Press n or j to go to the next uncovered block, b, p or k for the previous block.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 | /** * googleAuth utility */ module.exports = function(config) { 'use strict' const auth = require('./auth') const { google: googleApis } = require('googleapis') const debug = require('debug')('crowi:lib:googleAuth') const lib = {} lib.PROVIDER = 'google' function createOauth2Client() { const clientId = config.crowi['google:clientId'] const clientSecret = config.crowi['google:clientSecret'] const callbackUrl = config.crowi['app:url'] + '/google/callback' return new googleApis.auth.OAuth2(clientId, clientSecret, callbackUrl) } lib.createAuthUrl = function(req, callback) { const oauth2Client = createOauth2Client() googleApis.options({ auth: oauth2Client }) const redirectUrl = oauth2Client.generateAuthUrl({ access_type: 'offline', scope: ['profile', 'email'], state: req.query.continue, prompt: 'consent', }) callback(null, redirectUrl) } lib.refreshAccessToken = async tokens => { const oauth2Client = createOauth2Client() googleApis.options({ auth: oauth2Client }) oauth2Client.setCredentials({ access_token: tokens.accessToken, refresh_token: tokens.refreshToken }) const { res: { data: { access_token: accessToken, refresh_token: refreshToken, expiry_date: expiryDate }, }, } = await oauth2Client.refreshAccessToken() return { accessToken, refreshToken, expiryDate } } lib.reauth = async (id, { accessToken, refreshToken }) => { try { const tokens = await lib.refreshAccessToken({ accessToken, refreshToken }) const oauth2Client = createOauth2Client() googleApis.options({ auth: oauth2Client }) oauth2Client.setCredentials({ access_token: tokens.accessToken, refresh_token: tokens.refreshToken }) const { data: { user_id: userId }, } = await googleApis.oauth2('v2').tokeninfo({ access_token: tokens.accessToken }) const success = id === userId return { success, tokens } } catch (err) { debug('Error on reauthenticating', err) return { success: false } } } lib.handleCallback = function(req, callback) { const oauth2Client = createOauth2Client() googleApis.options({ auth: oauth2Client }) const { google = {} } = req.session const { authCode: code } = google if (!code) { return callback(new Error('No code exists.'), null) } debug('Request googleToken by auth code', code) oauth2Client.getToken(code, function(err, tokens) { debug('Result of google.getToken()', err, tokens) if (err) { return callback(new Error('[googleAuth.handleCallback] Error to get token.'), null) } oauth2Client.setCredentials({ access_token: tokens.access_token, }) const oauth2 = googleApis.oauth2('v2') oauth2.userinfo.get({}, function(err, response) { debug('Response of oauth2.userinfo.get', err, response && response.data) if (err) { return callback(new Error('[googleAuth.handleCallback] Error while proceccing userinfo.get.'), null) } const { access_token: accessToken, refresh_token: refreshToken, expiry_date: expiryDate } = tokens auth.saveTokenToSession(req, lib.PROVIDER, { accessToken, refreshToken, expiryDate }) const { data } = response data.user_id = data.id // This is for B.C. (tokeninfo をつかっている前提のコードに対してのもの) return callback(null, data) }) }) } return lib } |