Shinobi/libs/auth/google.js

const {OAuth2Client} = require('google-auth-library');
module.exports = (s,config,lang) => {
    const {
        basicAuth,
    } = require('./utils.js')(s,config,lang)
    const {
        getLoginToken,
        deleteLoginToken,
        bindLoginIdToUser,
        refreshLoginTokenAccessDate,
    } = require('./alternateLogins.js')(s,config,lang)
    const client = new OAuth2Client(config.appTokenGoogle);
    async function verifyToken(userLoginToken) {
      const ticket = await client.verifyIdToken({
          idToken: userLoginToken,
          audience: config.appTokenGoogle,
      });
      const payload = ticket.getPayload();
      const userid = payload['sub'];
      return {
          ok: !!payload.email,
          user: payload.email ? {
              id: userid,
              name: payload.name,
              email: payload.email,
              picture: payload.picture,
          } : null,
      }
    }
    async function loginWithGoogleAccount(userLoginToken) {
        const response = {ok: false, googleSignedIn: false}
        const tokenResponse = await verifyToken(userLoginToken)
        if(tokenResponse.ok){
            const user = tokenResponse.user
            response.googleSignedIn = true
            response.googleUser = user
            const foundToken = await getLoginToken(user.id,'google')
            if(foundToken){
                const userResponse = await s.knexQueryPromise({
                    action: "select",
                    columns: '*',
                    table: "Users",
                    where: [
                        ['uid','=',foundToken.uid],
                        ['ke','=',foundToken.ke],
                    ],
                    limit: 1
                })
                response.ok = true
                userResponse.rows[0].details = s.parseJSON(userResponse.rows[0].details)
                response.user = userResponse.rows[0]
            }else{
                response.msg = lang.tokenNotUserBound
                if(config.allowBindingAltLoginsFromLoginPage){
                    response.msg += '\n' + lang.tokenNotUserBoundPt2
                }
                // make new if no users?
            }
        }
        return response
    }
    s.onProcessReady(() => {
        s.alternateLogins['google'] = async (params) => {
            const response = { ok: false }
            const loginToken = params.alternateLoginToken
            const username = params.mail
            const password = params.pass
            const googleLoginResponse = await loginWithGoogleAccount(loginToken)
            if(googleLoginResponse.user){
                const user = googleLoginResponse.user
                response.ok = true
                response.user = user
                refreshLoginTokenAccessDate(googleLoginResponse.googleUser.id,'google')
            }else if(config.allowBindingAltLoginsFromLoginPage && googleLoginResponse.googleSignedIn && username && password){
                const basicAuthResponse = await basicAuth(username,password)
                if(basicAuthResponse.user){
                    const user = basicAuthResponse.user
                    const loginId = googleLoginResponse.googleUser.id
                    const groupKey = user.ke
                    const userId = user.uid
                    const bindResponse = await bindLoginIdToUser(loginId,groupKey,userId,'google')
                    response.ok = true
                    response.user = basicAuthResponse.user
                }
            }else{
                response.msg = googleLoginResponse.msg
            }
            return response
        }
    })
    return {
        client: client,
        verifyToken: verifyToken,
        loginWithGoogleAccount: loginWithGoogleAccount,
    }
}
google login test framework 2021-04-01 06:03:34 +00:00			`const {OAuth2Client} = require('google-auth-library');`
alternate login engine, add google sign-in 2021-04-03 05:14:34 +00:00			`module.exports = (s,config,lang) => {`
allow binding google auth with login screen 2021-04-03 21:16:15 +00:00			`const {`
			`basicAuth,`
			`} = require('./utils.js')(s,config,lang)`
clean up google login script 2021-04-04 00:19:20 +00:00			`const {`
			`getLoginToken,`
			`deleteLoginToken,`
			`bindLoginIdToUser,`
			`refreshLoginTokenAccessDate,`
			`} = require('./alternateLogins.js')(s,config,lang)`
google login test framework 2021-04-01 06:03:34 +00:00			`const client = new OAuth2Client(config.appTokenGoogle);`
			`async function verifyToken(userLoginToken) {`
			`const ticket = await client.verifyIdToken({`
			`idToken: userLoginToken,`
			`audience: config.appTokenGoogle,`
			`});`
			`const payload = ticket.getPayload();`
			`const userid = payload['sub'];`
			`return {`
			`ok: !!payload.email,`
			`user: payload.email ? {`
			`id: userid,`
			`name: payload.name,`
			`email: payload.email,`
			`picture: payload.picture,`
			`} : null,`
			`}`
			`}`
			`async function loginWithGoogleAccount(userLoginToken) {`
allow binding google auth with login screen 2021-04-03 21:16:15 +00:00			`const response = {ok: false, googleSignedIn: false}`
google login test framework 2021-04-01 06:03:34 +00:00			`const tokenResponse = await verifyToken(userLoginToken)`
			`if(tokenResponse.ok){`
			`const user = tokenResponse.user`
allow binding google auth with login screen 2021-04-03 21:16:15 +00:00			`response.googleSignedIn = true`
			`response.googleUser = user`
clean up google login script 2021-04-04 00:19:20 +00:00			`const foundToken = await getLoginToken(user.id,'google')`
			`if(foundToken){`
google login test framework 2021-04-01 06:03:34 +00:00			`const userResponse = await s.knexQueryPromise({`
			`action: "select",`
			`columns: '*',`
			`table: "Users",`
			`where: [`
clean up google login script 2021-04-04 00:19:20 +00:00			`['uid','=',foundToken.uid],`
			`['ke','=',foundToken.ke],`
			`],`
			`limit: 1`
google login test framework 2021-04-01 06:03:34 +00:00			`})`
			`response.ok = true`
alternate login engine, add google sign-in 2021-04-03 05:14:34 +00:00			`userResponse.rows[0].details = s.parseJSON(userResponse.rows[0].details)`
			`response.user = userResponse.rows[0]`
google login test framework 2021-04-01 06:03:34 +00:00			`}else{`
Add Alternate Logins section in Settings, Minor Cleanup + Login Token API Endpoints for : get single, get all, delete by loginId + framework.sql update + update auto table creation for existing installations + fail message specific to alternateLogin can be passed to UI + add type column to LoginTokens table, default is "google" because its the only one (first of many to come) 2021-04-04 04:46:58 +00:00			`response.msg = lang.tokenNotUserBound`
			`if(config.allowBindingAltLoginsFromLoginPage){`
			`response.msg += '\n' + lang.tokenNotUserBoundPt2`
			`}`
google login test framework 2021-04-01 06:03:34 +00:00			`// make new if no users?`
			`}`
			`}`
			`return response`
			`}`
allow binding google auth with login screen 2021-04-03 21:16:15 +00:00			`s.onProcessReady(() => {`
			`s.alternateLogins['google'] = async (params) => {`
			`const response = { ok: false }`
			`const loginToken = params.alternateLoginToken`
			`const username = params.mail`
			`const password = params.pass`
			`const googleLoginResponse = await loginWithGoogleAccount(loginToken)`
			`if(googleLoginResponse.user){`
clean up google login script 2021-04-04 00:19:20 +00:00			`const user = googleLoginResponse.user`
allow binding google auth with login screen 2021-04-03 21:16:15 +00:00			`response.ok = true`
clean up google login script 2021-04-04 00:19:20 +00:00			`response.user = user`
			`refreshLoginTokenAccessDate(googleLoginResponse.googleUser.id,'google')`
allow binding google auth with login screen 2021-04-03 21:16:15 +00:00			`}else if(config.allowBindingAltLoginsFromLoginPage && googleLoginResponse.googleSignedIn && username && password){`
			`const basicAuthResponse = await basicAuth(username,password)`
			`if(basicAuthResponse.user){`
			`const user = basicAuthResponse.user`
			`const loginId = googleLoginResponse.googleUser.id`
			`const groupKey = user.ke`
			`const userId = user.uid`
clean up google login script 2021-04-04 00:19:20 +00:00			`const bindResponse = await bindLoginIdToUser(loginId,groupKey,userId,'google')`
allow binding google auth with login screen 2021-04-03 21:16:15 +00:00			`response.ok = true`
			`response.user = basicAuthResponse.user`
			`}`
Add Alternate Logins section in Settings, Minor Cleanup + Login Token API Endpoints for : get single, get all, delete by loginId + framework.sql update + update auto table creation for existing installations + fail message specific to alternateLogin can be passed to UI + add type column to LoginTokens table, default is "google" because its the only one (first of many to come) 2021-04-04 04:46:58 +00:00			`}else{`
			`response.msg = googleLoginResponse.msg`
allow binding google auth with login screen 2021-04-03 21:16:15 +00:00			`}`
			`return response`
alternate login engine, add google sign-in 2021-04-03 05:14:34 +00:00			`}`
allow binding google auth with login screen 2021-04-03 21:16:15 +00:00			`})`
google login test framework 2021-04-01 06:03:34 +00:00			`return {`
			`client: client,`
			`verifyToken: verifyToken,`
			`loginWithGoogleAccount: loginWithGoogleAccount,`
			`}`
			`}`