bigbuffet-rw/app/soapbox/actions/external_auth.js

/**
 * External Auth: workflow for logging in to remote servers.
 * @module soapbox/actions/external_auth
 * @see module:soapbox/actions/auth
 * @see module:soapbox/actions/apps
 * @see module:soapbox/actions/oauth
 */

import { baseClient } from '../api';
import { createApp } from 'soapbox/actions/apps';
import { obtainOAuthToken } from 'soapbox/actions/oauth';
import { authLoggedIn, verifyCredentials, switchAccount } from 'soapbox/actions/auth';
import { parseBaseURL } from 'soapbox/utils/auth';
import { getFeatures } from 'soapbox/utils/features';
import sourceCode from 'soapbox/utils/code';
import { Map as ImmutableMap, fromJS } from 'immutable';

const fetchExternalInstance = baseURL => {
  return baseClient(null, baseURL)
    .get('/api/v1/instance')
    .then(({ data: instance }) => fromJS(instance))
    .catch(error => {
      if (error.response.status === 401) {
        // Authenticated fetch is enabled.
        // Continue with a limited featureset.
        return ImmutableMap({ version: '0.0.0' });
      } else {
        throw error;
      }
    });
};

export function createAppAndRedirect(host) {
  return (dispatch, getState) => {
    const baseURL = parseBaseURL(host) || parseBaseURL(`https://${host}`);

    return fetchExternalInstance(baseURL).then(instance => {
      const { scopes } = getFeatures(instance);

      const params = {
        client_name:   sourceCode.displayName,
        redirect_uris: `${window.location.origin}/auth/external`,
        website:       sourceCode.homepage,
        scopes,
      };

      return dispatch(createApp(params, baseURL)).then(app => {
        const { client_id, redirect_uri } = app;

        const query = new URLSearchParams({
          client_id,
          redirect_uri,
          response_type: 'code',
          scope: scopes,
        });

        localStorage.setItem('soapbox:external:app', JSON.stringify(app));
        localStorage.setItem('soapbox:external:baseurl', baseURL);
        localStorage.setItem('soapbox:external:scopes', scopes);

        window.location.href = `${baseURL}/oauth/authorize?${query.toString()}`;
      });
    });
  };
}

export function loginWithCode(code) {
  return (dispatch, getState) => {
    const { client_id, client_secret, redirect_uri } = JSON.parse(localStorage.getItem('soapbox:external:app'));
    const baseURL = localStorage.getItem('soapbox:external:baseurl');
    const scope   = localStorage.getItem('soapbox:external:scopes');

    const params = {
      client_id,
      client_secret,
      redirect_uri,
      grant_type: 'authorization_code',
      scope,
      code,
    };

    return dispatch(obtainOAuthToken(params, baseURL))
      .then(token => dispatch(authLoggedIn(token)))
      .then(({ access_token }) => dispatch(verifyCredentials(access_token, baseURL)))
      .then(account => dispatch(switchAccount(account.id)))
      .then(() => window.location.href = '/');
  };
}
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00			`/**`
			`* External Auth: workflow for logging in to remote servers.`
			`* @module soapbox/actions/external_auth`
			`* @see module:soapbox/actions/auth`
			`* @see module:soapbox/actions/apps`
			`* @see module:soapbox/actions/oauth`
			`*/`

Conditional OAuth scopes 2021-08-22 17:13:09 -07:00			`import { baseClient } from '../api';`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00			`import { createApp } from 'soapbox/actions/apps';`
			`import { obtainOAuthToken } from 'soapbox/actions/oauth';`
Standalone: add external accounts, refresh on logout 2021-08-30 16:41:05 -07:00			`import { authLoggedIn, verifyCredentials, switchAccount } from 'soapbox/actions/auth';`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00			`import { parseBaseURL } from 'soapbox/utils/auth';`
Conditional OAuth scopes 2021-08-22 17:13:09 -07:00			`import { getFeatures } from 'soapbox/utils/features';`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00			`import sourceCode from 'soapbox/utils/code';`
Standalone: fallback to limited featureset when authenticated fetch is enabled 2021-08-31 09:02:43 -07:00			`import { Map as ImmutableMap, fromJS } from 'immutable';`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00
Conditional OAuth scopes 2021-08-22 17:13:09 -07:00			`const fetchExternalInstance = baseURL => {`
			`return baseClient(null, baseURL)`
			`.get('/api/v1/instance')`
Standalone: fallback to limited featureset when authenticated fetch is enabled 2021-08-31 09:02:43 -07:00			`.then(({ data: instance }) => fromJS(instance))`
			`.catch(error => {`
			`if (error.response.status === 401) {`
			`// Authenticated fetch is enabled.`
			`// Continue with a limited featureset.`
			`return ImmutableMap({ version: '0.0.0' });`
			`} else {`
			`throw error;`
			`}`
			`});`
Conditional OAuth scopes 2021-08-22 17:13:09 -07:00			`};`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00
			`export function createAppAndRedirect(host) {`
			`return (dispatch, getState) => {`
			const baseURL = parseBaseURL(host) \|\| parseBaseURL(`https://${host}`);

Conditional OAuth scopes 2021-08-22 17:13:09 -07:00			`return fetchExternalInstance(baseURL).then(instance => {`
			`const { scopes } = getFeatures(instance);`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00
Conditional OAuth scopes 2021-08-22 17:13:09 -07:00			`const params = {`
			`client_name: sourceCode.displayName,`
			redirect_uris: `${window.location.origin}/auth/external`,
			`website: sourceCode.homepage,`
			`scopes,`
			`};`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00
Conditional OAuth scopes 2021-08-22 17:13:09 -07:00			`return dispatch(createApp(params, baseURL)).then(app => {`
			`const { client_id, redirect_uri } = app;`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00
Conditional OAuth scopes 2021-08-22 17:13:09 -07:00			`const query = new URLSearchParams({`
			`client_id,`
			`redirect_uri,`
			`response_type: 'code',`
			`scope: scopes,`
			`});`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00
Conditional OAuth scopes 2021-08-22 17:13:09 -07:00			`localStorage.setItem('soapbox:external:app', JSON.stringify(app));`
			`localStorage.setItem('soapbox:external:baseurl', baseURL);`
			`localStorage.setItem('soapbox:external:scopes', scopes);`

			window.location.href = `${baseURL}/oauth/authorize?${query.toString()}`;
			`});`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00			`});`
			`};`
			`}`

			`export function loginWithCode(code) {`
			`return (dispatch, getState) => {`
Standalone: fix auth with Mastodon 2021-08-22 12:46:40 -07:00			`const { client_id, client_secret, redirect_uri } = JSON.parse(localStorage.getItem('soapbox:external:app'));`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00			`const baseURL = localStorage.getItem('soapbox:external:baseurl');`
Conditional OAuth scopes 2021-08-22 17:13:09 -07:00			`const scope = localStorage.getItem('soapbox:external:scopes');`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00
			`const params = {`
			`client_id,`
			`client_secret,`
Standalone: fix auth with Mastodon 2021-08-22 12:46:40 -07:00			`redirect_uri,`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00			`grant_type: 'authorization_code',`
Standalone: fix token scope request 2021-08-22 15:13:01 -07:00			`scope,`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00			`code,`
			`};`

			`return dispatch(obtainOAuthToken(params, baseURL))`
			`.then(token => dispatch(authLoggedIn(token)))`
			`.then(({ access_token }) => dispatch(verifyCredentials(access_token, baseURL)))`
Standalone: add external accounts, refresh on logout 2021-08-30 16:41:05 -07:00			`.then(account => dispatch(switchAccount(account.id)))`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00			`.then(() => window.location.href = '/');`
			`};`
			`}`