New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket

egg-kauth

Package Overview
Dependencies
Maintainers
0
Versions
76
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

egg-kauth - npm Package Compare versions

Comparing version 2.0.5-alpha.0 to 2.0.5-alpha.1

368

app/lib/index.js
"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });

@@ -6,174 +9,27 @@ exports.KauthProvider = void 0;

const url_1 = require("url");
const path_1 = __importDefault(require("path"));
class KauthProvider {
maxAge = 2147483647;
moziAuthenticator;
googleAuthenticator;
miniprogramAuthenticator;
subjectProvider;
jwtProvider;
router;
permissionHandler;
moziTokenUri;
moziBindUri;
moziPrompt;
googleTokenUri;
googleBindUri;
googlePrompt;
miniprogramTokenUri;
miniprogramBindUri;
miniprogramPrompt;
logoutRedirectUri;
unautorizedRedirectUri;
unauthorizedRedirectIgnore;
loginHandler;
authHandler;
constructor(kauthConfig) {
this.maxAge = 2147483647;
this.dispatch = async (ctx, next) => {
await this.router.dispatch(ctx, next);
};
this.logout = async (ctx) => {
const { callback } = ctx.request.query;
ctx.cookies.set('Authorization', '', {
path: '/',
httpOnly: true,
maxAge: 0,
});
if (callback) {
ctx.redirect(callback);
return;
}
ctx.redirect(this.logoutRedirectUri);
};
this.redirectMoziAuthorizeUri = async (ctx) => {
const { type, origin, callback = origin } = ctx.request.query;
this.assertCallbackLegal(callback, origin);
if (type === 'binding') {
const userId = await this.getBindingUserIdFromCookie(ctx);
if (!userId) {
return this.illegalToBindAccount(ctx);
}
const state = this.formatState({ origin, userId, callback });
const url = await this.moziAuthenticator.authorizeURL(origin + this.moziBindUri, state, this.moziPrompt);
return ctx.redirect(url);
}
const state = this.formatState({ origin, callback });
const url = await this.moziAuthenticator.authorizeURL(origin + this.moziTokenUri, state, this.moziPrompt);
ctx.redirect(url);
};
this.redirectGoogleAuthorizeUri = async (ctx) => {
const { type, origin, callback = origin } = ctx.request.query;
this.assertCallbackLegal(callback, origin);
if (type === 'binding') {
const userId = await this.getBindingUserIdFromCookie(ctx);
if (!userId) {
return this.illegalToBindAccount(ctx);
}
const state = this.formatState({ origin, userId, callback });
const url = await this.googleAuthenticator.authorizeURL(origin + this.googleBindUri, state, this.googlePrompt);
return ctx.redirect(url);
}
const state = this.formatState({ origin, callback });
const url = await this.googleAuthenticator.authorizeURL(origin + this.googleTokenUri, state, this.googlePrompt);
ctx.redirect(url);
};
this.redirectMiniProgarmAuthorizeUri = async (ctx) => {
const { type, origin, callback = origin } = ctx.request.query;
this.assertCallbackLegal(callback, origin);
if (type === 'binding') {
const userId = await this.getBindingUserIdFromCookie(ctx);
if (!userId) {
return this.illegalToBindAccount(ctx);
}
const state = this.formatState({ origin, userId, callback });
const url = await this.miniprogramAuthenticator.authorizeURL(origin + this.miniprogramBindUri, state, this.miniprogramPrompt);
return ctx.redirect(url);
}
const state = this.formatState({ origin, callback });
const url = await this.miniprogramAuthenticator.authorizeURL(origin + this.miniprogramTokenUri, state, this.miniprogramPrompt);
ctx.redirect(url);
};
this.redirectMoziToken = async (ctx) => {
const { code, state } = ctx.request.query;
const { origin, callback } = this.parseState(state);
const authenticationInformation = await this.moziAuthenticator.authenticate(code, origin + this.moziTokenUri);
await this.handleAuthenticationInformation(ctx, authenticationInformation, callback);
};
this.redirectGoogleToken = async (ctx) => {
const { code, state } = ctx.request.query;
const { origin, callback } = this.parseState(state);
const authenticationInformation = await this.googleAuthenticator.authenticate(code, origin + this.googleTokenUri);
await this.handleAuthenticationInformation(ctx, authenticationInformation, callback);
};
this.redirectMiniprogramToken = async (ctx) => {
const { loginToken, state } = ctx.request.query;
const { origin, callback } = this.parseState(state);
const authenticationInformation = await this.miniprogramAuthenticator.authenticate(loginToken, origin + this.miniprogramTokenUri);
await this.handleAuthenticationInformation(ctx, authenticationInformation, callback);
};
this.bindMozi = async (ctx) => {
const { code, state } = ctx.query;
const { origin, userId, callback } = this.parseState(state);
await this.moziAuthenticator.bind(userId, code, origin + this.moziBindUri);
ctx.redirect(callback);
};
this.bindGoogle = async (ctx) => {
const { code, state } = ctx.query;
const { origin, userId, callback } = this.parseState(state);
await this.googleAuthenticator.bind(userId, code, origin + this.googleBindUri);
ctx.redirect(callback);
};
this.bindMiniprogram = async (ctx) => {
const { loginToken, state } = ctx.query;
const { origin, userId, callback } = this.parseState(state);
await this.miniprogramAuthenticator.bind(userId, loginToken, origin + this.miniprogramBindUri);
ctx.redirect(callback);
};
this.fallback = async (ctx, next) => {
// verify
const token = ctx.cookies.get('Authorization');
let sub;
if (this.authHandler) {
sub = await this.subjectProvider.verify(token);
if (!sub) {
const redirectIgnored = this.unauthorizedRedirectIgnore && ctx.request.path.startsWith(this.unauthorizedRedirectIgnore);
if (this.unautorizedRedirectUri && !redirectIgnored) {
const callback = encodeURIComponent(ctx.request.path + ctx.request.search);
return ctx.redirect(`${this.unautorizedRedirectUri}?callback=${callback}`);
}
ctx.status = 401;
return;
}
await this.authHandler(ctx, sub);
const refreshedToken = this.subjectProvider.refresh(token);
if (refreshedToken) {
this.saveJsonWebTokenToHeader(ctx, refreshedToken);
}
}
else {
const authenticationInformation = await this.jwtProvider.verify(token);
if (!authenticationInformation) {
const redirectIgnored = this.unauthorizedRedirectIgnore && ctx.request.path.startsWith(this.unauthorizedRedirectIgnore);
if (this.unautorizedRedirectUri && !redirectIgnored) {
const callback = encodeURIComponent(ctx.request.path + ctx.request.search);
return ctx.redirect(`${this.unautorizedRedirectUri}?callback=${callback}`);
}
ctx.status = 401;
return;
}
sub = authenticationInformation.primaryPrincipal.id;
this.saveAuthenticationInformationToContext(ctx, authenticationInformation);
const refreshedToken = this.jwtProvider.refresh(token);
if (refreshedToken) {
this.saveJsonWebTokenToHeader(ctx, refreshedToken);
}
}
if (this.permissionHandler) {
await this.permissionHandler(ctx, sub);
}
return next();
};
this.handleAuthenticationInformation = async (ctx, authenticationInformation, callback) => {
this.saveAuthenticationInformationToContext(ctx, authenticationInformation);
const token = this.jwtProvider.authenticate(authenticationInformation);
this.saveJsonWebTokenToHeader(ctx, token);
if (this.loginHandler) {
await this.loginHandler(ctx, authenticationInformation);
}
ctx.redirect(callback);
};
this.saveAuthenticationInformationToContext = (ctx, authenticationInformation) => {
ctx.authenticationInformation = authenticationInformation;
};
this.saveJsonWebTokenToHeader = (ctx, token) => {
ctx.cookies.set('Authorization', token, {
path: '/',
httpOnly: true,
maxAge: this.maxAge,
});
};
this.formatState = (obj = {}) => {
return Buffer.from(JSON.stringify(obj)).toString('base64');
};
this.parseState = (str = '') => {
return JSON.parse(Buffer.from(str, 'base64').toString('utf8'));
};
const kauthApi = new kauth_sdk_node_1.KauthApi(kauthConfig);

@@ -219,2 +75,147 @@ this.moziAuthenticator = new kauth_sdk_node_1.MoziAuthenticator(kauthApi);

}
dispatch = async (ctx, next) => {
await this.router.dispatch(ctx, next);
};
logout = async (ctx) => {
const { callback } = ctx.request.query;
ctx.cookies.set('Authorization', '', {
path: '/',
httpOnly: true,
maxAge: 0,
});
// for security reason, onlt allow relative path
if (callback && path_1.default.normalize(callback).startsWith('/')) {
ctx.redirect(callback);
return;
}
ctx.redirect(this.logoutRedirectUri);
};
redirectMoziAuthorizeUri = async (ctx) => {
const { type, origin, callback = origin } = ctx.request.query;
this.assertCallbackLegal(callback, origin);
if (type === 'binding') {
const userId = await this.getBindingUserIdFromCookie(ctx);
if (!userId) {
return this.illegalToBindAccount(ctx);
}
const state = this.formatState({ origin, userId, callback });
const url = await this.moziAuthenticator.authorizeURL(origin + this.moziBindUri, state, this.moziPrompt);
return ctx.redirect(url);
}
const state = this.formatState({ origin, callback });
const url = await this.moziAuthenticator.authorizeURL(origin + this.moziTokenUri, state, this.moziPrompt);
ctx.redirect(url);
};
redirectGoogleAuthorizeUri = async (ctx) => {
const { type, origin, callback = origin } = ctx.request.query;
this.assertCallbackLegal(callback, origin);
if (type === 'binding') {
const userId = await this.getBindingUserIdFromCookie(ctx);
if (!userId) {
return this.illegalToBindAccount(ctx);
}
const state = this.formatState({ origin, userId, callback });
const url = await this.googleAuthenticator.authorizeURL(origin + this.googleBindUri, state, this.googlePrompt);
return ctx.redirect(url);
}
const state = this.formatState({ origin, callback });
const url = await this.googleAuthenticator.authorizeURL(origin + this.googleTokenUri, state, this.googlePrompt);
ctx.redirect(url);
};
redirectMiniProgarmAuthorizeUri = async (ctx) => {
const { type, origin, callback = origin } = ctx.request.query;
this.assertCallbackLegal(callback, origin);
if (type === 'binding') {
const userId = await this.getBindingUserIdFromCookie(ctx);
if (!userId) {
return this.illegalToBindAccount(ctx);
}
const state = this.formatState({ origin, userId, callback });
const url = await this.miniprogramAuthenticator.authorizeURL(origin + this.miniprogramBindUri, state, this.miniprogramPrompt);
return ctx.redirect(url);
}
const state = this.formatState({ origin, callback });
const url = await this.miniprogramAuthenticator.authorizeURL(origin + this.miniprogramTokenUri, state, this.miniprogramPrompt);
ctx.redirect(url);
};
redirectMoziToken = async (ctx) => {
const { code, state } = ctx.request.query;
const { origin, callback } = this.parseState(state);
const authenticationInformation = await this.moziAuthenticator.authenticate(code, origin + this.moziTokenUri);
await this.handleAuthenticationInformation(ctx, authenticationInformation, callback);
};
redirectGoogleToken = async (ctx) => {
const { code, state } = ctx.request.query;
const { origin, callback } = this.parseState(state);
const authenticationInformation = await this.googleAuthenticator.authenticate(code, origin + this.googleTokenUri);
await this.handleAuthenticationInformation(ctx, authenticationInformation, callback);
};
redirectMiniprogramToken = async (ctx) => {
const { loginToken, state } = ctx.request.query;
const { origin, callback } = this.parseState(state);
const authenticationInformation = await this.miniprogramAuthenticator.authenticate(loginToken, origin + this.miniprogramTokenUri);
await this.handleAuthenticationInformation(ctx, authenticationInformation, callback);
};
bindMozi = async (ctx) => {
const { code, state } = ctx.query;
const { origin, userId, callback } = this.parseState(state);
await this.moziAuthenticator.bind(userId, code, origin + this.moziBindUri);
ctx.redirect(callback);
};
bindGoogle = async (ctx) => {
const { code, state } = ctx.query;
const { origin, userId, callback } = this.parseState(state);
await this.googleAuthenticator.bind(userId, code, origin + this.googleBindUri);
ctx.redirect(callback);
};
bindMiniprogram = async (ctx) => {
const { loginToken, state } = ctx.query;
const { origin, userId, callback } = this.parseState(state);
await this.miniprogramAuthenticator.bind(userId, loginToken, origin + this.miniprogramBindUri);
ctx.redirect(callback);
};
fallback = async (ctx, next) => {
// verify
const token = ctx.cookies.get('Authorization');
let sub;
if (this.authHandler) {
sub = await this.subjectProvider.verify(token);
if (!sub) {
const redirectIgnored = this.unauthorizedRedirectIgnore && ctx.request.path.startsWith(this.unauthorizedRedirectIgnore);
if (this.unautorizedRedirectUri && !redirectIgnored) {
const callback = encodeURIComponent(ctx.request.path + ctx.request.search);
return ctx.redirect(`${this.unautorizedRedirectUri}?callback=${callback}`);
}
ctx.status = 401;
return;
}
await this.authHandler(ctx, sub);
const refreshedToken = this.subjectProvider.refresh(token);
if (refreshedToken) {
this.saveJsonWebTokenToHeader(ctx, refreshedToken);
}
}
else {
const authenticationInformation = await this.jwtProvider.verify(token);
if (!authenticationInformation) {
const redirectIgnored = this.unauthorizedRedirectIgnore && ctx.request.path.startsWith(this.unauthorizedRedirectIgnore);
if (this.unautorizedRedirectUri && !redirectIgnored) {
const callback = encodeURIComponent(ctx.request.path + ctx.request.search);
return ctx.redirect(`${this.unautorizedRedirectUri}?callback=${callback}`);
}
ctx.status = 401;
return;
}
sub = authenticationInformation.primaryPrincipal.id;
this.saveAuthenticationInformationToContext(ctx, authenticationInformation);
const refreshedToken = this.jwtProvider.refresh(token);
if (refreshedToken) {
this.saveJsonWebTokenToHeader(ctx, refreshedToken);
}
}
if (this.permissionHandler) {
await this.permissionHandler(ctx, sub);
}
return next();
};
illegalToBindAccount(ctx) {

@@ -231,2 +232,21 @@ ctx.status = 500;

}
handleAuthenticationInformation = async (ctx, authenticationInformation, callback) => {
this.saveAuthenticationInformationToContext(ctx, authenticationInformation);
const token = this.jwtProvider.authenticate(authenticationInformation);
this.saveJsonWebTokenToHeader(ctx, token);
if (this.loginHandler) {
await this.loginHandler(ctx, authenticationInformation);
}
ctx.redirect(callback);
};
saveAuthenticationInformationToContext = (ctx, authenticationInformation) => {
ctx.authenticationInformation = authenticationInformation;
};
saveJsonWebTokenToHeader = (ctx, token) => {
ctx.cookies.set('Authorization', token, {
path: '/',
httpOnly: true,
maxAge: this.maxAge,
});
};
assertCallbackLegal(callback, origin) {

@@ -239,5 +259,13 @@ const { host: callbackHost } = new url_1.URL(callback);

}
formatState = (obj = {}) => {
return Buffer.from(JSON.stringify(obj)).toString('base64');
};
parseState = (str = '') => {
return JSON.parse(Buffer.from(str, 'base64').toString('utf8'));
};
}
exports.KauthProvider = KauthProvider;
class KauthRouter {
_routes;
_fallback;
constructor() {

@@ -244,0 +272,0 @@ this._routes = {};

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.default = factory;
const lib_1 = require("../lib");

@@ -17,2 +18,1 @@ function factory(kauthConfig) {

}
exports.default = factory;
"use strict";
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {

@@ -10,5 +14,5 @@ if (k2 === undefined) k2 = k;

var __exportStar = (this && this.__exportStar) || function(m, exports) {
for (var p in m) if (p !== "default" && !exports.hasOwnProperty(p)) __createBinding(exports, m, p);
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
};
Object.defineProperty(exports, "__esModule", { value: true });
__exportStar(require("kauth-sdk-node"), exports);
{
"name": "egg-kauth",
"version": "2.0.5-alpha.0",
"version": "2.0.5-alpha.1",
"description": "egg kauth plugin",

@@ -5,0 +5,0 @@ "eggPlugin": {

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc