yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-08-27 18:25:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #12635 from kwang1198/feat/purest@4

Browse Source 
Upgrade purest to 4.x
This commit is contained in:
Alexandre BODIN 2022-04-06 17:35:49 +02:00 committed by GitHub
commit 0e7f5c2b65
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 282 additions and 479 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
packages/plugins/users-permissions/package.json
View File

@ -27,7 +27,6 @@
"test:front:watch:ce": "cross-env IS_EE=false jest --config ./jest.config.front.js --watchAll"
},
"dependencies": {
"@purest/providers": "^1.0.2",
"@strapi/helper-plugin": "4.1.7",
"@strapi/utils": "4.1.7",
"bcryptjs": "2.4.3",
@ -35,7 +34,7 @@
"jsonwebtoken": "^8.1.0",
"koa2-ratelimit": "^0.9.0",
"lodash": "4.17.21",
"purest": "3.1.0",
"purest": "4.0.2",
"react": "^17.0.2",
"react-dom": "^17.0.2",
"react-intl": "5.20.2",

17
packages/plugins/users-permissions/server/controllers/auth.js
View File

@ -34,7 +34,7 @@ module.exports = {
const provider = ctx.params.provider || 'local';
const params = ctx.request.body;
const store = await strapi.store({ type: 'plugin', name: 'users-permissions' });
const store = strapi.store({ type: 'plugin', name: 'users-permissions' });
if (provider === 'local') {
if (!_.get(await store.get({ key: 'grant' }), 'email.enabled')) {
@ -101,22 +101,15 @@ module.exports = {
}
// Connect the user with the third-party provider.
let user;
let error;
try {
[user, error] = await getService('providers').connect(provider, ctx.query);
} catch ([user, error]) {
throw new ApplicationError(error.message);
}
if (!user) {
throw new ApplicationError(error.message);
}
const user = await getService('providers').connect(provider, ctx.query);
ctx.send({
jwt: getService('jwt').issue({ id: user.id }),
user: await sanitizeUser(user, ctx),
});
} catch (error) {
throw new ApplicationError(error.message);
}
}
},

408
packages/plugins/users-permissions/server/services/providers-list.js
View File

@ -1,112 +1,69 @@
'use strict';
const _ = require('lodash');
const jwt = require('jsonwebtoken');
const request = require('request');
// Purest strategies.
const purest = require('purest')({ request });
const purestConfig = require('@purest/providers');
const purest = require('purest');
module.exports = async ({ provider, access_token, callback, query, providers }) => {
module.exports = async ({ provider, access_token, query, providers }) => {
switch (provider) {
case 'discord': {
const discord = purest({
provider: 'discord',
config: {
discord: {
'https://discordapp.com/api/': {
__domain: {
auth: {
auth: { bearer: '[0]' },
},
},
'{endpoint}': {
__path: {
alias: '__default',
},
},
},
},
},
});
discord
.query()
const discord = purest({ provider: 'discord' });
return discord
.get('users/@me')
.auth(access_token)
.request((err, res, body) => {
if (err) {
callback(err);
} else {
.request()
.then(({ body }) => {
// Combine username and discriminator because discord username is not unique
var username = `${body.username}#${body.discriminator}`;
callback(null, {
return {
username,
email: body.email,
};
});
}
});
break;
}
case 'cognito': {
// get the id_token
const idToken = query.id_token;
// decode the jwt token
const tokenPayload = jwt.decode(idToken);
if (!tokenPayload) {
callback(new Error('unable to decode jwt token'));
throw new Error('unable to decode jwt token');
} else {
callback(null, {
return {
username: tokenPayload['cognito:username'],
email: tokenPayload.email,
});
};
}
break;
}
case 'facebook': {
const facebook = purest({
provider: 'facebook',
config: purestConfig,
});
const facebook = purest({ provider: 'facebook' });
facebook
.query()
.get('me?fields=name,email')
return facebook
.get('me')
.auth(access_token)
.request((err, res, body) => {
if (err) {
callback(err);
} else {
callback(null, {
.qs({ fields: 'name,email' })
.request()
.then(({ body }) => ({
username: body.name,
email: body.email,
});
}
});
break;
}));
}
case 'google': {
const google = purest({ provider: 'google', config: purestConfig });
const google = purest({ provider: 'google' });
google
return google
.query('oauth')
.get('tokeninfo')
.qs({ access_token })
.request((err, res, body) => {
if (err) {
callback(err);
} else {
callback(null, {
.request()
.then(({ body }) => ({
username: body.email.split('@')[0],
email: body.email,
});
}
});
break;
}));
}
case 'github': {
const github = purest({
provider: 'github',
config: purestConfig,
defaults: {
headers: {
'user-agent': 'strapi',
@ -114,338 +71,188 @@ module.exports = async ({ provider, access_token, callback, query, providers })
},
});
github
.query()
return github
.get('user')
.auth(access_token)
.request((err, res, userbody) => {
if (err) {
return callback(err);
}
.request()
.then(({ body: userbody }) => {
// This is the public email on the github profile
if (userbody.email) {
return callback(null, {
return {
username: userbody.login,
email: userbody.email,
});
};
}
// Get the email with Github's user/emails API
github
.query()
return github
.get('user/emails')
.auth(access_token)
.request((err, res, emailsbody) => {
if (err) {
return callback(err);
}
return callback(null, {
.request()
.then(({ body: emailsbody }) => {
return {
username: userbody.login,
email: Array.isArray(emailsbody)
? emailsbody.find(email => email.primary === true).email
: null,
};
});
});
});
break;
}
case 'microsoft': {
const microsoft = purest({
provider: 'microsoft',
config: purestConfig,
});
const microsoft = purest({ provider: 'microsoft' });
microsoft
.query()
return microsoft
.get('me')
.auth(access_token)
.request((err, res, body) => {
if (err) {
callback(err);
} else {
callback(null, {
.request()
.then(({ body }) => ({
username: body.userPrincipalName,
email: body.userPrincipalName,
});
}
});
break;
}));
}
case 'twitter': {
const twitter = purest({
provider: 'twitter',
config: purestConfig,
key: providers.twitter.key,
secret: providers.twitter.secret,
});
twitter
.query()
return twitter
.get('account/verify_credentials')
.auth(access_token, query.access_secret)
.qs({ screen_name: query['raw[screen_name]'], include_email: 'true' })
.request((err, res, body) => {
if (err) {
callback(err);
} else {
callback(null, {
.request()
.then(({ body }) => ({
username: body.screen_name,
email: body.email,
});
}
});
break;
}));
}
case 'instagram': {
const instagram = purest({
provider: 'instagram',
key: providers.instagram.key,
secret: providers.instagram.secret,
config: purestConfig,
});
const instagram = purest({ provider: 'instagram' });
instagram
.query()
return instagram
.get('me')
.qs({ access_token, fields: 'id,username' })
.request((err, res, body) => {
if (err) {
callback(err);
} else {
callback(null, {
.auth(access_token)
.qs({ fields: 'id,username' })
.request()
.then(({ body }) => ({
username: body.username,
email: `${body.username}@strapi.io`, // dummy email as Instagram does not provide user email
});
}
});
break;
}));
}
case 'vk': {
const vk = purest({
provider: 'vk',
config: purestConfig,
});
const vk = purest({ provider: 'vk' });
vk.query()
return vk
.get('users.get')
.qs({ access_token, id: query.raw.user_id, v: '5.122' })
.request((err, res, body) => {
if (err) {
callback(err);
} else {
callback(null, {
.auth(access_token)
.qs({ id: query.raw.user_id, v: '5.122' })
.request()
.then(({ body }) => ({
username: `${body.response[0].last_name} ${body.response[0].first_name}`,
email: query.raw.email,
});
}
});
break;
}));
}
case 'twitch': {
const twitch = purest({
provider: 'twitch',
config: {
twitch: {
'https://api.twitch.tv': {
__domain: {
auth: {
default: {
origin: 'https://api.twitch.tv',
path: 'helix/{path}',
headers: {
Authorization: 'Bearer [0]',
'Client-ID': '[1]',
},
},
},
'helix/{endpoint}': {
__path: {
alias: '__default',
},
},
'oauth2/{endpoint}': {
__path: {
alias: 'oauth',
},
Authorization: 'Bearer {auth}',
'Client-Id': '{auth}',
},
},
},
},
});
twitch
return twitch
.get('users')
.auth(access_token, providers.twitch.key)
.request((err, res, body) => {
if (err) {
callback(err);
} else {
callback(null, {
.request()
.then(({ body }) => ({
username: body.data[0].login,
email: body.data[0].email,
});
}
});
break;
}));
}
case 'linkedin': {
const linkedIn = purest({
provider: 'linkedin',
config: {
linkedin: {
'https://api.linkedin.com': {
__domain: {
auth: [{ auth: { bearer: '[0]' } }],
},
'[version]/{endpoint}': {
__path: {
alias: '__default',
version: 'v2',
},
},
},
},
},
});
try {
const getDetailsRequest = () => {
return new Promise((resolve, reject) => {
linkedIn
.query()
const linkedIn = purest({ provider: 'linkedin' });
const {
body: { localizedFirstName },
} = await linkedIn
.get('me')
.auth(access_token)
.request((err, res, body) => {
if (err) {
return reject(err);
}
resolve(body);
});
});
};
const getEmailRequest = () => {
return new Promise((resolve, reject) => {
linkedIn
.query()
.request();
const {
body: { elements },
} = await linkedIn
.get('emailAddress?q=members&projection=(elements*(handle~))')
.auth(access_token)
.request((err, res, body) => {
if (err) {
return reject(err);
}
resolve(body);
});
});
};
.request();
const { localizedFirstName } = await getDetailsRequest();
const { elements } = await getEmailRequest();
const email = elements[0]['handle~'];
callback(null, {
return {
username: localizedFirstName,
email: email.emailAddress,
});
} catch (err) {
callback(err);
}
break;
};
}
case 'reddit': {
const reddit = purest({
provider: 'reddit',
config: purestConfig,
defaults: {
config: {
reddit: {
default: {
origin: 'https://oauth.reddit.com',
path: 'api/{version}/{path}',
version: 'v1',
headers: {
Authorization: 'Bearer {auth}',
'user-agent': 'strapi',
},
},
},
},
});
reddit
.query('auth')
return reddit
.get('me')
.auth(access_token)
.request((err, res, body) => {
if (err) {
callback(err);
} else {
callback(null, {
.request()
.then(({ body }) => ({
username: body.name,
email: `${body.name}@strapi.io`, // dummy email as Reddit does not provide user email
});
}
});
break;
}));
}
case 'auth0': {
const purestAuth0Conf = {};
purestAuth0Conf[`https://${providers.auth0.subdomain}.auth0.com`] = {
__domain: {
auth: {
auth: { bearer: '[0]' },
},
},
'{endpoint}': {
__path: {
alias: '__default',
},
},
};
const auth0 = purest({
provider: 'auth0',
config: {
auth0: purestAuth0Conf,
},
});
const auth0 = purest({ provider: 'auth0' });
auth0
return auth0
.get('userinfo')
.subdomain(providers.auth0.subdomain)
.auth(access_token)
.request((err, res, body) => {
if (err) {
callback(err);
} else {
const username =
body.username || body.nickname || body.name || body.email.split('@')[0];
.request()
.then(({ body }) => {
const username = body.username || body.nickname || body.name || body.email.split('@')[0];
const email = body.email || `${username.replace(/\s+/g, '.')}@strapi.io`;
callback(null, {
return {
username,
email,
};
});
}
});
break;
}
case 'cas': {
const provider_url = 'https://' + _.get(providers.cas, 'subdomain');
const cas = purest({
provider: 'cas',
config: {
cas: {
[provider_url]: {
__domain: {
auth: {
auth: { bearer: '[0]' },
},
},
'{endpoint}': {
__path: {
alias: '__default',
},
},
},
},
},
});
cas
.query()
const cas = purest({ provider: 'cas' });
return cas
.get('oidc/profile')
.subdomain(providers.cas.subdomain)
.auth(access_token)
.request((err, res, body) => {
if (err) {
callback(err);
} else {
.request()
.then(({ body }) => {
// CAS attribute may be in body.attributes or "FLAT", depending on CAS config
const username = body.attributes
? body.attributes.strapiusername || body.id || body.sub
@ -458,16 +265,13 @@ module.exports = async ({ provider, access_token, callback, query, providers })
'CAS Response Body did not contain required attributes: ' + JSON.stringify(body)
);
}
callback(null, {
return {
username,
email,
};
});
}
});
break;
}
default:
callback(new Error('Unknown provider.'));
break;
throw new Error('Unknown provider.');
}
};

37
packages/plugins/users-permissions/server/services/providers.js
View File

@ -18,17 +18,16 @@ module.exports = ({ strapi }) => {
* Helper to get profiles
*
* @param {String} provider
* @param {Function} callback
*/
const getProfile = async (provider, query, callback) => {
const getProfile = async (provider, query) => {
const access_token = query.access_token || query.code || query.oauth_token;
const providers = await strapi
.store({ type: 'plugin', name: 'users-permissions', key: 'grant' })
.get();
await providerRequest({ provider, query, callback, access_token, providers });
return providerRequest({ provider, query, access_token, providers });
};
/**
@ -46,20 +45,17 @@ module.exports = ({ strapi }) => {
return new Promise((resolve, reject) => {
if (!access_token) {
return reject([null, { message: 'No access_token.' }]);
return reject({ message: 'No access_token.' });
}
// Get the profile.
getProfile(provider, query, async (err, profile) => {
if (err) {
return reject([null, err]);
}
getProfile(provider, query)
.then(async profile => {
const email = _.toLower(profile.email);
// We need at least the mail.
if (!email) {
return reject([null, { message: 'Email was not available.' }]);
return reject({ message: 'Email was not available.' });
}
try {
@ -74,26 +70,18 @@ module.exports = ({ strapi }) => {
const user = _.find(users, { provider });
if (_.isEmpty(user) && !advanced.allow_register) {
return resolve([
null,
[{ messages: [{ id: 'Auth.advanced.allow_register' }] }],
'Register action is actually not available.',
]);
return reject({ message: 'Register action is actually not available.' });
}
if (!_.isEmpty(user)) {
return resolve([user, null]);
return resolve(user);
}
if (
!_.isEmpty(_.find(users, user => user.provider !== provider)) &&
advanced.unique_email
) {
return resolve([
null,
[{ messages: [{ id: 'Auth.form.error.email.taken' }] }],
'Email is already taken.',
]);
return reject({ message: 'Email is already taken.' });
}
// Retrieve default role.
@ -114,11 +102,12 @@ module.exports = ({ strapi }) => {
.query('plugin::users-permissions.user')
.create({ data: params });
return resolve([createdUser, null]);
return resolve(createdUser);
} catch (err) {
reject([null, err]);
reject(err);
}
});
})
.catch(reject);
});
};

88
yarn.lock
View File

@ -2749,18 +2749,6 @@
resolved "https://registry.yarnpkg.com/@protobufjs/utf8/-/utf8-1.1.0.tgz#a777360b5b39a1a2e5106f8e858f2fd2d060c570"
integrity sha1-p3c2C1s5oaLlEG+OhY8v0tBgxXA=
"@purest/config@^1.0.0":
version "1.0.1"
resolved "https://registry.yarnpkg.com/@purest/config/-/config-1.0.1.tgz#d7dc6a0629032fd98d4ae5f59bec26ba1465c8e0"
integrity sha512-cEG7U0X26a25SVrHsja5TohAfnkd0jjkjNu0bPX6cQdrSe16j/WeOuX1+TXbkDuZcirIDv7gjHSMe5vfCnW2og==
dependencies:
extend "^3.0.0"
"@purest/providers@^1.0.2":
version "1.0.4"
resolved "https://registry.yarnpkg.com/@purest/providers/-/providers-1.0.4.tgz#e405971181d903b1c9b513c13d9e670666120396"
integrity sha512-c+OxB8POBW00VG/exqYoh4/ryru48SZzN+uQkg+qK20iDeJ0Gr8nb1QNRuDmtLBJxOkRAze3zk04FctnE3joAw==
"@react-dnd/asap@^4.0.0":
version "4.0.0"
resolved "https://registry.yarnpkg.com/@react-dnd/asap/-/asap-4.0.0.tgz#b300eeed83e9801f51bd66b0337c9a6f04548651"
@ -2776,19 +2764,28 @@
resolved "https://registry.yarnpkg.com/@react-dnd/shallowequal/-/shallowequal-2.0.0.tgz#a3031eb54129f2c66b2753f8404266ec7bf67f0a"
integrity sha512-Pc/AFTdwZwEKJxFJvlxrSmGe/di+aAOBn60sremrpLo6VI/6cmiUYNNwlI5KNYttg7uypzA3ILPMPgxB2GYZEg==
"@request/api@^0.6.0":
version "0.6.0"
resolved "https://registry.yarnpkg.com/@request/api/-/api-0.6.0.tgz#e46e4c32e21db9ca72639701cba1ebfee06c1666"
integrity sha1-5G5MMuIducpyY5cBy6Hr/uBsFmY=
"@sendgrid/client@^7.4.7":
version "7.6.2"
resolved "https://registry.yarnpkg.com/@sendgrid/client/-/client-7.6.2.tgz#5d08949120dad679f34260f1b875b4f57a8d688e"
integrity sha512-Yw3i3vPBBwfiIi+4i7+1f1rwQoLlLsu3qW16d1UuRp6RgX6H6yHYb2/PfqwNyCC0qzqIWGUKPWwYe5ggcr5Guw==
dependencies:
"@request/interface" "^0.1.0"
deep-copy "^1.1.2"
extend "^3.0.0"
"@sendgrid/helpers" "^7.6.2"
axios "^0.26.0"
"@request/interface@^0.1.0":
version "0.1.0"
resolved "https://registry.yarnpkg.com/@request/interface/-/interface-0.1.0.tgz#c913504d3dc2810afad555b599aeaec2cc4c6768"
integrity sha1-yRNQTT3CgQr61VW1ma6uwsxMZ2g=
"@sendgrid/helpers@^7.4.6", "@sendgrid/helpers@^7.6.2":
version "7.6.2"
resolved "https://registry.yarnpkg.com/@sendgrid/helpers/-/helpers-7.6.2.tgz#e4abdd4e259611ed549ae8e0f4a46cd4f587e5d1"
integrity sha512-kGW0kM2AOHfXjcvB6Lgwa/nMv8IALu0KyNY9X4HSa3MtLohymuhbG9HgjrOh66+BkbsfA03H3bcT0+sPVJ0GKQ==
dependencies:
deepmerge "^4.2.2"
"@sendgrid/mail@7.4.7":
version "7.4.7"
resolved "https://registry.yarnpkg.com/@sendgrid/mail/-/mail-7.4.7.tgz#cc8f77ec27443e02e7be1df01bf0899434155804"
integrity sha512-lGfXJBEx7PMQje/NsVsebF6MdP2ptHWjmuI4YANjReAQlIGq3Cqm4JLP5Fb4n5Bbr1LXLCM7R0gJo+/PT6ENKw==
dependencies:
"@sendgrid/client" "^7.4.7"
"@sendgrid/helpers" "^7.4.6"
"@sentry/core@6.3.0":
version "6.3.0"
@ -2926,6 +2923,11 @@
"@sentry/types" "6.7.1"
tslib "^1.9.3"
"@simov/deep-extend@^1.0.0":
version "1.0.0"
resolved "https://registry.yarnpkg.com/@simov/deep-extend/-/deep-extend-1.0.0.tgz#dff17d38305614e296eb80bf4898b9d10b061325"
integrity sha512-Arv8/ZPcdKAMJnNF8cks35mPq1y3JnwH1lWpfWDKlJoj+Vw2xmA4+oL7m9GVHTgdX0mGFR7bCPTBTGbxhnfJJw==
"@sindresorhus/is@^4.0.0":
version "4.6.0"
resolved "https://registry.yarnpkg.com/@sindresorhus/is/-/is-4.6.0.tgz#3c7c9c46e678feefe7a2e5bb609d3dbd665ffb3f"
@ -6956,11 +6958,6 @@ dedent@^0.7.0:
resolved "https://registry.yarnpkg.com/dedent/-/dedent-0.7.0.tgz#2495ddbaf6eb874abb0e1be9df22d2e5a544326c"
integrity sha1-JJXduvbrh0q7Dhvp3yLS5aVEMmw=
deep-copy@^1.1.2:
version "1.4.2"
resolved "https://registry.yarnpkg.com/deep-copy/-/deep-copy-1.4.2.tgz#0622719257e4bd60240e401ea96718211c5c4697"
integrity sha512-VxZwQ/1+WGQPl5nE67uLhh7OqdrmqI1OazrraO9Bbw/M8Bt6Mol/RxzDA6N6ZgRXpsG/W9PgUj8E1LHHBEq2GQ==
deep-equal@^1.0.1:
version "1.1.1"
resolved "https://registry.yarnpkg.com/deep-equal/-/deep-equal-1.1.1.tgz#b5c98c942ceffaf7cb051e24e1434a25a2e6076a"
@ -12414,6 +12411,14 @@ multimatch@^5.0.0:
arrify "^2.0.1"
minimatch "^3.0.4"
multistream@^4.0.1:
version "4.1.0"
resolved "https://registry.yarnpkg.com/multistream/-/multistream-4.1.0.tgz#7bf00dfd119556fbc153cff3de4c6d477909f5a8"
integrity sha512-J1XDiAmmNpRCBfIWJv+n0ymC4ABcf/Pl+5YvC5B/D2f/2+8PtHvCNxMPKiQcZyi922Hq69J2YOpb1pTywfifyw==
dependencies:
once "^1.4.0"
readable-stream "^3.6.0"
mute-stream@0.0.8, mute-stream@~0.0.4:
version "0.0.8"
resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.8.tgz#1630c42b2251ff81e2a283de96a5497ea92e5e0d"
@ -14263,14 +14268,16 @@ punycode@^2.1.0, punycode@^2.1.1:
resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.1.1.tgz#b58b010ac40c22c5657616c8d2c2c02c7bf479ec"
integrity sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==
purest@3.1.0:
version "3.1.0"
resolved "https://registry.yarnpkg.com/purest/-/purest-3.1.0.tgz#cca72a8f4717d46053d677059f9b357b59ee5cb7"
integrity sha512-9slCC5je2UNERS/YNcrs1/7K5Bh7Uvl6OY1S+XZ6iDNMCwk8Fio6VBdrklo7eMzt5M/Wt2fQlwXRjn4puBccRQ==
purest@4.0.2:
version "4.0.2"
resolved "https://registry.yarnpkg.com/purest/-/purest-4.0.2.tgz#6d60403f00731bbe3c508955c96d56e8c0f30098"
integrity sha512-Uq6kdia8zGVHOb/0zAOb7FvKFMKeyeTZTLEwpO0JR3cIFEkpH6asv3ls9M9URDjHiYIdgAPmht5ecSbvPacfyg==
dependencies:
"@purest/config" "^1.0.0"
"@request/api" "^0.6.0"
extend "^3.0.0"
"@simov/deep-extend" "^1.0.0"
qs "^6.10.3"
request-compose "^2.1.4"
request-multipart "^1.0.0"
request-oauth "^1.0.1"
q@^1.5.1:
version "1.5.1"
@ -14990,6 +14997,17 @@ request-ip@2.1.3:
dependencies:
is_js "^0.9.0"
request-multipart@^1.0.0:
version "1.0.0"
resolved "https://registry.yarnpkg.com/request-multipart/-/request-multipart-1.0.0.tgz#26fe57634e379a5686eb499788ecd8b4fd51deaf"
integrity sha512-dazx88T19dIKFNc0XdlZV8H46D2RmNFdR4mipcbrFOaN70PSSSMM3urVY+eVbrpraf/fHXccxFhLvG1wkSUtKQ==
dependencies:
bl "^4.0.3"
isstream "^0.1.2"
mime-types "^2.1.28"
multistream "^4.0.1"
uuid "^8.3.2"
request-oauth@^1.0.1:
version "1.0.1"
resolved "https://registry.yarnpkg.com/request-oauth/-/request-oauth-1.0.1.tgz#dedb0c4a37234d9e93f377ddb0aaab425f31239e"