Merge pull request #537 from simply-alliv/social-routes

feat: implement social routes

Author: simply-alliv

package-lock.json

@@ -30,17 +30,20 @@
   },
   "homepage": "https://github.com/microapidev/auth-microapi#readme",
   "dependencies": {
+    "axios": "^0.19.2",
     "bcrypt": "^5.0.0",
     "bcryptjs": "^2.4.3",
     "cors": "^2.8.5",
     "cross-env": "^7.0.2",
     "debug": "^4.1.1",
     "dotenv": "^8.2.0",
     "express": "^4.17.1",
-    "express-jwt": "^6.0.0",
+    "express-jwt": "^5.3.3",
     "express-validator": "^6.6.1",
+    "googleapis": "^58.0.0",
     "jsonwebtoken": "^8.5.1",
     "mongoose": "^5.9.27",
+    "oauth": "^0.9.15",
     "swagger-jsdoc": "^4.0.0",
     "swagger-ui-express": "^4.1.4"
   },

package.json

@@ -0,0 +1,3 @@
+import * as socialControllers from "./socialControllers";
+
+export { socialControllers };

src/controllers/index.js

@@ -0,0 +1,251 @@
+import url from "url";
+import { InternalServerError } from "../utils/customError";
+import responseHandler from "../utils/responseHandler";
+import {
+  FacebookService,
+  GitHubService,
+  GoogleService,
+  TwitterService,
+} from "../services";
+
+/**
+ * Controller responsible for returning an authentication URL for the client
+ * to initiate the Facebook's authentication flow.
+ */
+export const facebookController = (req, res, next) => {
+  try {
+    const facebookService = new FacebookService();
+    facebookService.authenticate(req.provider, req.socialCallback);
+    const authenticationUrl = facebookService.getAuthenticationUrl();
+
+    responseHandler(res, 200, { authenticationUrl });
+  } catch (error) {
+    next(new InternalServerError(error));
+  }
+};
+
+/**
+ * Controller responsible for returning an authentication URL for the client
+ * to initiate the GitHub's authentication flow.
+ */
+export const githubController = (req, res, next) => {
+  try {
+    const githubService = new GitHubService();
+    githubService.authenticate(req.provider, req.socialCallback);
+    const authenticationUrl = githubService.getAuthenticationUrl();
+
+    responseHandler(res, 200, { authenticationUrl });
+  } catch (error) {
+    next(new InternalServerError(error));
+  }
+};
+
+/**
+ * Controller responsible for returning an authentication URL for the client
+ * to initiate the Google's authentication flow.
+ */
+export const googleController = (req, res, next) => {
+  try {
+    const googleService = new GoogleService();
+    googleService.authenticate(req.provider, req.socialCallback);
+    const authenticationUrl = googleService.getAuthenticationUrl();
+
+    responseHandler(res, 200, { authenticationUrl });
+  } catch (error) {
+    next(new InternalServerError(error));
+  }
+};
+
+/**
+ * Controller responsible for returning an authentication URL for the client
+ * to initiate the Twitter's authentication flow.
+ */
+export const twitterController = async (req, res, next) => {
+  try {
+    const twitterService = new TwitterService();
+    twitterService.authenticate(req.provider, req.socialCallback);
+    const authenticationUrl = await twitterService.getAuthenticationUrl();
+
+    responseHandler(res, 200, { authenticationUrl });
+  } catch (error) {
+    next(new InternalServerError(error));
+  }
+};
+
+/**
+ * Controller responsible for handling the callback from Facebook's authentication flow and
+ * returning the user data to the client via a redirect to the client's provided
+ * socialCallback.
+ */
+export const facebookCallbackController = async (req, res, next) => {
+  try {
+    // The state contains the client ID.
+    const { state, code } = req.query;
+    const facebookService = new FacebookService();
+    const { profile, socialCallback } = await facebookService.getData(
+      state.toString(),
+      code
+    );
+
+    let redirectUrl;
+
+    if (profile && profile.facebookId) {
+      redirectUrl = url.format({
+        pathname: socialCallback,
+        query: {
+          success: true,
+          id: profile.facebookId,
+          isVerified: profile.isVerified,
+          firstname: profile.firstname,
+          lastname: profile.lastname,
+          username: profile.username,
+          email: profile.email,
+          photo: profile.photo,
+        },
+      });
+    } else {
+      redirectUrl = url.format({
+        pathname: socialCallback,
+        query: { success: false },
+      });
+    }
+
+    res.redirect(redirectUrl);
+  } catch (error) {
+    next(new InternalServerError(error));
+  }
+};
+
+/**
+ * Controller responsible for handling the callback from GitHub's authentication flow and
+ * returning the user data to the client via a redirect to the client's provided
+ * socialCallback.
+ */
+export const githubCallbackController = async (req, res, next) => {
+  try {
+    // The state contains the client ID.
+    const { state, code } = req.query;
+    const githubService = new GitHubService();
+    const { profile, socialCallback } = await githubService.getData(
+      state.toString(),
+      code
+    );
+
+    let redirectUrl;
+
+    if (profile && profile.githubId) {
+      redirectUrl = url.format({
+        pathname: socialCallback,
+        query: {
+          success: true,
+          id: profile.githubId,
+          isVerified: profile.isVerified,
+          firstname: profile.firstname,
+          lastname: profile.lastname,
+          username: profile.username,
+          email: profile.email,
+          photo: profile.photo,
+        },
+      });
+    } else {
+      redirectUrl = url.format({
+        pathname: socialCallback,
+        query: { success: false },
+      });
+    }
+
+    res.redirect(redirectUrl);
+  } catch (error) {
+    next(new InternalServerError(error));
+  }
+};
+
+/**
+ * Controller responsible for handling the callback from Google's authentication flow and
+ * returning the user data to the client via a redirect to the client's provided
+ * socialCallback.
+ */
+export const googleCallbackController = async (req, res, next) => {
+  try {
+    // The state contains the client ID.
+    const { state, code } = req.query;
+
+    const googleService = new GoogleService();
+    const { profile, socialCallback } = await googleService.getData(
+      state.toString(),
+      code
+    );
+
+    let redirectUrl;
+
+    if (profile && profile.googleId) {
+      redirectUrl = url.format({
+        pathname: socialCallback,
+        query: {
+          success: true,
+          id: profile.googleId,
+          isVerified: profile.isVerified,
+          firstname: profile.firstname,
+          lastname: profile.lastname,
+          username: profile.username,
+          email: profile.email,
+          photo: profile.photo,
+        },
+      });
+    } else {
+      redirectUrl = url.format({
+        pathname: socialCallback,
+        query: { success: false },
+      });
+    }
+
+    res.redirect(redirectUrl);
+  } catch (error) {
+    next(new InternalServerError(error));
+  }
+};
+
+/**
+ * Controller responsible for handling the callback from Twitter's authentication flow and
+ * returning the user data to the client via a redirect to the client's provided
+ * socialCallback.
+ */
+export const twitterCallbackController = async (req, res, next) => {
+  try {
+    // The state contains the client ID.
+    const { oauth_token, oauth_verifier } = req.query;
+
+    const twitterService = new TwitterService();
+    const { profile, socialCallback } = await twitterService.getData(
+      oauth_token.toString(),
+      oauth_verifier.toString()
+    );
+
+    let redirectUrl;
+
+    if (profile && profile.twitterId) {
+      redirectUrl = url.format({
+        pathname: socialCallback,
+        query: {
+          success: true,
+          id: profile.twitterId,
+          isVerified: profile.isVerified,
+          firstname: profile.firstname,
+          lastname: profile.lastname,
+          username: profile.username,
+          email: profile.email,
+          photo: profile.photo,
+        },
+      });
+    } else {
+      redirectUrl = url.format({
+        pathname: socialCallback,
+        query: { success: false },
+      });
+    }
+
+    res.redirect(redirectUrl);
+  } catch (error) {
+    next(new InternalServerError(error));
+  }
+};

src/controllers/socialControllers.js

@@ -2,7 +2,7 @@ import express from "express";
 import cors from "cors";
 import CustomError from "./utils/customError";
 import errorHandler from "./utils/errorhandler";
-import { docRouter } from "./routes";
+import { docRouter, socialRouter } from "./routes";
 
 // create express app
 const app = express();
@@ -16,6 +16,7 @@ app.use(express.urlencoded({ extended: true }));
 
 // docuementation routes
 app.use("/", docRouter);
+app.use("/social", socialRouter);
 
 // routes not found go here
 app.all("*", (req, res, next) => {

src/index.js

@@ -0,0 +1,29 @@
+paths:
+  # Endpoint to authenticate a Facebook user
+  /social/facebook:
+    # GET operation
+    get:
+      tags:
+        - providers
+
+      summary: Authenticates with Facebook
+
+      responses:
+        "200":
+          description: Successful operation
+          schema:
+            type: object
+            properties:
+              status:
+                type: string
+                example: success
+              data:
+                type: object
+                properties:
+                  authenticationUrl:
+                    type: string
+                    example: https://www.facebook.com/v4.0/dialog/oauth
+        "400":
+          description: Invalid body supplied
+          schema:
+            $ref: "#/definitions/BadRequest"

src/jsdocs/providers/facebook.yaml

@@ -0,0 +1,29 @@
+paths:
+  # Endpoint to authenticate a GitHub user
+  /social/github:
+    # GET operation
+    get:
+      tags:
+        - providers
+
+      summary: Authenticates with GitHub
+
+      responses:
+        "200":
+          description: Successful operation
+          schema:
+            type: object
+            properties:
+              status:
+                type: string
+                example: success
+              data:
+                type: object
+                properties:
+                  authenticationUrl:
+                    type: string
+                    example: https://github.com/login/oauth/authorize
+        "400":
+          description: Invalid body supplied
+          schema:
+            $ref: "#/definitions/BadRequest"

src/jsdocs/providers/github.yaml

@@ -1,16 +1,13 @@
 paths:
-  # Endpoint to authenticate a user
-  /google:
+  # Endpoint to authenticate a Google user
+  /social/google:
     # GET operation
     get:
       tags:
         - providers
 
       summary: Authenticates with Google
 
-      security:
-        - AdminToken: []
-
       responses:
         "200":
           description: Successful operation
@@ -23,7 +20,7 @@ paths:
               data:
                 type: object
                 properties:
-                  redirectUrl:
+                  authenticationUrl:
                     type: string
                     example: https://accounts.google.com/o/oauth2/v2/auth/oauthchooseaccount
         "400":