthCluster) {
|
22
|
+
return async function authMiddleware(req, res, next) {
|
23
|
+
try {
|
24
|
+
if (!(0, authorization_1.isAuthorized)(req)) {
|
25
|
+
throw new AuthError();
|
26
|
+
}
|
27
|
+
const cfg = (0, requestsSetup_1.getUserYTApiSetup)(ytAuthCluster, req);
|
28
|
+
const { login } = await (0, cluster_queries_1.getXSRFToken)(req, cfg);
|
29
|
+
req.yt.login = login;
|
30
|
+
}
|
31
|
+
catch (e) {
|
32
|
+
const isAuthFailed = isAuthError(e);
|
33
|
+
const error = isAuthFailed ? undefined : e;
|
34
|
+
if (!req.routeInfo.ui && isAuthFailed) {
|
35
|
+
(0, utils_1.sendError)(res, error, 401);
|
36
|
+
return;
|
37
|
+
}
|
38
|
+
}
|
39
|
+
next();
|
40
|
+
};
|
41
|
+
}
|
42
|
+
exports.createAuthMiddleware = createAuthMiddleware;
|