strapi/packages/plugins/users-permissions/server/services/providers.js

'use strict';

/**
 * Module dependencies.
 */

// Public node modules.
const _ = require('lodash');
const urlJoin = require('url-join');

const { getAbsoluteServerUrl } = require('@strapi/utils');

module.exports = ({ strapi }) => {
  // lazy load heavy dependencies
  const providerRequest = require('./providers-list');

  /**
   * Helper to get profiles
   *
   * @param {String}   provider
   * @param {Function} callback
   */

  const getProfile = async (provider, query, callback) => {
    const access_token = query.access_token || query.code || query.oauth_token;

    const providers = await strapi
      .store({ type: 'plugin', name: 'users-permissions', key: 'grant' })
      .get();

    await providerRequest({ provider, query, callback, access_token, providers });
  };

  /**
   * Connect thanks to a third-party provider.
   *
   *
   * @param {String}    provider
   * @param {String}    access_token
   *
   * @return  {*}
   */

  const connect = (provider, query) => {
    const access_token = query.access_token || query.code || query.oauth_token;

    return new Promise((resolve, reject) => {
      if (!access_token) {
        return reject([null, { message: 'No access_token.' }]);
      }

      // Get the profile.
      getProfile(provider, query, async (err, profile) => {
        if (err) {
          return reject([null, err]);
        }

        const email = _.toLower(profile.email);

        // We need at least the mail.
        if (!email) {
          return reject([null, { message: 'Email was not available.' }]);
        }

        try {
          const users = await strapi.query('plugin::users-permissions.user').findMany({
            where: { email },
          });

          const advanced = await strapi
            .store({ type: 'plugin', name: 'users-permissions', key: 'advanced' })
            .get();

          const user = _.find(users, { provider });

          if (_.isEmpty(user) && !advanced.allow_register) {
            return resolve([
              null,
              [{ messages: [{ id: 'Auth.advanced.allow_register' }] }],
              'Register action is actually not available.',
            ]);
          }

          if (!_.isEmpty(user)) {
            return resolve([user, null]);
          }

          if (
            !_.isEmpty(_.find(users, user => user.provider !== provider)) &&
            advanced.unique_email
          ) {
            return resolve([
              null,
              [{ messages: [{ id: 'Auth.form.error.email.taken' }] }],
              'Email is already taken.',
            ]);
          }

          // Retrieve default role.
          const defaultRole = await strapi
            .query('plugin::users-permissions.role')
            .findOne({ where: { type: advanced.default_role } });

          // Create the new user.
          const params = {
            ...profile,
            email, // overwrite with lowercased email
            provider,
            role: defaultRole.id,
            confirmed: true,
          };

          const createdUser = await strapi
            .query('plugin::users-permissions.user')
            .create({ data: params });

          return resolve([createdUser, null]);
        } catch (err) {
          reject([null, err]);
        }
      });
    });
  };

  const buildRedirectUri = (provider = '') => {
    const apiPrefix = strapi.config.get('api.rest.prefix');
    return urlJoin(getAbsoluteServerUrl(strapi.config), apiPrefix, 'connect', provider, 'callback');
  };

  return {
    connect,
    buildRedirectUri,
  };
};
Add provider connection 2018-01-12 15:20:13 +01:00			`'use strict';`

			`/**`
			`* Module dependencies.`
			`*/`

			`// Public node modules.`
			`const _ = require('lodash');`
Fix url join 2021-11-29 10:41:26 +01:00			`const urlJoin = require('url-join');`
Add provider connection 2018-01-12 15:20:13 +01:00
Rename import & requires, fix tests 2021-04-29 13:51:12 +02:00			`const { getAbsoluteServerUrl } = require('@strapi/utils');`
Add provider connection 2018-01-12 15:20:13 +01:00
fixes 2021-08-20 15:23:02 +02:00			`module.exports = ({ strapi }) => {`
Add some lazy loading 2021-09-03 11:11:37 +02:00			`// lazy load heavy dependencies`
Split providers and grant config to a new files Signed-off-by: Abdón Rodríguez Davila <a@abdonrd.com> 2022-01-13 16:17:04 +01:00			`const providerRequest = require('./providers-list');`
Add some lazy loading 2021-09-03 11:11:37 +02:00
fixes 2021-08-20 15:23:02 +02:00			`/**`
			`* Helper to get profiles`
			`*`
			`* @param {String} provider`
			`* @param {Function} callback`
			`*/`

			`const getProfile = async (provider, query, callback) => {`
			`const access_token = query.access_token \|\| query.code \|\| query.oauth_token;`

remove defaults key from stored grant config 2021-11-29 16:05:45 +01:00			`const providers = await strapi`
Init migration v4 - Hooks registry - D&P CT migrations - i18N CT migrations - Umzug with js / sql migrations - Eslint updates 2021-09-13 12:03:12 +02:00			`.store({ type: 'plugin', name: 'users-permissions', key: 'grant' })`
fixes 2021-08-20 15:23:02 +02:00			`.get();`

Split providers and grant config to a new files Signed-off-by: Abdón Rodríguez Davila <a@abdonrd.com> 2022-01-13 16:17:04 +01:00			`await providerRequest({ provider, query, callback, access_token, providers });`
fixes 2021-08-20 15:23:02 +02:00			`};`

			`/**`
			`* Connect thanks to a third-party provider.`
			`*`
			`*`
			`* @param {String} provider`
			`* @param {String} access_token`
			`*`
			`* @return {*}`
			`*/`

			`const connect = (provider, query) => {`
			`const access_token = query.access_token \|\| query.code \|\| query.oauth_token;`

			`return new Promise((resolve, reject) => {`
			`if (!access_token) {`
			`return reject([null, { message: 'No access_token.' }]);`
			`}`

			`// Get the profile.`
			`getProfile(provider, query, async (err, profile) => {`
			`if (err) {`
			`return reject([null, err]);`
			`}`

store emails in lowercase + add /api as prefix 2021-09-29 12:04:42 +02:00			`const email = _.toLower(profile.email);`

fixes 2021-08-20 15:23:02 +02:00			`// We need at least the mail.`
store emails in lowercase + add /api as prefix 2021-09-29 12:04:42 +02:00			`if (!email) {`
fixes 2021-08-20 15:23:02 +02:00			`return reject([null, { message: 'Email was not available.' }]);`
			`}`

			`try {`
			`const users = await strapi.query('plugin::users-permissions.user').findMany({`
store emails in lowercase + add /api as prefix 2021-09-29 12:04:42 +02:00			`where: { email },`
fixes 2021-08-20 15:23:02 +02:00			`});`

			`const advanced = await strapi`
Init migration v4 - Hooks registry - D&P CT migrations - i18N CT migrations - Umzug with js / sql migrations - Eslint updates 2021-09-13 12:03:12 +02:00			`.store({ type: 'plugin', name: 'users-permissions', key: 'advanced' })`
fixes 2021-08-20 15:23:02 +02:00			`.get();`

			`const user = _.find(users, { provider });`

			`if (_.isEmpty(user) && !advanced.allow_register) {`
			`return resolve([`
			`null,`
			`[{ messages: [{ id: 'Auth.advanced.allow_register' }] }],`
			`'Register action is actually not available.',`
			`]);`
			`}`
Update the provider loggin doc + display absolute redirect uri in front Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-07-22 15:30:17 +02:00
fixes 2021-08-20 15:23:02 +02:00			`if (!_.isEmpty(user)) {`
			`return resolve([user, null]);`
			`}`

			`if (`
remove defaults key from stored grant config 2021-11-29 16:05:45 +01:00			`!_.isEmpty(_.find(users, user => user.provider !== provider)) &&`
fixes 2021-08-20 15:23:02 +02:00			`advanced.unique_email`
			`) {`
			`return resolve([`
			`null,`
			`[{ messages: [{ id: 'Auth.form.error.email.taken' }] }],`
			`'Email is already taken.',`
			`]);`
			`}`

			`// Retrieve default role.`
			`const defaultRole = await strapi`
			`.query('plugin::users-permissions.role')`
			`.findOne({ where: { type: advanced.default_role } });`

			`// Create the new user.`
store emails in lowercase + add /api as prefix 2021-09-29 12:04:42 +02:00			`const params = {`
			`...profile,`
			`email, // overwrite with lowercased email`
Init migration v4 - Hooks registry - D&P CT migrations - i18N CT migrations - Umzug with js / sql migrations - Eslint updates 2021-09-13 12:03:12 +02:00			`provider,`
fixes 2021-08-20 15:23:02 +02:00			`role: defaultRole.id,`
			`confirmed: true,`
store emails in lowercase + add /api as prefix 2021-09-29 12:04:42 +02:00			`};`
fixes 2021-08-20 15:23:02 +02:00
			`const createdUser = await strapi`
			`.query('plugin::users-permissions.user')`
			`.create({ data: params });`
Update the provider loggin doc + display absolute redirect uri in front Signed-off-by: Pierre Noël <petersg83@gmail.com> 2020-07-22 15:30:17 +02:00
fixes 2021-08-20 15:23:02 +02:00			`return resolve([createdUser, null]);`
			`} catch (err) {`
			`reject([null, err]);`
			`}`
			`});`
			`});`
			`};`

Move u&p providers urls 2021-10-26 16:51:29 +02:00			`const buildRedirectUri = (provider = '') => {`
			`const apiPrefix = strapi.config.get('api.rest.prefix');`
Fix url join 2021-11-29 10:41:26 +01:00			`return urlJoin(getAbsoluteServerUrl(strapi.config), apiPrefix, 'connect', provider, 'callback');`
Move u&p providers urls 2021-10-26 16:51:29 +02:00			`};`
fixes 2021-08-20 15:23:02 +02:00
			`return {`
			`connect,`
			`buildRedirectUri,`
			`};`
			`};`