diff options
author | Chocobozzz <me@florianbigard.com> | 2020-04-24 11:33:01 +0200 |
---|---|---|
committer | Chocobozzz <chocobozzz@cpy.re> | 2020-05-04 16:21:39 +0200 |
commit | e307e4fce39853d445d086f92b8c556c363ee15d (patch) | |
tree | 0f3faaf3c73222db0fb55b72260c787aeeeb05eb /server/lib/plugins | |
parent | e1c5503114deef954731904695cd40dccfcef555 (diff) | |
download | PeerTube-e307e4fce39853d445d086f92b8c556c363ee15d.tar.gz PeerTube-e307e4fce39853d445d086f92b8c556c363ee15d.tar.zst PeerTube-e307e4fce39853d445d086f92b8c556c363ee15d.zip |
Add ability for auth plugins to hook tokens validity
Diffstat (limited to 'server/lib/plugins')
-rw-r--r-- | server/lib/plugins/plugin-manager.ts | 39 |
1 files changed, 34 insertions, 5 deletions
diff --git a/server/lib/plugins/plugin-manager.ts b/server/lib/plugins/plugin-manager.ts index 9d646b689..c64ca60aa 100644 --- a/server/lib/plugins/plugin-manager.ts +++ b/server/lib/plugins/plugin-manager.ts | |||
@@ -21,6 +21,7 @@ import { ClientHtml } from '../client-html' | |||
21 | import { PluginTranslation } from '../../../shared/models/plugins/plugin-translation.model' | 21 | import { PluginTranslation } from '../../../shared/models/plugins/plugin-translation.model' |
22 | import { RegisterHelpersStore } from './register-helpers-store' | 22 | import { RegisterHelpersStore } from './register-helpers-store' |
23 | import { RegisterServerHookOptions } from '@shared/models/plugins/register-server-hook.model' | 23 | import { RegisterServerHookOptions } from '@shared/models/plugins/register-server-hook.model' |
24 | import { MOAuthTokenUser } from '@server/typings/models' | ||
24 | 25 | ||
25 | export interface RegisteredPlugin { | 26 | export interface RegisteredPlugin { |
26 | npmName: string | 27 | npmName: string |
@@ -133,13 +134,11 @@ export class PluginManager implements ServerHook { | |||
133 | } | 134 | } |
134 | 135 | ||
135 | onLogout (npmName: string, authName: string) { | 136 | onLogout (npmName: string, authName: string) { |
136 | const plugin = this.getRegisteredPluginOrTheme(npmName) | 137 | const auth = this.getAuth(npmName, authName) |
137 | if (!plugin || plugin.type !== PluginType.PLUGIN) return | ||
138 | 138 | ||
139 | const auth = plugin.registerHelpersStore.getIdAndPassAuths() | 139 | if (auth?.onLogout) { |
140 | .find(a => a.authName === authName) | 140 | logger.info('Running onLogout function from auth %s of plugin %s', authName, npmName) |
141 | 141 | ||
142 | if (auth.onLogout) { | ||
143 | try { | 142 | try { |
144 | auth.onLogout() | 143 | auth.onLogout() |
145 | } catch (err) { | 144 | } catch (err) { |
@@ -148,6 +147,28 @@ export class PluginManager implements ServerHook { | |||
148 | } | 147 | } |
149 | } | 148 | } |
150 | 149 | ||
150 | async isTokenValid (token: MOAuthTokenUser, type: 'access' | 'refresh') { | ||
151 | const auth = this.getAuth(token.User.pluginAuth, token.authName) | ||
152 | if (!auth) return true | ||
153 | |||
154 | if (auth.hookTokenValidity) { | ||
155 | try { | ||
156 | const { valid } = await auth.hookTokenValidity({ token, type }) | ||
157 | |||
158 | if (valid === false) { | ||
159 | logger.info('Rejecting %s token validity from auth %s of plugin %s', type, token.authName, token.User.pluginAuth) | ||
160 | } | ||
161 | |||
162 | return valid | ||
163 | } catch (err) { | ||
164 | logger.warn('Cannot run check token validity from auth %s of plugin %s.', token.authName, token.User.pluginAuth, { err }) | ||
165 | return true | ||
166 | } | ||
167 | } | ||
168 | |||
169 | return true | ||
170 | } | ||
171 | |||
151 | // ###################### Hooks ###################### | 172 | // ###################### Hooks ###################### |
152 | 173 | ||
153 | async runHook<T> (hookName: ServerHookName, result?: T, params?: any): Promise<T> { | 174 | async runHook<T> (hookName: ServerHookName, result?: T, params?: any): Promise<T> { |
@@ -453,6 +474,14 @@ export class PluginManager implements ServerHook { | |||
453 | return join(CONFIG.STORAGE.PLUGINS_DIR, 'node_modules', npmName) | 474 | return join(CONFIG.STORAGE.PLUGINS_DIR, 'node_modules', npmName) |
454 | } | 475 | } |
455 | 476 | ||
477 | private getAuth (npmName: string, authName: string) { | ||
478 | const plugin = this.getRegisteredPluginOrTheme(npmName) | ||
479 | if (!plugin || plugin.type !== PluginType.PLUGIN) return null | ||
480 | |||
481 | return plugin.registerHelpersStore.getIdAndPassAuths() | ||
482 | .find(a => a.authName === authName) | ||
483 | } | ||
484 | |||
456 | // ###################### Private getters ###################### | 485 | // ###################### Private getters ###################### |
457 | 486 | ||
458 | private getRegisteredPluginsOrThemes (type: PluginType) { | 487 | private getRegisteredPluginsOrThemes (type: PluginType) { |