pleroma/app/soapbox/actions/external_auth.ts

141 lines
4.9 KiB
TypeScript
Raw Normal View History

/**
* External Auth: workflow for logging in to remote servers.
* @module soapbox/actions/external_auth
* @see module:soapbox/actions/auth
* @see module:soapbox/actions/apps
* @see module:soapbox/actions/oauth
*/
import { createApp } from 'soapbox/actions/apps';
import { authLoggedIn, verifyCredentials, switchAccount } from 'soapbox/actions/auth';
import { obtainOAuthToken } from 'soapbox/actions/oauth';
2022-03-16 20:44:30 -07:00
import { normalizeInstance } from 'soapbox/normalizers';
import { parseBaseURL } from 'soapbox/utils/auth';
import sourceCode from 'soapbox/utils/code';
import { getWalletAndSign } from 'soapbox/utils/ethereum';
import { getFeatures } from 'soapbox/utils/features';
2022-02-10 14:33:28 -08:00
import { getQuirks } from 'soapbox/utils/quirks';
2022-01-10 14:01:24 -08:00
import { baseClient } from '../api';
import type { AppDispatch } from 'soapbox/store';
import type { Instance } from 'soapbox/types/entities';
const fetchExternalInstance = (baseURL?: string) => {
2021-08-22 17:13:09 -07:00
return baseClient(null, baseURL)
.get('/api/v1/instance')
2022-03-16 20:44:30 -07:00
.then(({ data: instance }) => normalizeInstance(instance))
.catch(error => {
if (error.response?.status === 401) {
// Authenticated fetch is enabled.
// Continue with a limited featureset.
2022-03-16 20:44:30 -07:00
return normalizeInstance({});
} else {
throw error;
}
});
2021-08-22 17:13:09 -07:00
};
const createExternalApp = (instance: Instance, baseURL?: string) =>
(dispatch: AppDispatch) => {
// Mitra: skip creating the auth app
if (getQuirks(instance).noApps) return new Promise(f => f({}));
2022-02-10 14:33:28 -08:00
const { scopes } = getFeatures(instance);
const params = {
client_name: sourceCode.displayName,
2022-04-19 12:37:48 -07:00
redirect_uris: `${window.location.origin}/login/external`,
2022-02-10 14:33:28 -08:00
website: sourceCode.homepage,
scopes,
};
return dispatch(createApp(params, baseURL));
};
const externalAuthorize = (instance: Instance, baseURL: string) =>
(dispatch: AppDispatch) => {
2022-02-10 14:33:28 -08:00
const { scopes } = getFeatures(instance);
return dispatch(createExternalApp(instance, baseURL)).then((app) => {
const { client_id, redirect_uri } = app as Record<string, string>;
2022-02-10 14:33:28 -08:00
const query = new URLSearchParams({
client_id,
redirect_uri,
response_type: 'code',
scope: scopes,
});
localStorage.setItem('soapbox:external:app', JSON.stringify(app));
localStorage.setItem('soapbox:external:baseurl', baseURL);
localStorage.setItem('soapbox:external:scopes', scopes);
window.location.href = `${baseURL}/oauth/authorize?${query.toString()}`;
});
};
const externalEthereumLogin = (instance: Instance, baseURL?: string) =>
(dispatch: AppDispatch) => {
const loginMessage = instance.login_message;
return getWalletAndSign(loginMessage).then(({ wallet, signature }) => {
return dispatch(createExternalApp(instance, baseURL)).then((app) => {
const { client_id, client_secret } = app as Record<string, string>;
const params = {
grant_type: 'ethereum',
wallet_address: wallet.toLowerCase(),
client_id: client_id,
client_secret: client_secret,
password: signature as string,
redirect_uri: 'urn:ietf:wg:oauth:2.0:oob',
scope: getFeatures(instance).scopes,
};
return dispatch(obtainOAuthToken(params, baseURL))
.then((token: Record<string, string | number>) => dispatch(authLoggedIn(token)))
.then(({ access_token }: any) => dispatch(verifyCredentials(access_token, baseURL)))
.then((account: { id: string }) => dispatch(switchAccount(account.id)))
.then(() => window.location.href = '/');
});
});
2022-02-10 14:33:28 -08:00
};
export const externalLogin = (host: string) =>
(dispatch: AppDispatch) => {
const baseURL = parseBaseURL(host) || parseBaseURL(`https://${host}`);
return fetchExternalInstance(baseURL).then((instance) => {
2022-02-10 14:33:28 -08:00
const features = getFeatures(instance);
const quirks = getQuirks(instance);
if (features.ethereumLogin && quirks.noOAuthForm) {
dispatch(externalEthereumLogin(instance, baseURL));
2022-02-10 14:33:28 -08:00
} else {
dispatch(externalAuthorize(instance, baseURL));
2022-02-10 14:33:28 -08:00
}
});
};
export const loginWithCode = (code: string) =>
(dispatch: AppDispatch) => {
const { client_id, client_secret, redirect_uri } = JSON.parse(localStorage.getItem('soapbox:external:app')!);
const baseURL = localStorage.getItem('soapbox:external:baseurl')!;
const scope = localStorage.getItem('soapbox:external:scopes')!;
const params: Record<string, string> = {
client_id,
client_secret,
2021-08-22 12:46:40 -07:00
redirect_uri,
grant_type: 'authorization_code',
2021-08-22 15:13:01 -07:00
scope,
code,
};
return dispatch(obtainOAuthToken(params, baseURL))
.then((token: Record<string, string | number>) => dispatch(authLoggedIn(token)))
.then(({ access_token }: any) => dispatch(verifyCredentials(access_token as string, baseURL)))
.then((account: { id: string }) => dispatch(switchAccount(account.id)))
.then(() => window.location.href = '/');
};