From e307e4fce39853d445d086f92b8c556c363ee15d Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Fri, 24 Apr 2020 11:33:01 +0200 Subject: Add ability for auth plugins to hook tokens validity --- shared/extra-utils/users/login.ts | 19 +++++++++++++++++++ shared/models/activitypub/context.ts | 1 + shared/models/plugins/register-server-auth.model.ts | 8 +++++++- shared/models/server/job.model.ts | 2 +- 4 files changed, 28 insertions(+), 2 deletions(-) create mode 100644 shared/models/activitypub/context.ts (limited to 'shared') diff --git a/shared/extra-utils/users/login.ts b/shared/extra-utils/users/login.ts index 2d68337a6..b12b51b8c 100644 --- a/shared/extra-utils/users/login.ts +++ b/shared/extra-utils/users/login.ts @@ -43,6 +43,24 @@ async function serverLogin (server: Server) { return res.body.access_token as string } +function refreshToken (server: ServerInfo, refreshToken: string, expectedStatus = 200) { + const path = '/api/v1/users/token' + + const body = { + client_id: server.client.id, + client_secret: server.client.secret, + refresh_token: refreshToken, + response_type: 'code', + grant_type: 'refresh_token' + } + + return request(server.url) + .post(path) + .type('form') + .send(body) + .expect(expectedStatus) +} + async function userLogin (server: Server, user: User, expectedStatus = 200) { const res = await login(server.url, server.client, user, expectedStatus) @@ -83,6 +101,7 @@ export { login, logout, serverLogin, + refreshToken, userLogin, getAccessToken, setAccessTokensToServers, diff --git a/shared/models/activitypub/context.ts b/shared/models/activitypub/context.ts new file mode 100644 index 000000000..bd795a2fd --- /dev/null +++ b/shared/models/activitypub/context.ts @@ -0,0 +1 @@ +export type ContextType = 'All' | 'View' | 'Announce' | 'CacheFile' diff --git a/shared/models/plugins/register-server-auth.model.ts b/shared/models/plugins/register-server-auth.model.ts index dc46dcbc8..403a49994 100644 --- a/shared/models/plugins/register-server-auth.model.ts +++ b/shared/models/plugins/register-server-auth.model.ts @@ -1,4 +1,5 @@ import { UserRole } from '@shared/models' +import { MOAuthToken } from '@server/typings/models' export type RegisterServerAuthOptions = RegisterServerAuthPassOptions | RegisterServerAuthExternalOptions @@ -6,11 +7,16 @@ export interface RegisterServerAuthPassOptions { // Authentication name (a plugin can register multiple auth strategies) authName: string - onLogout?: Function + // Called by PeerTube when a user from your plugin logged out + onLogout?(): void // Weight of this authentication so PeerTube tries the auth methods in DESC weight order getWeight(): number + // Your plugin can hook PeerTube access/refresh token validity + // So you can control for your plugin the user session lifetime + hookTokenValidity?(options: { token: MOAuthToken, type: 'access' | 'refresh' }): Promise<{ valid: boolean }> + // Used by PeerTube to login a user // Returns null if the login failed, or { username, email } on success login(body: { diff --git a/shared/models/server/job.model.ts b/shared/models/server/job.model.ts index 694361276..57d61c480 100644 --- a/shared/models/server/job.model.ts +++ b/shared/models/server/job.model.ts @@ -1,6 +1,6 @@ -import { ContextType } from '@server/helpers/activitypub' import { SendEmailOptions } from './emailer.model' import { VideoResolution } from '@shared/models' +import { ContextType } from '../activitypub/context' export type JobState = 'active' | 'completed' | 'failed' | 'waiting' | 'delayed' -- cgit v1.2.3