aboutsummaryrefslogblamecommitdiffhomepage
path: root/auth.js
blob: c29823fa4b2377cc5adf1347d6a7b8a333aff8f2 (plain) (tree) 
80b6050






























































































































1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126






























































































































                                                                    
const simpleOauthModule = require('simple-oauth2');
const randomstring = require('randomstring');
const Secrets = require('./lib/secrets');

const secrets = new Secrets({
  GIT_HOSTNAME: 'https://github.com',
  OAUTH_TOKEN_PATH: '/login/oauth/access_token',
  OAUTH_AUTHORIZE_PATH: '/login/oauth/authorize',
  OAUTH_CLIENT_ID: 'foo',
  OAUTH_CLIENT_SECRET: 'bar',
  REDIRECT_URL: 'https://www.control-alt-del.org/oauth/callback',
  OAUTH_SCOPES: 'repo,user',
});


function getScript(mess, content) {
  return `<html><body><script>
  (function() {
    function receiveMessage(e) {
      console.log("receiveMessage %o", e)
      window.opener.postMessage(
        'authorization:github:${mess}:${JSON.stringify(content)}',
        e.origin
      )
      window.removeEventListener("message",receiveMessage,false);
    }
    window.addEventListener("message", receiveMessage, false)
    console.log("Sending message: %o", "github")
    window.opener.postMessage("authorizing:github", "*")
    })()
  </script></body></html>`;
}

module.exports.auth = (e, ctx, cb) => secrets.init()
  .then(() => {
    const oauth2 = simpleOauthModule.create({
      client: {
        id: secrets.OAUTH_CLIENT_ID,
        secret: secrets.OAUTH_CLIENT_SECRET,
      },
      auth: {
        tokenHost: secrets.GIT_HOSTNAME,
        tokenPath: secrets.OAUTH_TOKEN_PATH,
        authorizePath: secrets.OAUTH_AUTHORIZE_PATH,
      },
    });

    // Authorization uri definition
    const authorizationUri = oauth2.authorizationCode.authorizeURL({
      redirect_uri: secrets.REDIRECT_URL,
      scope: secrets.OAUTH_SCOPES,
      state: randomstring.generate(32),
    });

    cb(null, {
      statusCode: 302,
      headers: {
        Location: authorizationUri,
      },
    });
  });

module.exports.callback = (e, ctx, cb) => {
  let oauth2;
  secrets.init()
    .then(() => {
      oauth2 = simpleOauthModule.create({
        client: {
          id: secrets.OAUTH_CLIENT_ID,
          secret: secrets.OAUTH_CLIENT_SECRET,
        },
        auth: {
          tokenHost: secrets.GIT_HOSTNAME,
          tokenPath: secrets.OAUTH_TOKEN_PATH,
          authorizePath: secrets.OAUTH_AUTHORIZE_PATH,
        },
      });

      const options = {
        code: e.queryStringParameters.code,
      };
      return oauth2.authorizationCode.getToken(options);
    })
    .then((result) => {
      const token = oauth2.accessToken.create(result);
      cb(
        null,
        {
          statusCode: 200,
          headers: {
            'Content-Type': 'text/html',
          },
          body: getScript('success', {
            token: token.token.access_token,
            provider: 'github',
          }),
        },
      );
    })
    .catch((err) => {
      cb(null, {
        statusCode: 200,
        headers: {
          'Content-Type': 'text/html',
        },
        body: getScript('error', err),
      });
    });
};

module.exports.success = (e, ctx, cb) => cb(
  null,
  {
    statusCode: 204,
    body: '',
  },
);

module.exports.default = (e, ctx, cb) => {
  cb(null, {
    statusCode: 302,
    headers: {
      Location: '/auth',
    },
  });
};
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-21 15:37:29 +0000