pleroma/packages/pl-fe/src/actions/external-auth.ts

/**
 * External Auth: workflow for logging in to remote servers.
 * @module pl-fe/actions/external_auth
 * @see module:pl-fe/actions/auth
 * @see module:pl-fe/actions/apps
 * @see module:pl-fe/actions/oauth
 */

import { instanceSchema, PlApiClient, type Instance } from 'pl-api';

import { createApp } from 'pl-fe/actions/apps';
import { authLoggedIn, verifyCredentials, switchAccount } from 'pl-fe/actions/auth';
import { obtainOAuthToken } from 'pl-fe/actions/oauth';
import { parseBaseURL } from 'pl-fe/utils/auth';
import sourceCode from 'pl-fe/utils/code';
import { getQuirks } from 'pl-fe/utils/quirks';
import { getInstanceScopes } from 'pl-fe/utils/scopes';

import type { AppDispatch } from 'pl-fe/store';

const fetchExternalInstance = (baseURL: string) =>
  (new PlApiClient(baseURL)).instance.getInstance()
    .then(instance => instance)
    .catch(error => {
      if (error.response?.status === 401) {
        // Authenticated fetch is enabled.
        // Continue with a limited featureset.
        return instanceSchema.parse({});
      } else {
        throw error;
      }
    });

const createExternalApp = (instance: Instance, baseURL?: string) =>
  (dispatch: AppDispatch) => {
    // Mitra: skip creating the auth app
    if (getQuirks(instance).noApps) return new Promise(f => f({}));

    const params = {
      client_name: `${sourceCode.displayName} (${new URL(window.origin).host})`,
      redirect_uris: `${window.location.origin}/login/external`,
      website: sourceCode.homepage,
      scopes: getInstanceScopes(instance),
    };

    return dispatch(createApp(params, baseURL));
  };

const externalAuthorize = (instance: Instance, baseURL: string) =>
  (dispatch: AppDispatch) => {
    const scopes = getInstanceScopes(instance);

    return dispatch(createExternalApp(instance, baseURL)).then((app) => {
      const { client_id, redirect_uri } = app as Record<string, string>;

      const query = new URLSearchParams({
        client_id,
        redirect_uri,
        response_type: 'code',
        scope: scopes,
      });

      localStorage.setItem('plfe:external:app', JSON.stringify(app));
      localStorage.setItem('plfe:external:baseurl', baseURL);
      localStorage.setItem('plfe:external:scopes', scopes);

      window.location.href = `${baseURL}/oauth/authorize?${query.toString()}`;
    });
  };

const externalLogin = (host: string) =>
  (dispatch: AppDispatch) => {
    const baseURL = parseBaseURL(host) || parseBaseURL(`https://${host}`);

    return fetchExternalInstance(baseURL).then((instance) => {
      dispatch(externalAuthorize(instance, baseURL));
    });
  };

const loginWithCode = (code: string) =>
  (dispatch: AppDispatch) => {
    const { client_id, client_secret, redirect_uri } = JSON.parse(localStorage.getItem('plfe:external:app')!);
    const baseURL = localStorage.getItem('plfe:external:baseurl')!;
    const scope = localStorage.getItem('plfe:external:scopes')!;

    const params = {
      client_id,
      client_secret,
      redirect_uri,
      grant_type: 'authorization_code',
      scope,
      code,
    };

    return dispatch(obtainOAuthToken(params, baseURL))
      .then((token) => dispatch(authLoggedIn(token)))
      .then(({ access_token }) => dispatch(verifyCredentials(access_token as string, baseURL)))
      .then((account) => dispatch(switchAccount(account.id)))
      .then(() => window.location.href = '/');
  };

export {
  externalLogin,
  loginWithCode,
};
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00			`/**`
			`* External Auth: workflow for logging in to remote servers.`
Call it pl-fe internally Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-08-28 04:41:08 -07:00			`* @module pl-fe/actions/external_auth`
			`* @see module:pl-fe/actions/auth`
			`* @see module:pl-fe/actions/apps`
			`* @see module:pl-fe/actions/oauth`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00			`*/`

Migrate to external library for interacting with API Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-08-06 10:52:36 -07:00			`import { instanceSchema, PlApiClient, type Instance } from 'pl-api';`
Migrate to external library for interacting with API Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-08-04 07:09:52 -07:00
Call it pl-fe internally Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-08-28 04:41:08 -07:00			`import { createApp } from 'pl-fe/actions/apps';`
			`import { authLoggedIn, verifyCredentials, switchAccount } from 'pl-fe/actions/auth';`
			`import { obtainOAuthToken } from 'pl-fe/actions/oauth';`
			`import { parseBaseURL } from 'pl-fe/utils/auth';`
			`import sourceCode from 'pl-fe/utils/code';`
			`import { getQuirks } from 'pl-fe/utils/quirks';`
			`import { getInstanceScopes } from 'pl-fe/utils/scopes';`
eslint: enforce gaps between groups with import/order 2022-01-10 14:25:06 -08:00
Call it pl-fe internally Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-08-28 04:41:08 -07:00			`import type { AppDispatch } from 'pl-fe/store';`
TypeScript: actions Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2022-06-10 10:56:22 -07:00
Migrate to external library for interacting with API Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-08-04 07:09:52 -07:00			`const fetchExternalInstance = (baseURL: string) =>`
Actually fix standalone mode Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-08-19 12:51:43 -07:00			`(new PlApiClient(baseURL)).instance.getInstance()`
Migrate to external library for interacting with API Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-08-04 07:09:52 -07:00			`.then(instance => instance)`
Standalone: fallback to limited featureset when authenticated fetch is enabled 2021-08-31 09:02:43 -07:00			`.catch(error => {`
Rewrite code with optional chaining (?.) 2022-02-18 18:04:03 -08:00			`if (error.response?.status === 401) {`
Standalone: fallback to limited featureset when authenticated fetch is enabled 2021-08-31 09:02:43 -07:00			`// Authenticated fetch is enabled.`
			`// Continue with a limited featureset.`
Convert instance to use zod 2023-09-23 18:41:24 -07:00			`return instanceSchema.parse({});`
Standalone: fallback to limited featureset when authenticated fetch is enabled 2021-08-31 09:02:43 -07:00			`} else {`
			`throw error;`
			`}`
			`});`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00
TypeScript: actions Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2022-06-10 10:56:22 -07:00			`const createExternalApp = (instance: Instance, baseURL?: string) =>`
WIP pl-api migration Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-08-11 01:48:58 -07:00			`(dispatch: AppDispatch) => {`
Support only external Ethereum auth for now 2022-02-10 17:34:23 -08:00			`// Mitra: skip creating the auth app`
			`if (getQuirks(instance).noApps) return new Promise(f => f({}));`

Support Ethereum external login 2022-02-10 14:33:28 -08:00			`const params = {`
Include domain in client name Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-08-29 15:22:14 -07:00			client_name: `${sourceCode.displayName} (${new URL(window.origin).host})`,
Redirect all /auth routes 2022-04-19 12:37:48 -07:00			redirect_uris: `${window.location.origin}/login/external`,
Remove features.scopes, move to a getScopes function 2023-01-13 16:42:41 -08:00			`website: sourceCode.homepage,`
Fix external login scopes 2023-01-25 14:32:59 -08:00			`scopes: getInstanceScopes(instance),`
Support Ethereum external login 2022-02-10 14:33:28 -08:00			`};`

			`return dispatch(createApp(params, baseURL));`
			`};`

TypeScript: actions Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2022-06-10 10:56:22 -07:00			`const externalAuthorize = (instance: Instance, baseURL: string) =>`
WIP pl-api migration Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-08-11 01:48:58 -07:00			`(dispatch: AppDispatch) => {`
Fix external login scopes 2023-01-25 14:32:59 -08:00			`const scopes = getInstanceScopes(instance);`
Support Ethereum external login 2022-02-10 14:33:28 -08:00
TypeScript: actions Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2022-06-10 10:56:22 -07:00			`return dispatch(createExternalApp(instance, baseURL)).then((app) => {`
			`const { client_id, redirect_uri } = app as Record<string, string>;`
Support Ethereum external login 2022-02-10 14:33:28 -08:00
			`const query = new URLSearchParams({`
			`client_id,`
			`redirect_uri,`
			`response_type: 'code',`
			`scope: scopes,`
			`});`

Replace axios with fetch Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-05-11 14:37:37 -07:00			`localStorage.setItem('plfe:external:app', JSON.stringify(app));`
			`localStorage.setItem('plfe:external:baseurl', baseURL);`
			`localStorage.setItem('plfe:external:scopes', scopes);`
Support Ethereum external login 2022-02-10 14:33:28 -08:00
			window.location.href = `${baseURL}/oauth/authorize?${query.toString()}`;
			`});`
			`};`

Arrow functions and so Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-05-12 16:18:04 -07:00			`const externalLogin = (host: string) =>`
TypeScript: actions Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2022-06-10 10:56:22 -07:00			`(dispatch: AppDispatch) => {`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00			const baseURL = parseBaseURL(host) \|\| parseBaseURL(`https://${host}`);

TypeScript: actions Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2022-06-10 10:56:22 -07:00			`return fetchExternalInstance(baseURL).then((instance) => {`
Remove support for Ethereum signin 2023-09-20 14:09:22 -07:00			`dispatch(externalAuthorize(instance, baseURL));`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00			`});`
			`};`

Arrow functions and so Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-05-12 16:18:04 -07:00			`const loginWithCode = (code: string) =>`
TypeScript: actions Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2022-06-10 10:56:22 -07:00			`(dispatch: AppDispatch) => {`
Replace axios with fetch Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-05-11 14:37:37 -07:00			`const { client_id, client_secret, redirect_uri } = JSON.parse(localStorage.getItem('plfe:external:app')!);`
			`const baseURL = localStorage.getItem('plfe:external:baseurl')!;`
WIP pl-api migration Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-08-11 01:48:58 -07:00			`const scope = localStorage.getItem('plfe:external:scopes')!;`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00
Migrate to external library for interacting with API Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-08-06 10:52:36 -07:00			`const params = {`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00			`client_id,`
			`client_secret,`
Standalone: fix auth with Mastodon 2021-08-22 12:46:40 -07:00			`redirect_uri,`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00			`grant_type: 'authorization_code',`
Standalone: fix token scope request 2021-08-22 15:13:01 -07:00			`scope,`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00			`code,`
			`};`

			`return dispatch(obtainOAuthToken(params, baseURL))`
Migrate to external library for interacting with API Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-08-06 10:52:36 -07:00			`.then((token) => dispatch(authLoggedIn(token)))`
			`.then(({ access_token }) => dispatch(verifyCredentials(access_token as string, baseURL)))`
			`.then((account) => dispatch(switchAccount(account.id)))`
Standalone: support running Soapbox FE on a subdomain 2021-08-22 12:34:58 -07:00			`.then(() => window.location.href = '/');`
			`};`
Arrow functions and so Signed-off-by: marcin mikołajczak <git@mkljczk.pl> 2024-05-12 16:18:04 -07:00
			`export {`
			`externalLogin,`
			`loginWithCode,`
			`};`