backend-manager 2.3.19 → 2.4.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "backend-manager",
-  "version": "2.3.19",
+  "version": "2.4.1",
   "description": "Quick tools for developing Firebase functions",
   "main": "src/manager/index.js",
   "bin": {
@@ -27,11 +27,11 @@
   },
   "homepage": "https://itwcreativeworks.com",
   "dependencies": {
-    "@firebase/rules-unit-testing": "^2.0.3",
+    "@firebase/rules-unit-testing": "^2.0.4",
     "@google-cloud/storage": "^5.20.5",
     "@sendgrid/mail": "^7.7.0",
     "@sentry/node": "^6.19.7",
-    "backend-assistant": "^0.0.67",
+    "backend-assistant": "^0.0.71",
     "busboy": "^1.6.0",
     "chalk": "^4.1.2",
     "cors": "^2.8.5",
@@ -42,6 +42,7 @@
     "hcaptcha": "^0.1.1",
     "inquirer": "^8.2.4",
     "json5": "^2.2.1",
+    "jwt-decode": "^3.1.2",
     "lodash": "^4.17.21",
     "lowdb": "^1.0.0",
     "mailchimp-api-v3": "^1.15.0",
@@ -66,4 +67,4 @@
     "src/",
     "templates/"
   ]
-}
+}

package/src/manager/functions/core/actions/api/user/oauth2/google.js

@@ -0,0 +1,53 @@
+const decode = require('jwt-decode')
+
+function OAuth2() {
+  const self = this;
+  self.service = 'google';
+  self.name = 'Google';
+  self.urls = {
+    authorize: 'https://accounts.google.com/o/oauth2/v2/auth',
+    tokenize: 'https://oauth2.googleapis.com/token',
+  }
+}
+
+OAuth2.prototype.buildUrl = function (state, url) {
+  const self = this;
+
+  return new Promise(function(resolve, reject) {
+    if (state === 'authorize') {
+      // do something with url
+      return resolve()
+    } else {
+      return resolve()
+    }
+  });
+};
+
+OAuth2.prototype.verifyIdentity = function (tokenizeResult) {
+  const self = this;
+  const Manager = self.Manager;
+
+  return new Promise(function(resolve, reject) {
+    const decoded = decode(tokenizeResult.id_token);
+
+    // console.log('---decoded', decoded);
+
+    // Check if exists
+    Manager.libraries.admin.firestore().collection(`users`)
+    .where(`oauth2.${self.service}.identity.email`, '==', decoded.email)
+    .get()
+    .then(async (snap) => {
+      if (snap.size === 0) {
+        return resolve(decoded);
+      } else {
+        return reject(new Error(`This ${self.name} account is already connected to a ${Manager.config.brand.name} account`));
+      }
+    })
+    .catch((e) => {
+      return reject(e);
+    });
+
+  });
+};
+
+module.exports = OAuth2;

package/src/manager/functions/core/actions/api/user/oauth2.js

@@ -1,9 +1,18 @@
 const _ = require('lodash')
+const fetch = require('wonderful-fetch');
 
 function Module() {
 
 }
 
+/*
+  authorize: redirect or send back the URL for authorization, which will go to UJ page that sends the data back to bm_api
+    - if no client_id is provided, fetch from ITW/APP
+  tokenize: save the credentials in firestore and redirect or respond with URL to the desired end page
+  deauthorize: delete from firestore
+  refresh: call refresh on token
+*/
+
 Module.prototype.main = function () {
   const self = this;
   const Manager = self.Manager;
@@ -14,9 +23,97 @@ Module.prototype.main = function () {
   return new Promise(async function(resolve, reject) {
     self.Api.resolveUser({adminRequired: true})
     .then(async (user) => {
-      // return resolve({data: {success: true}});
-      // return reject(assistant.errorManager(`Failed to delete user: ${e}`, {code: 400, sentry: false, send: false, log: false}).error)
-      console.log('---payload', payload);
+
+      self.ultimateJekyllOAuth2Url = assistant.meta.environment === 'development'
+        ? `http://localhost:4000/oauth2`
+        : `${Manager.config.brand.url}/oauth2`
+      self.oauth2 = null;
+      self.omittedPayloadFields = ['redirect', 'referrer', 'service', 'state'];
+
+      // self.ultimateJekyllOAuth2Url = `${Manager.config.brand.url}/oauth2`;
+
+      // Options
+      // payload.data.payload.uid = payload.data.payload.uid;
+      payload.data.payload.redirect = typeof payload.data.payload.redirect === 'undefined'
+        ? true
+        : payload.data.payload.redirect
+
+      payload.data.payload.referrer = typeof payload.data.payload.referrer === 'undefined'
+        ? (assistant.meta.environment === 'development' ? `http://localhost:4000/oauth2` : `${Manager.config.brand.url}/oauth2`)
+        : payload.data.payload.referrer
+
+      payload.data.payload.service = payload.data.payload.service || '';
+      payload.data.payload.state = payload.data.payload.state || 'authorize'; // authorize, tokenize, deauthorize, refresh, get
+      payload.data.payload.redirect_uri = payload.data.payload.redirect_uri
+        ? payload.data.payload.redirect_uri
+        : `${Manager.config.brand.url}/authentication/account`;
+
+      // payload.data.payload.parameters = payload.data.payload.parameters || {}
+
+      // payload.data.payload.client_id = payload.data.payload.client_id;
+      // payload.data.payload.scope = payload.data.payload.scope;
+
+      let newUrl;
+      const state = {
+        code: 'success',
+        service: payload.data.payload.service,
+        authenticationToken: payload.data.authenticationToken,
+        serverUrl: `${Manager.project.functionsUrl}/bm_api`,
+        referrer: payload.data.payload.referrer,
+        redirectUrl: payload.data.payload.redirect_uri,
+      }
+
+      assistant.log('OAuth2 payload', payload.data.payload);
+
+      try {
+        self.oauth2 = new (require(`./oauth2/${payload.data.payload.service}.js`))();
+        self.oauth2.parent = self;
+        self.oauth2.Manager = self.Manager;
+
+        newUrl = self.oauth2.urls[payload.data.payload.state]
+
+        // Set parameters
+        if (newUrl) {
+          newUrl = new URL(newUrl)
+
+          if (payload.data.payload.state === 'authorize') {
+            newUrl.searchParams.set('state', JSON.stringify(state));
+            newUrl.searchParams.set('client_id', _.get(Manager.config, `oauth2.${payload.data.payload.service}.client_id`));
+            newUrl.searchParams.set('scope', payload.data.payload.scope);
+            newUrl.searchParams.set('redirect_uri', self.ultimateJekyllOAuth2Url);
+
+            newUrl.searchParams.set('access_type', typeof payload.data.payload.access_type === 'undefined' ? 'offline' : payload.data.payload.access_type)
+            newUrl.searchParams.set('include_granted_scopes', typeof payload.data.payload.include_granted_scopes === 'undefined' ? 'true' : payload.data.payload.include_granted_scopes)
+            newUrl.searchParams.set('response_type', typeof payload.data.payload.response_type === 'undefined' ? 'code' : payload.data.payload.response_type)
+          }
+
+          await self.oauth2.buildUrl(payload.data.payload.state, newUrl)
+          .then(url => {
+            if (url) {
+              newUrl = url;
+            }
+          })
+          .catch(e => { throw e; });
+        }
+
+      } catch (e) {
+        return reject(e);
+      }
+
+      // Process by state
+      if (payload.data.payload.state === 'authorize') {
+        self.processState_authorize(newUrl)
+        .then(r => {resolve(r)})
+        .catch(e => {reject(e)})
+      } else if (payload.data.payload.state === 'tokenize') {
+        self.processState_tokenize(newUrl)
+        .then(r => {resolve(r)})
+        .catch(e => {reject(e)})
+      } else if (payload.data.payload.state === 'deauthorize') {
+        self.processState_deauthorize(newUrl)
+        .then(r => {resolve(r)})
+        .catch(e => {reject(e)})
+      }
     })
     .catch(e => {
       return reject(e);
@@ -25,5 +122,160 @@ Module.prototype.main = function () {
 
 };
 
+Module.prototype.processState_authorize = function (newUrl) {
+  const self = this;
+  const Manager = self.Manager;
+  const Api = self.Api;
+  const assistant = self.assistant;
+  const payload = self.payload;
+
+  return new Promise(async function(resolve, reject) {
+    const finalUrl = newUrl.toString();
+
+    return resolve({
+      data: {
+        authorizationUrl: finalUrl,
+      },
+      redirect: payload.data.payload.redirect ? finalUrl : null
+    });
+  });
+};
+
+Module.prototype.processState_tokenize = function (newUrl) {
+  const self = this;
+  const Manager = self.Manager;
+  const Api = self.Api;
+  const assistant = self.assistant;
+  const payload = self.payload;
+
+  return new Promise(async function(resolve, reject) {
+    const finalUrl = newUrl.toString();
+
+    const body = {
+      client_id: _.get(Manager.config, `oauth2.${payload.data.payload.service}.client_id`),
+      client_secret: _.get(Manager.config, `oauth2.${payload.data.payload.service}.client_secret`),
+      grant_type: 'authorization_code',
+      redirect_uri: self.ultimateJekyllOAuth2Url,
+      code: payload.data.payload.code,
+      // scope: '',
+    };
+
+    // console.log('----body', body);
+
+    const tokenizeResponse = await fetch(finalUrl, {
+      method: 'POST',
+      timeout: 60000,
+      response: 'json',
+      tries: 2,
+      log: true,
+      body: new URLSearchParams(body),
+      cacheBreaker: false,
+      headers: {
+        'Content-Type': 'application/x-www-form-urlencoded',
+      },
+    })
+    .then(json => json)
+    .catch(e => e)
+
+    // console.log('---tokenizeResponse', tokenizeResponse);
+
+    if (tokenizeResponse instanceof Error) {
+      return reject(tokenizeResponse);
+    }
+
+    // Determine identity
+    const verifiedIdentity = await self.oauth2.verifyIdentity(tokenizeResponse)
+    .then(identity => identity)
+    .catch(e => e);
+
+    // console.log('---verifiedIdentity', verifiedIdentity);
+
+    if (verifiedIdentity instanceof Error) {
+      return reject(verifiedIdentity);
+    }
+
+    const storeResponse = await self.libraries.admin.firestore().doc(`users/${payload.user.auth.uid}`)
+    .set({
+      oauth2: {
+        [payload.data.payload.service]: {
+          code: _.omit(
+            _.merge({}, payload.data.payload),
+            self.omittedPayloadFields,
+          ),
+          token: tokenizeResponse,
+          identity: verifiedIdentity,
+          updated: {
+            timestamp: assistant.meta.startTime.timestamp,
+            timestampUNIX: assistant.meta.startTime.timestampUNIX,
+          }
+        }
+      }
+    }, { merge: true })
+    .then(r => r)
+    .catch(e => e)
+
+    // console.log('---storeResponse', storeResponse);
+
+    if (storeResponse instanceof Error) {
+      return reject(storeResponse);
+    }
+
+    return resolve({
+      data: {success: true}
+    })
+
+  });
+};
+
+Module.prototype.processState_deauthorize = function () {
+  const self = this;
+  const Manager = self.Manager;
+  const Api = self.Api;
+  const assistant = self.assistant;
+  const payload = self.payload;
+
+  return new Promise(async function(resolve, reject) {
+    self.libraries.admin.firestore().doc(`users/${payload.user.auth.uid}`)
+    .set({
+      oauth2: {
+        [payload.data.payload.service]: {},
+        updated: {
+          timestamp: assistant.meta.startTime.timestamp,
+          timestampUNIX: assistant.meta.startTime.timestampUNIX,
+        }
+      }
+    }, { merge: true })
+    .then(function(data) {
+      return resolve({
+        data: {success: true},
+      });
+    })
+    .catch(function(e) {
+      return reject(e);
+    })
+  });
+};
+
+
+
+
+Module.prototype.processState_template = function (newUrl) {
+  const self = this;
+  const Manager = self.Manager;
+  const Api = self.Api;
+  const assistant = self.assistant;
+  const payload = self.payload;
+
+  return new Promise(async function(resolve, reject) {
+    const finalUrl = newUrl.toString();
+
+    return resolve({
+      data: {
+        authorizationUrl: finalUrl,
+      },
+      redirect: payload.data.payload.redirect ? finalUrl : null
+    });
+  });
+};
 
 module.exports = Module;

package/src/manager/functions/core/actions/api.js

@@ -33,6 +33,7 @@ Module.prototype.init = function (Manager, data) {
 
 Module.prototype.main = function() {
   const self = this;
+  const Manager = self.Manager;
   const libraries = self.libraries;
   const assistant = self.assistant;
   const req = self.req;
@@ -45,6 +46,7 @@ Module.prototype.main = function() {
     const resolved = self.resolveCommand(self.payload.data.command);
 
     self.assistant.log(`Executing: ${resolved.command}`, self.payload, JSON.stringify(self.payload), {environment: 'production'})
+    self.assistant.log(`Resolved URL: ${Manager.project.functionsUrl}?command=${encodeURIComponent(resolved.command)}&payload=${encodeURIComponent(JSON.stringify(self.assistant.request.data.payload))}`, {environment: 'development'})
 
     if (!resolved.exists) {
       self.payload.response.status = 400;
@@ -61,6 +63,7 @@ Module.prototype.main = function() {
             // console.log('---self.payload.response.data', self.payload.response.data);
             self.payload.response.status = result.status || self.payload.response.status || 200;
             self.payload.response.data = result.data || self.payload.response.data || {};
+            self.payload.response.redirect = result.redirect || self.payload.response.redirect || null;
           })
           .catch(e => {
             self.payload.response.status = e.code || 500;
@@ -77,13 +80,22 @@ Module.prototype.main = function() {
       })
     }
 
-    if (self.payload.response.status === 200) {
-      self.assistant.log(`Finished: ${resolved.command}`, self.payload, JSON.stringify(self.payload), {environment: 'production'})
-      return res.status(self.payload.response.status).json(self.payload.response.data);
+    self.payload.response.status = _fixStatus(self.payload.response.status);
+
+    res.status(self.payload.response.status)
+
+    if (self.payload.response.status >= 200 && self.payload.response.status < 300) {
+      self.assistant.log(`Finished ${resolved.command} (status=${self.payload.response.status})`, self.payload, JSON.stringify(self.payload), {environment: 'production'})
+
+      if (self.payload.response.redirect) {
+        return res.redirect(self.payload.response.redirect);
+      } else {
+        return res.json(self.payload.response.data);
+      }
     } else {
-      console.error(`Error executing ${resolved.command} @ ${resolved.path}`, self.payload.response.error)
-      // return res.status(self.payload.response.status).send(self.payload.response.error.message);
-      return res.status(self.payload.response.status).send(`${self.payload.response.error}`);
+      console.error(`Error executing ${resolved.command} @ ${resolved.path} (status=${self.payload.response.status}):`, self.payload.response.error)
+      // return res.send(self.payload.response.error.message);
+      return res.send(`${self.payload.response.error}`);
     }
   });
 }
@@ -252,4 +264,16 @@ Module.prototype.resolveUser = function (options) {
   });
 };
 
+function _fixStatus(status) {
+  if (typeof status === 'number') {
+    return status;
+  } else {
+    if (status === 'ok') {
+      return 200
+    } else {
+      return 500
+    }
+  }
+}
+
 module.exports = Module;

package/src/manager/index.js

@@ -19,6 +19,8 @@ function Manager(exporter, options) {
     storage: {},
   };
 
+  // self.isDevelopment = false;
+
   return self;
 }
 
@@ -32,15 +34,16 @@ Manager.prototype.init = function (exporter, options) {
   // Set options defaults
   options = options || {};
   options.initialize = typeof options.initialize === 'undefined' ? true : options.initialize;
+  options.log = typeof options.log === 'undefined' ? false : options.log;
   options.setupFunctions = typeof options.setupFunctions === 'undefined' ? true : options.setupFunctions;
   options.setupFunctionsLegacy = typeof options.setupFunctionsLegacy === 'undefined' ? true : options.setupFunctionsLegacy;
   options.initializeLocalStorage = typeof options.initializeLocalStorage === 'undefined' ? false : options.initializeLocalStorage;
+  options.resourceZone = typeof options.resourceZone === 'undefined' ? 'us-central1' : options.resourceZone;
   options.sentry = typeof options.sentry === 'undefined' ? true : options.sentry;
   options.reportErrorsInDev = typeof options.reportErrorsInDev === 'undefined' ? false : options.reportErrorsInDev;
   options.firebaseConfig = options.firebaseConfig;
   options.useFirebaseLogger = typeof options.useFirebaseLogger === 'undefined' ? true : options.useFirebaseLogger;
-  // options.serviceAccountPath = typeof options.serviceAccountPath === 'undefined' ? 'service-account.json' : options.serviceAccountPath;
-  options.serviceAccountPath = typeof options.serviceAccountPath === 'undefined' ? undefined : options.serviceAccountPath;
+  options.serviceAccountPath = typeof options.serviceAccountPath === 'undefined' ? 'service-account.json' : options.serviceAccountPath;
   options.uniqueAppName = options.uniqueAppName || undefined;
   options.assistant = options.assistant || {};
   // options.assistant.optionsLogString = options.assistant.optionsLogString || undefined;
@@ -70,7 +73,9 @@ Manager.prototype.init = function (exporter, options) {
 
   // Set properties
   self.options = options;
-  self.project = options.firebaseConfig || JSON.parse(process.env.FIREBASE_CONFIG);
+  self.project = options.firebaseConfig || JSON.parse(process.env.FIREBASE_CONFIG || '{}');
+  self.project.resourceZone = options.resourceZone;
+
   self.cwd = process.cwd();
   self.package = resolveProjectPackage();
   self.config = merge(
@@ -78,15 +83,26 @@ Manager.prototype.init = function (exporter, options) {
     self.libraries.functions.config()
   );
 
+  // Init assistant
   self.assistant = self.Assistant().init(undefined, options.assistant);
 
   process.env.ENVIRONMENT = !process.env.ENVIRONMENT ? self.assistant.meta.environment : process.env.ENVIRONMENT;
 
+  // set more properties (need to wait for assistant to determine if DEV)
+  self.project.functionsUrl = self.assistant.meta.environment === 'development'
+    ? `http://localhost:5001/${self.project.projectId}/${self.project.resourceZone}`
+    : `https://${self.project.resourceZone}-${self.project.projectId}.cloudfunctions.net`;
+
+
   // Use the working Firebase logger that they disabled for whatever reason
   if (self.assistant.meta.environment !== 'development' && options.useFirebaseLogger) {
     require('firebase-functions/lib/logger/compat');
   }
 
+  if (options.log) {
+    self.assistant.log('process.env', process.env, {environment: 'production'})
+  }
+
   // Setup sentry
   if (self.options.sentry) {
     const sentryRelease = `${get(self.config, 'app.id') || self.project.projectId}@${self.package.version}`;
@@ -114,16 +130,18 @@ Manager.prototype.init = function (exporter, options) {
   // Setup options features
   if (self.options.initialize) {
     // console.log('Initializing:', self.project);
+    // console.log('----process.env.GOOGLE_APPLICATION_CREDENTIALS', process.env.GOOGLE_APPLICATION_CREDENTIALS);
     try {
-      if (options.serviceAccountPath && options.uniqueAppName) {
+      // console.log('---process.env.GOOGLE_APPLICATION_CREDENTIALS', process.env.GOOGLE_APPLICATION_CREDENTIALS);
+      if (process.env.GOOGLE_APPLICATION_CREDENTIALS) {
+        self.libraries.initializedAdmin = self.libraries.admin.initializeApp();
+      } else {
         self.libraries.initializedAdmin = self.libraries.admin.initializeApp({
           credential: self.libraries.admin.credential.cert(
             require(path.resolve(self.cwd, options.serviceAccountPath))
           ),
           databaseURL: self.project.databaseURL,
         }, options.uniqueAppName);
-      } else {
-        self.libraries.initializedAdmin = self.libraries.admin.initializeApp();
       }
     } catch (e) {
       console.error('Failed to call .initializeApp()', e);