1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
const simpleOauthModule = require('simple-oauth2');
const randomstring = require('randomstring');
const Secrets = require('./lib/secrets');
const secrets = new Secrets({
GIT_HOSTNAME: 'https://github.com',
OAUTH_TOKEN_PATH: '/login/oauth/access_token',
OAUTH_AUTHORIZE_PATH: '/login/oauth/authorize',
OAUTH_CLIENT_ID: 'foo',
OAUTH_CLIENT_SECRET: 'bar',
REDIRECT_URL: 'http://localhost:3000/oauth/callback',
OAUTH_SCOPES: 'repo,user',
});
function getScript(mess, content) {
return `<html><body><script>
(function() {
function receiveMessage(e) {
console.log("receiveMessage %o", e)
window.opener.postMessage(
'authorization:github:${mess}:${JSON.stringify(content)}',
e.origin
)
window.removeEventListener("message",receiveMessage,false);
}
window.addEventListener("message", receiveMessage, false)
console.log("Sending message: %o", "github")
window.opener.postMessage("authorizing:github", "*")
})()
</script></body></html>`;
}
module.exports.auth = (e, ctx, cb) => secrets.init()
.then(() => {
const oauth2 = simpleOauthModule.create({
client: {
id: secrets.OAUTH_CLIENT_ID,
secret: secrets.OAUTH_CLIENT_SECRET,
},
auth: {
tokenHost: secrets.GIT_HOSTNAME,
tokenPath: secrets.OAUTH_TOKEN_PATH,
authorizePath: secrets.OAUTH_AUTHORIZE_PATH,
},
});
// Authorization uri definition
const authorizationUri = oauth2.authorizationCode.authorizeURL({
redirect_uri: secrets.REDIRECT_URL,
scope: secrets.OAUTH_SCOPES,
state: randomstring.generate(32),
});
cb(null, {
statusCode: 302,
headers: {
Location: authorizationUri,
},
});
});
module.exports.callback = (e, ctx, cb) => {
let oauth2;
secrets.init()
.then(() => {
oauth2 = simpleOauthModule.create({
client: {
id: secrets.OAUTH_CLIENT_ID,
secret: secrets.OAUTH_CLIENT_SECRET,
},
auth: {
tokenHost: secrets.GIT_HOSTNAME,
tokenPath: secrets.OAUTH_TOKEN_PATH,
authorizePath: secrets.OAUTH_AUTHORIZE_PATH,
},
});
const options = {
code: e.queryStringParameters.code,
};
return oauth2.authorizationCode.getToken(options);
})
.then((result) => {
const token = oauth2.accessToken.create(result);
cb(
null,
{
statusCode: 200,
headers: {
'Content-Type': 'text/html',
},
body: getScript('success', {
token: token.token.access_token,
provider: 'github',
}),
},
);
})
.catch((err) => {
cb(null, {
statusCode: 200,
headers: {
'Content-Type': 'text/html',
},
body: getScript('error', err),
});
});
};
module.exports.success = (e, ctx, cb) => cb(
null,
{
statusCode: 204,
body: '',
},
);
module.exports.default = (e, ctx, cb) => {
cb(null, {
statusCode: 302,
headers: {
Location: '/auth',
},
});
};
|