npm - bjx-auth - Versions diffs - 1.3.0 → 1.5.1 - Mend

bjx-auth 1.3.0 → 1.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (31) hide show

package/dist/bjx-auth-api.esm.js +2 -2
package/dist/bjx-auth-api.umd.js +2 -2
package/dist/bjx-auth.esm.js +2 -0
package/dist/bjx-auth.umd.js +2 -0
package/dist/index-i2aY_ysP.js +2 -0
package/dist/request.cjs.js +2 -0
package/dist/strategy.cjs.js +2 -0
package/package.json +14 -9
package/readme.md +14 -19
package/src/config.js +0 -62
package/src/logger.js +0 -15
package/src/request/axios.js +0 -67
package/src/request/index.js +0 -12
package/src/request/passportapi.js +0 -216
package/src/request/sign/encrypt/index.js +0 -7
package/src/request/sign/encrypt/node.js +0 -31
package/src/request/sign/encrypt/web.js +0 -31
package/src/request/sign/hash/index.js +0 -7
package/src/request/sign/hash/node.js +0 -14
package/src/request/sign/hash/web.js +0 -18
package/src/request/sign/index.js +0 -59
package/src/request/sign/publicPem.js +0 -45
package/src/request/sign/reqEncrypt.js +0 -16
package/src/request/sign/reqSginOld.js +0 -89
package/src/request/sign/reqSign.js +0 -80
package/src/request/userInfo.js +0 -72
package/src/strategy/handle.js +0 -66
package/src/strategy/handleDemo.js +0 -49
package/src/strategy/index.js +0 -9
package/src/strategy/strategy.js +0 -268
package/src/strategy/utils.js +0 -268

package/src/request/sign/reqSign.js DELETED Viewed

@@ -1,80 +0,0 @@
-const { hashHS256 } = require('./hash')
-const config = require('../../config')
-// 请求签名相关
-function sortData(data) {
-  if (Object.prototype.toString.call(data) === '[object Object]') {
-    return Object.keys(data)
-      .sort() // 默认情况下 sort 会按字典顺序（ASCII 顺序）进行排序
-      .reduce((newObj, key) => {
-        newObj[key] = sortData(data[key])
-        return newObj
-      }, {})
-  } else if (Object.prototype.toString.call(data) === '[object Array]') {
-    return data.map((item) => sortData(item))
-  } else {
-    return data
-  }
-}
-function objToStr(data) {
-  let dataArr = []
-  Object.entries(data).map(([key, value]) => {
-    if (value === undefined || value === '' || value === null) {
-    } else {
-      if (
-        Object.prototype.toString.call(value) === '[object Array]' ||
-        Object.prototype.toString.call(value) === '[object Object]'
-      ) {
-        dataArr.push(`${key}=${encodeURIComponent(JSON.stringify(value))}`)
-      } else {
-        dataArr.push(`${key}=${encodeURIComponent(value)}`)
-      }
-    }
-  })
-  return dataArr.join('&')
-}
-function signFn(data, signKey) {
-  const sorted = sortData(data)
-  const dataStr = objToStr(sorted)
-  const sign = hashHS256(dataStr, signKey)
-  return {
-    ...data,
-    sign,
-  }
-}
-function getReqSign(params, signKey) {
-  const {
-    eqp,
-    os,
-    ba,
-    bp,
-    ver,
-    apiVersion,
-    signVersion,
-    clientId,
-    clientSecret,
-    data = {},
-  } = params || {}
-  const obj = {
-    eqp: eqp || config.eqp || '',
-    os: os * 1 || config.os * 1 || 1,
-    ba: ba || config.ba || '',
-    bp: bp || config.bp || '',
-    ver: ver || config.ver || '1.0.0',
-    ts: Date.now(),
-    apiVersion: apiVersion || config.apiVersion || '1.0.0',
-    signVersion: signVersion || config.signVersion || 'V1',
-    clientId: clientId || config.clientId || '',
-    clientSecret: clientSecret || config.clientSecret || '',
-    data,
-  }
-  signKey = signKey || config.signKey
-  const res = signFn(obj, signKey)
-  return res
-}
-exports = module.exports = getReqSign

package/src/request/userInfo.js DELETED Viewed

@@ -1,72 +0,0 @@
-const { auth, enterpriseapi } = require('./axios')
-const { getReqSign } = require('./sign')
-/**
- * nodejs授权
- */
-async function baseInfo(opts, signObj = {}) {
-  opts.data = { ...opts.data, ...getReqSign(signObj) }
-  return auth({
-    url: '/api/User/' + opts.__type__,
-    method: 'POST',
-    ...opts,
-  })
-}
-async function userInfo(opts, signObj = {}) {
-  opts.data = { ...opts.data, ...getReqSign(signObj) }
-  return enterpriseapi({
-    url: '/enterprise/user/userInfo',
-    method: 'POST',
-    ...opts,
-  }).then((res) => {
-    const { data: rsp_obj } = res
-    res.data = {
-      HttpStatusCode: rsp_obj.code,
-      Error: rsp_obj.errMsg,
-      IsError: !rsp_obj.success,
-      Data:
-        rsp_obj.data && Object.keys(rsp_obj.data).length
-          ? {
-              HasCompany: rsp_obj.data.hasCompanyState > 0, // BaseInfoV1和BaseInfo的差别
-              Id: rsp_obj.data.id || '',
-              UId: rsp_obj.data.userId || 0,
-              UserName: rsp_obj.data.userName || '',
-              NickName: rsp_obj.data.nickName || '',
-              Email: rsp_obj.data.userEmail || '',
-              EmailIsCheck: rsp_obj.data.emailCheckState > 0,
-              RegionCode: rsp_obj.data.regionCode || '',
-              Phone: rsp_obj.data.userPhone || '',
-              PhoneIsCheck: rsp_obj.data.phoneCheckState > 0,
-              HeadUrl: rsp_obj.data.headUrl || '',
-              BackImage: rsp_obj.data.backImage || '',
-              BriefIntro: rsp_obj.data.briefIntro || '',
-              Industry: rsp_obj.data.industryId || 0,
-              Source: rsp_obj.data.registerSource || 0,
-              ShowName: rsp_obj.data.showName || '',
-              HeadIsDef: rsp_obj.data.headDefState > 0,
-              Nick: rsp_obj.data.nick || '',
-              NickShowName: rsp_obj.data.nickShowName || '',
-              RegDate: rsp_obj.data.registerDate || '',
-            }
-          : {},
-    }
-    return res
-  })
-}
-async function getUserInfo(opts, signArr) {
-  const typeArr = ['BaseInfo', 'BaseInfoV1', 'ExtendInfo', 'userInfo']
-  if (!typeArr.includes(opts.__type__)) {
-    opts.__type__ = typeArr[0]
-  }
-  if (opts.__type__ === 'userInfo') {
-    return userInfo(opts, signArr)
-  } else {
-    return baseInfo(opts, signArr)
-  }
-}
-exports = module.exports = {
-  getUserInfo,
-}

package/src/strategy/handle.js DELETED Viewed

@@ -1,66 +0,0 @@
-const {
-  setConfig,
-  getConfig,
-  getToken: getTokenApi,
-  getUserInfo: getUserInfoApi,
-} = require('../request')
-async function getToken(cookies, isRefresh, { headers, ctx }) {
-  return getTokenApi(
-    {
-      __isRefresh__: isRefresh,
-      headers: {
-        Cookie: Object.entries(cookies)
-          .map((v) => v.join('='))
-          .join('; '),
-        ...headers,
-      },
-    },
-    {
-      ctx,
-    },
-  ).then(({ data }) => {
-    if (data.isError === false) {
-      return {
-        bjx_token_flag: cookies['idsrv.session'],
-        token_type: '',
-        access_token: data.data.authToken,
-        expires_at: data.data.expiresAt || (Date.now() / 1000 + 4 * 3600) | 0, // 4小时过期
-      }
-    }
-  })
-}
-async function getUserInfo(token, type, { headers, ctx }) {
-  // 兼容老的token 以支持老版本APP嵌入页面
-  const tokenHeader = {}
-  if (token.startsWith('Bearer ')) {
-    tokenHeader['Authorization'] = token
-  } else {
-    tokenHeader['AuthToken'] = token
-  }
-  return getUserInfoApi(
-    {
-      __type__: type,
-      headers: {
-        ...headers,
-        ...tokenHeader,
-      },
-    },
-    {
-      ctx,
-    },
-  ).then(({ data }) => {
-    if (data.IsError === false) {
-      return data.Data
-    }
-  })
-}
-module.exports = {
-  setConfig,
-  getConfig,
-  getToken,
-  getUserInfo,
-}

package/src/strategy/handleDemo.js DELETED Viewed

@@ -1,49 +0,0 @@
-async function setConfig(obj) {
-  console.log('设置配置方法', obj)
-}
-async function getToken(cookie, { headers }) {
-  console.log('令牌方法', cookie, headers)
-  return {
-    is_bjx_token: true,
-    token_type: '',
-    access_token:
-      'xn4d9DmczNYqDDHt1kHA95l923HSjqNbaYUNVzDNw9FTkxZGg7tsZutqFgfg0gTXoxH9LCxs5uuQ_sBBi54WWg01gESgzSMQV7a1f2utaBr90QPSCy-oLu5YUdHzCPDszfx2P8M4xm4LRMNehjXl8cG0Xph80FdJ7-OntP_ZdGE8ERWAppZATpSZML1oOMj2AKg_Z8YReHTqdp6BuFJqpk2qdCtsFyrqsCbh87pRcghj93eDB4sbSXmKOoc-96LO',
-    expires_at: 1756375244,
-  }
-}
-async function getUserInfo(token, type, { headers }) {
-  console.log('用户信息方法', token, type, headers)
-  return {
-    ts: new Date().toLocaleString('sv-SE'),
-    Id: '4316B40F-DBB6-4AA5-8242-5425C7D36DFB',
-    UId: 1100000010,
-    UserName: 'bjxadmin',
-    NickName: '徐薇',
-    Email: 'caoce5158@qq.com',
-    EmailIsCheck: true,
-    RegionCode: '+86',
-    Phone: '13911112222',
-    PhoneIsCheck: true,
-    HeadUrl:
-      'https://static.bjx.com.cn/EnterpriseNew/SeekerImg/1100000010/2023050813520237_74810.jpeg',
-    BackImage:
-      'http://img01.mybjx.net/webupload/image/20231109/3e06d701bc00002.png',
-    BriefIntro: '',
-    Industry: 1300,
-    Source: 9,
-    ShowName: '徐薇',
-    HeadIsDef: false,
-    Nick: '',
-    NickShowName: '星友2222',
-    RegDate: '2016-05-09T17:14:56.473',
-    PwdIsSet: false,
-  }
-}
-module.exports = {
-  setConfig,
-  getToken,
-  getUserInfo,
-}

package/src/strategy/index.js DELETED Viewed

@@ -1,9 +0,0 @@
-const { setConfig, getConfig } = require('../config')
-const strategy = require('./strategy')
-const utils = require('./utils')
-exports = module.exports = Object.assign(
-  { setConfig, getConfig },
-  strategy,
-  utils,
-)

package/src/strategy/strategy.js DELETED Viewed

@@ -1,268 +0,0 @@
-const { Strategy } = require('passport')
-const { setConfig, getConfig, getToken, getUserInfo } = require('./handle')
-const { errorLogger, debugLogger } = require('../logger')
-class BjxStrategy extends Strategy {
-  constructor(options = {}, verify) {
-    super()
-    // 策略名称
-    this.name = 'bjx'
-    // 配置选项
-    this.loadUserInfo = options.loadUserInfo || false
-    this.userInfoDuration = this.normalizeDuration(options.loadUserInfo)
-    this.userInfoType = options.userInfoType || ''
-    this.handleHeadrToken = options.handleHeadrToken || false
-    this.verify = verify || ((user, done) => done(null, user))
-    // 设置配置缓存
-    setConfig(options.authConfig)
-    if (options.authConfig.debug) {
-      debugLogger('配置项', getConfig())
-    }
-  }
-  normalizeDuration(val) {
-    // loadUserInfo参数 单位为分钟 但是这里返回毫秒 减少比较时的计算
-    if (typeof val === 'number' && val > 0) {
-      return val * 60 * 1000
-    }
-    return 30 * 60 * 1000
-  }
-  authenticate(req, options) {
-    // 检查必要的cookie
-    const hasRequiredCookies =
-      req.cookies &&
-      req.cookies.get('idsrv.session') &&
-      req.cookies.get('.AspNetCore.Identity.Application')
-    // 检查必要的header
-    const hasRequiredHeaders =
-      req.headers && (req.headers.authtoken || req.headers.authorization)
-    // 假如不存在 则认证失败
-    if (!hasRequiredCookies && !(this.handleHeadrToken && hasRequiredHeaders)) {
-      debugLogger('认证失败', hasRequiredCookies, '(', this.handleHeadrToken, hasRequiredHeaders, ')')
-      return this.fail()
-    }
-    if (this.handleHeadrToken && hasRequiredHeaders) {
-      this.executeCosplayAuthentication(req)
-        .then((user) => {
-          this.success(user)
-        })
-        .catch((err) => {
-          if (err.message === '__goto_next__') {
-            this.pass()
-          } else {
-            this.error(err)
-          }
-        })
-    } else if (hasRequiredCookies) {
-      // 否则 执行认证流程
-      this.executeAuthentication(req)
-        .then((user) =>
-          // 创建策略时 可传入回调函数 已追加认证逻辑
-          this.verify(user, (err, verifiedUser) => {
-            if (err) return this.error(err)
-            this.success(verifiedUser)
-          }),
-        )
-        .catch((err) => {
-          if (err.message === '__goto_next__') {
-            this.pass()
-          } else {
-            this.error(err)
-          }
-        })
-    } else {
-      this.pass()
-    }
-  }
-  async executeCosplayAuthentication(req) {
-    // 以Bearer开始的 为Authorization头 否则为Authtoken头
-    let token = ''
-    let isAuthorization = false
-    if (req.headers?.authtoken) {
-      token = req.headers.authtoken
-    } else if (req.headers?.authorization) {
-      token = req.headers.authorization.replace('Bearer ', '')
-      isAuthorization = true
-    }
-    const su = req?.session?.passport?.user || {}
-    if (su.token?.access_token === token) {
-      throw new Error('__goto_next__')
-    }
-    // 假如session里面没有不是该token说明换了 需要重新获取
-    su.info = null
-    const userInfo = await this.getUserInfoWithRefresh(
-      (isAuthorization ? 'Bearer ' : '') + token,
-      req,
-      {},
-    )
-    if (userInfo) {
-      debugLogger(
-        `通过${isAuthorization ? 'Authorization' : 'Authtoken'}头信息登录系统`,
-      )
-      if (isAuthorization) {
-        return {
-          token: {
-            token_type: 'Bearer',
-            access_token: token,
-            expires_at: (Date.now() / 1000 + 4 * 600) | 0,
-          },
-          info: userInfo,
-        }
-      } else {
-        return {
-          token: {
-            bjx_token_flag: 'This token from authtoken/authorization header',
-            token_type: '',
-            access_token: token,
-            expires_at: (Date.now() / 1000 + 4 * 600) | 0,
-          },
-          info: userInfo,
-        }
-      }
-    } else {
-      throw new Error('Invalid headers token')
-    }
-  }
-  async executeAuthentication(req) {
-    // 获取请求头信息
-    const headers = this.extractHeaders(req)
-    // 获取cookie
-    const cookies = {
-      'idsrv.session': req.cookies.get('idsrv.session'),
-      '.AspNetCore.Identity.Application': req.cookies.get(
-        '.AspNetCore.Identity.Application',
-      ),
-    }
-    // 获取令牌 不存在时直接抛出错误
-    const tokenData = await this.getTokenWithRefresh(cookies, req, headers)
-    if (!tokenData) throw new Error('Get token failed')
-    // 获取用户信息 假如配置中为false 则不获取
-    let userInfo
-    if (this.loadUserInfo) {
-      const token = tokenData.access_token
-      userInfo = await this.getUserInfoWithRefresh(token, req, headers)
-    }
-    return {
-      token: tokenData,
-      info: userInfo,
-    }
-  }
-  extractHeaders(req) {
-    return {
-      'X-Forwarded-For': req.headers['x-forwarded-for'],
-      'X-Forwarded-Host': req.headers['x-forwarded-host'],
-      'User-Agent': req.headers['user-agent'],
-      Referer: req.headers['referer'],
-    }
-  }
-  async getTokenWithRefresh(cookies, req, headers) {
-    const su = req?.session?.passport?.user || {}
-    const now = Date.now()
-    // 判断token的标识和cookie中的标识是否一致
-    if (su.token?.bjx_token_flag !== cookies['idsrv.session']) {
-      su.token = undefined
-      su.info = undefined
-      debugLogger('令牌标识和cookie内的不一致')
-    }
-    // 检查passport中的令牌 是否需要刷新
-    if (su.token && su.token.expires_at * 1000 > now) {
-      throw new Error('__goto_next__')
-    }
-    // 假如存在token 还到这一步 说明是刷新token
-    const isRefresh = !!su.token
-    if (isRefresh) {
-      debugLogger('刷新令牌')
-    }
-    // 获取新token
-    const newToken = await getToken(cookies, isRefresh, {
-      ctx: req.ctx,
-      headers,
-    })
-    debugLogger('获取“新”令牌', cookies, isRefresh, newToken || '无')
-    return newToken
-  }
-  async getUserInfoWithRefresh(token, req, headers) {
-    const su = req?.session?.passport?.user || {}
-    const now = Date.now()
-    // 检查passport中的用户信息 是否需要刷新
-    if (su.info && su.info.__expires_at__ > now) {
-      throw new Error('__goto_next__')
-    }
-    // 获取新用户信息
-    const newUserInfo = await getUserInfo(token, this.userInfoType, {
-      ctx: req.ctx,
-      headers,
-    })
-    // 设置用户信息的过期时间 这里用毫秒
-    if (newUserInfo) {
-      newUserInfo.__expires_at__ = now + this.userInfoDuration
-    }
-    debugLogger('获取“新”用户信息', token, newUserInfo || '无')
-    return newUserInfo
-  }
-}
-// Koa中间件
-function createBjxAuthMiddleware(passport) {
-  return async (ctx, next) => {
-    // 缓存app对象 方便打印日志
-    if (!getConfig('app')) {
-      setConfig('app', ctx.app)
-    }
-    // 等待每次鉴权结果
-    await new Promise((resolve) => {
-      passport.authenticate('bjx', (err, user, info, status) => {
-        if (err) {
-          // this.error()进到这里
-          errorLogger(err)
-          ctx.logout()
-        } else if (user) {
-          // this.success()进到这里
-          ctx.login(user)
-        } else {
-          // this.fail()进到这里
-          ctx.logout()
-        }
-        resolve()
-      })(ctx, () => {
-        // this.pass()进到这里
-        resolve()
-      })
-    })
-    await next()
-  }
-}
-module.exports = {
-  BjxStrategy,
-  createBjxAuthMiddleware,
-}