-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathravel-github-oauth2-provider.js
More file actions
100 lines (87 loc) · 3.41 KB
/
ravel-github-oauth2-provider.js
File metadata and controls
100 lines (87 loc) · 3.41 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
'use strict';
const GitHubStrategy = require('passport-github').Strategy;
const GitHubApi = require('github');
const Ravel = require('ravel');
/**
* A Ravel AuthorizationProvider for GitHub OAuth2.0
*/
class GitHubOauth2Provider extends Ravel.AuthenticationProvider {
constructor(ravelInstance) {
super(ravelInstance);
this.github = new GitHubApi({
version: '3.0.0',
protocol: 'https',
host: 'api.github.com', // should be api.github.com for GitHub
timeout: 5000,
headers: {
'user-agent': 'raveljs' // GitHub is happy with a unique user agent
}
});
ravelInstance.registerParameter('github auth callback url', true, 'http://localhost:8080');
ravelInstance.registerParameter('github auth path', true, '/auth/github');
ravelInstance.registerParameter('github auth callback path', true, '/auth/github/callback');
ravelInstance.registerParameter('github client id', true);
ravelInstance.registerParameter('github client secret', true);
ravelInstance.registerParameter('github scope', false, '');
}
get name() {
return 'github-oauth2';
}
/**
* Initialize passport.js with a strategy
*
* @param koaRouter {Object} An koa-router instance
* @param passport {Object} A passport.js object
* @param verify {Function} See passport-github Strategy verify callback.
* Should be function(accessToken, refreshToken, profile)
* which returns a Promise which resolves with the profile
*/
init(app, passport, verify) {
passport.use(new GitHubStrategy({
clientID: this.ravelInstance.get('github client id'),
clientSecret: this.ravelInstance.get('github client secret'),
callbackURL: `${this.ravelInstance.get('github auth callback url')}${this.ravelInstance.get('github auth callback path')}`,
scope: this.ravelInstance.get('github scope')
}, verify));
app.get(this.ravelInstance.get('github auth path'), passport.authenticate('github'));
app.get(this.ravelInstance.get('github auth callback path'),
passport.authenticate('github', {
failureRedirect: this.ravelInstance.get('login route'),
successRedirect: this.ravelInstance.get('app route')
})
);
}
/**
* Does this authorization provider handle the given client type?
*
* @param client {String} A client type, such as github-oauth2
* @return {Boolean} true iff this provider handles the given client
*/
handlesClient(client) {
return client === 'github-oauth2';
}
/**
* Transform a credential for an auth'd user into a user profile, iff the
* credential is valid for this application.
*
* @param credential {String} A credential
* @param client {String} A client type, such as github-oauth2
* @return {Promise} resolves with user profile iff the credential is valid for this application, rejects otherwise
*/
credentialToProfile(credential, client) {
return new Promise((resolve, reject) => {
if (client === 'github-oauth2') {
this.github.authenticate({
type: 'oauth',
token: credential
});
this.github.user.get({}, (err, result) => {
if (err) { reject(err); } else { resolve(result); }
});
} else {
reject(new this.ApplicationError.IllegalValue(`github-oauth2 provider cannot handle client ${client}`));
}
});
};
}
module.exports = GitHubOauth2Provider;