Software: Apache/2.4.41 (Ubuntu). PHP/8.0.30 uname -a: Linux apirnd 5.4.0-204-generic #224-Ubuntu SMP Thu Dec 5 13:38:28 UTC 2024 x86_64 uid=33(www-data) gid=33(www-data) groups=33(www-data) Safe-mode: OFF (not secure) /var/www/html/wincloud_gateway/node_modules/strapi-plugin-users-permissions/services/ drwxr-xr-x | |
| Viewing file: Select action/file-type: 'use strict';
/**
* Module dependencies.
*/
// Public node modules.
const _ = require('lodash');
const request = require('request');
// Purest strategies.
const purest = require('purest')({ request });
const purestConfig = require('@purest/providers');
const { getAbsoluteServerUrl } = require('strapi-utils');
const jwt = require('jsonwebtoken');
/**
* Connect thanks to a third-party provider.
*
*
* @param {String} provider
* @param {String} access_token
*
* @return {*}
*/
const connect = (provider, query) => {
const access_token = query.access_token || query.code || query.oauth_token;
return new Promise((resolve, reject) => {
if (!access_token) {
return reject([null, { message: 'No access_token.' }]);
}
// Get the profile.
getProfile(provider, query, async (err, profile) => {
if (err) {
return reject([null, err]);
}
// We need at least the mail.
if (!profile.email) {
return reject([null, { message: 'Email was not available.' }]);
}
try {
const users = await strapi.query('user', 'users-permissions').find({
email: profile.email,
});
const advanced = await strapi
.store({
environment: '',
type: 'plugin',
name: 'users-permissions',
key: 'advanced',
})
.get();
const user = _.find(users, { provider });
if (_.isEmpty(user) && !advanced.allow_register) {
return resolve([
null,
[{ messages: [{ id: 'Auth.advanced.allow_register' }] }],
'Register action is actually not available.',
]);
}
if (!_.isEmpty(user)) {
return resolve([user, null]);
}
if (
!_.isEmpty(_.find(users, user => user.provider !== provider)) &&
advanced.unique_email
) {
return resolve([
null,
[{ messages: [{ id: 'Auth.form.error.email.taken' }] }],
'Email is already taken.',
]);
}
// Retrieve default role.
const defaultRole = await strapi
.query('role', 'users-permissions')
.findOne({ type: advanced.default_role }, []);
// Create the new user.
const params = _.assign(profile, {
provider: provider,
role: defaultRole.id,
confirmed: true,
});
const createdUser = await strapi.query('user', 'users-permissions').create(params);
return resolve([createdUser, null]);
} catch (err) {
reject([null, err]);
}
});
});
};
/**
* Helper to get profiles
*
* @param {String} provider
* @param {Function} callback
*/
const getProfile = async (provider, query, callback) => {
const access_token = query.access_token || query.code || query.oauth_token;
const grant = await strapi
.store({
environment: '',
type: 'plugin',
name: 'users-permissions',
key: 'grant',
})
.get();
switch (provider) {
case 'discord': {
const discord = purest({
provider: 'discord',
config: {
discord: {
'https://discordapp.com/api/': {
__domain: {
auth: {
auth: { bearer: '[0]' },
},
},
'{endpoint}': {
__path: {
alias: '__default',
},
},
},
},
},
});
discord
.query()
.get('users/@me')
.auth(access_token)
.request((err, res, body) => {
if (err) {
callback(err);
} else {
// Combine username and discriminator because discord username is not unique
var username = `${body.username}#${body.discriminator}`;
callback(null, {
username: username,
email: body.email,
});
}
});
break;
}
case 'cognito': {
// get the id_token
const idToken = query.id_token;
// decode the jwt token
const tokenPayload = jwt.decode(idToken);
if (!tokenPayload) {
callback(new Error('unable to decode jwt token'));
} else {
callback(null, {
username: tokenPayload['cognito:username'],
email: tokenPayload.email,
});
}
break;
}
case 'facebook': {
const facebook = purest({
provider: 'facebook',
config: purestConfig,
});
facebook
.query()
.get('me?fields=name,email')
.auth(access_token)
.request((err, res, body) => {
if (err) {
callback(err);
} else {
callback(null, {
username: body.name,
email: body.email,
});
}
});
break;
}
case 'google': {
const google = purest({ provider: 'google', config: purestConfig });
google
.query('oauth')
.get('tokeninfo')
.qs({ access_token })
.request((err, res, body) => {
if (err) {
callback(err);
} else {
callback(null, {
username: body.email.split('@')[0],
email: body.email,
});
}
});
break;
}
case 'github': {
const github = purest({
provider: 'github',
config: purestConfig,
defaults: {
headers: {
'user-agent': 'strapi',
},
},
});
github
.query()
.get('user')
.auth(access_token)
.request((err, res, userbody) => {
if (err) {
return callback(err);
}
// This is the public email on the github profile
if (userbody.email) {
return callback(null, {
username: userbody.login,
email: userbody.email,
});
}
// Get the email with Github's user/emails API
github
.query()
.get('user/emails')
.auth(access_token)
.request((err, res, emailsbody) => {
if (err) {
return callback(err);
}
return callback(null, {
username: userbody.login,
email: Array.isArray(emailsbody)
? emailsbody.find(email => email.primary === true).email
: null,
});
});
});
break;
}
case 'microsoft': {
const microsoft = purest({
provider: 'microsoft',
config: purestConfig,
});
microsoft
.query()
.get('me')
.auth(access_token)
.request((err, res, body) => {
if (err) {
callback(err);
} else {
callback(null, {
username: body.userPrincipalName,
email: body.userPrincipalName,
});
}
});
break;
}
case 'twitter': {
const twitter = purest({
provider: 'twitter',
config: purestConfig,
key: grant.twitter.key,
secret: grant.twitter.secret,
});
twitter
.query()
.get('account/verify_credentials')
.auth(access_token, query.access_secret)
.qs({ screen_name: query['raw[screen_name]'], include_email: 'true' })
.request((err, res, body) => {
if (err) {
callback(err);
} else {
callback(null, {
username: body.screen_name,
email: body.email,
});
}
});
break;
}
case 'instagram': {
const instagram = purest({
provider: 'instagram',
key: grant.instagram.key,
secret: grant.instagram.secret,
config: purestConfig,
});
instagram
.query()
.get('me')
.qs({ access_token, fields: 'id,username' })
.request((err, res, body) => {
if (err) {
callback(err);
} else {
callback(null, {
username: body.username,
email: `${body.username}@strapi.io`, // dummy email as Instagram does not provide user email
});
}
});
break;
}
case 'vk': {
const vk = purest({
provider: 'vk',
config: purestConfig,
});
vk.query()
.get('users.get')
.qs({ access_token, id: query.raw.user_id, v: '5.122' })
.request((err, res, body) => {
if (err) {
callback(err);
} else {
callback(null, {
username: `${body.response[0].last_name} ${body.response[0].first_name}`,
email: query.raw.email,
});
}
});
break;
}
case 'twitch': {
const twitch = purest({
provider: 'twitch',
config: {
twitch: {
'https://api.twitch.tv': {
__domain: {
auth: {
headers: {
Authorization: 'Bearer [0]',
'Client-ID': '[1]',
},
},
},
'helix/{endpoint}': {
__path: {
alias: '__default',
},
},
'oauth2/{endpoint}': {
__path: {
alias: 'oauth',
},
},
},
},
},
});
twitch
.get('users')
.auth(access_token, grant.twitch.key)
.request((err, res, body) => {
if (err) {
callback(err);
} else {
callback(null, {
username: body.data[0].login,
email: body.data[0].email,
});
}
});
break;
}
case 'linkedin': {
const linkedIn = purest({
provider: 'linkedin',
config: {
linkedin: {
'https://api.linkedin.com': {
__domain: {
auth: [{ auth: { bearer: '[0]' } }],
},
'[version]/{endpoint}': {
__path: {
alias: '__default',
version: 'v2',
},
},
},
},
},
});
try {
const getDetailsRequest = () => {
return new Promise((resolve, reject) => {
linkedIn
.query()
.get('me')
.auth(access_token)
.request((err, res, body) => {
if (err) {
return reject(err);
}
resolve(body);
});
});
};
const getEmailRequest = () => {
return new Promise((resolve, reject) => {
linkedIn
.query()
.get('emailAddress?q=members&projection=(elements*(handle~))')
.auth(access_token)
.request((err, res, body) => {
if (err) {
return reject(err);
}
resolve(body);
});
});
};
const { localizedFirstName } = await getDetailsRequest();
const { elements } = await getEmailRequest();
const email = elements[0]['handle~'];
callback(null, {
username: localizedFirstName,
email: email.emailAddress,
});
} catch (err) {
callback(err);
}
break;
}
case 'reddit': {
const reddit = purest({
provider: 'reddit',
config: purestConfig,
defaults: {
headers: {
'user-agent': 'strapi',
},
},
});
reddit
.query('auth')
.get('me')
.auth(access_token)
.request((err, res, body) => {
if (err) {
callback(err);
} else {
callback(null, {
username: body.name,
email: `${body.name}@strapi.io`, // dummy email as Reddit does not provide user email
});
}
});
break;
}
case 'auth0': {
const purestAuth0Conf = {};
purestAuth0Conf[`https://${grant.auth0.subdomain}.auth0.com`] = {
__domain: {
auth: {
auth: { bearer: '[0]' },
},
},
'{endpoint}': {
__path: {
alias: '__default',
},
},
};
const auth0 = purest({
provider: 'auth0',
config: {
auth0: purestAuth0Conf,
},
});
auth0
.get('userinfo')
.auth(access_token)
.request((err, res, body) => {
if (err) {
callback(err);
} else {
const username =
body.username || body.nickname || body.name || body.email.split('@')[0];
const email = body.email || `${username.replace(/\s+/g, '.')}@strapi.io`;
callback(null, {
username,
email,
});
}
});
break;
}
case 'cas': {
const provider_url = 'https://' + _.get(grant['cas'], 'subdomain');
const cas = purest({
provider: 'cas',
config: {
cas: {
[provider_url]: {
__domain: {
auth: {
auth: { bearer: '[0]' },
},
},
'{endpoint}': {
__path: {
alias: '__default',
},
},
},
},
},
});
cas
.query()
.get('oidc/profile')
.auth(access_token)
.request((err, res, body) => {
if (err) {
callback(err);
} else {
// CAS attribute may be in body.attributes or "FLAT", depending on CAS config
const username = body.attributes
? body.attributes.strapiusername || body.id || body.sub
: body.strapiusername || body.id || body.sub;
const email = body.attributes
? body.attributes.strapiemail || body.attributes.email
: body.strapiemail || body.email;
if (!username || !email) {
strapi.log.warn(
'CAS Response Body did not contain required attributes: ' + JSON.stringify(body)
);
}
callback(null, {
username,
email,
});
}
});
break;
}
default:
callback(new Error('Unknown provider.'));
break;
}
};
const buildRedirectUri = (provider = '') =>
`${getAbsoluteServerUrl(strapi.config)}/connect/${provider}/callback`;
module.exports = {
connect,
buildRedirectUri,
};
|
:: Command execute :: | |
--[ c99shell v. 2.5 [PHP 8 Update] [24.05.2025] | Generation time: 0.0048 ]-- |