another push of Core Connect to Core

3 years ago · 8574f655fe
9 changed files with 59 additions and 18 deletions
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@ -14,7 +14,7 @@
      "program": "${workspaceFolder:dtp-base}/dtp-webapp.js",
      "console": "integratedTerminal",
      "env": {
-        "HTTP_BIND_PORT": "3333"
+        "HTTP_BIND_PORT": "3310"
      }
    },
    {
--- a/app/controllers/welcome.js
+++ b/app/controllers/welcome.js
@ -28,6 +28,7 @@ class WelcomeController extends SiteController {
    const router = express.Router();
    this.dtp.app.use('/welcome', welcomeLimiter, router);

+    router.get('/core-member', this.getWelcomeCoreMember.bind(this));
    router.get('/signup/captcha', this.getSignupCaptcha.bind(this));
    router.get('/signup', this.getSignupView.bind(this));
    router.get('/login', this.getLoginView.bind(this));
@ -36,6 +37,10 @@ class WelcomeController extends SiteController {
    return router;
  }

+  async getWelcomeCoreMember (req, res) {
+    res.render('welcome/core-member');
+  }
+
  async getSignupCaptcha (req, res) {
    const signupCaptcha = captcha(req.session.captcha.signup, {
      color: false,
--- a/app/models/oauth2-authorization-code.js
+++ b/app/models/oauth2-authorization-code.js
@ -11,7 +11,7 @@ const Schema = mongoose.Schema;
 const OAuth2AuthorizationCodeSchema = new Schema({
  code: { type: String, required: true, index: 1 },
  clientId: { type: Schema.ObjectId, required: true, index: 1 },
-  redirectURI: { type: String, required: true },
+  redirectUri: { type: String, required: true },
  user: { type: Schema.ObjectId, required: true, index: 1 },
  scope: { type: [String], required: true },
 });  
--- a/app/models/oauth2-client.js
+++ b/app/models/oauth2-client.js
@ -14,12 +14,13 @@ const OAuth2ClientSchema = new Schema({
  site: {
    name: { type: String, required: true },
    description: { type: String, required: true },
-    domain: { type: String, required: true },
-    domainKey: { type: String, required: true },
+    domain: { type: String, required: true, index: 1 },
+    domainKey: { type: String, required: true, index: 1 },
    company: { type: String, required: true },
  },
  secret: { type: String, required: true },
-  redirectURI: { type: String, required: true },
+  scopes: { type: [String], required: true },
+  redirectUri: { type: String, required: true },
 });

 module.exports = mongoose.model('OAuth2Client', OAuth2ClientSchema);
--- a/app/services/oauth2.js
+++ b/app/services/oauth2.js
@ -91,29 +91,29 @@ class OAuth2Service extends SiteService {
    res.render('oauth2/authorize-dialog');
  }

-  async processAuthorize (clientID, redirectURI, done) {
+  async processAuthorize (clientID, redirectUri, done) {
    try {
      const client = await OAuth2Client.findOne({ clientID });
      if (!client) {
        return done(null, false);
      }
-      if (client.redirectUri !== redirectURI) {
+      if (client.redirectUri !== redirectUri) {
        return done(null, false);
      }
-      return done(null, client, client.redirectURI);
+      return done(null, client, client.redirectUri);
    } catch (error) {
      this.log.error('failed to process OAuth2 authorize', { error });
      return done(error);
    }
  }

-  async processGrant (client, redirectURI, user, ares, done) {
+  async processGrant (client, redirectUri, user, ares, done) {
    try {
      var code = uuidv4();
      var ac = new OAuth2AuthorizationCode({
        code,
        clientId: client.id,
-        redirectURI,
+        redirectUri,
        user: user.id,
        scope: ares.scope,
      });
@ -125,13 +125,13 @@ class OAuth2Service extends SiteService {
    }
  }

-  async processExchange (client, code, redirectURI, done) {
+  async processExchange (client, code, redirectUri, done) {
    try {
      const ac = await OAuth2AuthorizationCode.findOne({ code });
      if (client.id !== ac.clientId) {
        return done(null, false);
      }
-      if (redirectURI !== ac.redirectUri) {
+      if (redirectUri !== ac.redirectUri) {
        return done(null, false);
      }
    
@ -172,7 +172,8 @@ class OAuth2Service extends SiteService {
    client.site.company = striptags(clientDefinition.company);

    client.secret = generatePassword(PASSWORD_LEN, false);
-    client.redirectURI = clientDefinition.redirectURI;
+    client.scopes = clientDefinition.coreAuth.redirectUri.map((scope) => striptags(scope));
+    client.redirectUri = striptags(clientDefinition.coreAuth.redirectUri);

    await client.save();

@ -191,6 +192,20 @@ class OAuth2Service extends SiteService {
      .lean();
    return client;
  }
+
+  async getClientByDomain (domain) {
+    const client = await OAuth2Client
+      .findOne({ 'site.domain': domain })
+      .lean();
+    return client;
+  }
+
+  async getClientByDomainKey (domainKey) {
+    const client = await OAuth2Client
+      .findOne({ 'site.domainKey': domainKey })
+      .lean();
+    return client;
+  }
 }

 module.exports = {
--- a/app/views/admin/core-node/connect.pug
+++ b/app/views/admin/core-node/connect.pug
@ -18,7 +18,7 @@ block content

        .uk-margin
          label.uk-form-label Site Information
-          textarea(style="font-family: Courier New, fixed; font-size: 12px;", rows= 7, disabled).uk-textarea= JSON.stringify(site, null, 2)
+          textarea(style="font-family: Courier New, fixed; font-size: 12px;", rows= 10, disabled).uk-textarea= JSON.stringify(site, null, 2)

        .uk-margin
          label(for="host").uk-form-label Core Host
--- a/app/views/welcome/core-member.pug
+++ b/app/views/welcome/core-member.pug
@ -0,0 +1,8 @@
+extends ../layouts/main
+block content
+
+  section.uk-section.uk-section-default
+    .uk-container
+      h1 Thank You For Joining!
+      p #{site.name} is happy to provide our services to your community.
+      a(href="/").uk-button.uk-button-default Home
--- a/app/views/welcome/index.pug
+++ b/app/views/welcome/index.pug
@ -11,7 +11,15 @@ block content

      .uk-margin-medium-top
        div(uk-grid).uk-flex-center
-          .uk-width-auto
-            a(href="/welcome/signup").uk-button.dtp-button-primary Create Account
-          .uk-width-auto
-            a(href="/welcome/login").uk-button.dtp-button-secondary Sign In
+          div(class="uk-width-1-1 uk-width-1-3@m")
+            .uk-margin-small
+              a(href="/auth/core").uk-button.dtp-button-primary.uk-border-rounded DTP Connect
+            .uk-text-small Connect using DTP Core
+          div(class="uk-width-1-1 uk-width-1-3@m")
+            .uk-margin-small
+              a(href="/welcome/signup").uk-button.dtp-button-secondary.uk-border-rounded Create Account
+            .uk-text-small Create a local account
+          div(class="uk-width-1-1 uk-width-1-3@m")
+            .uk-margin-small
+              a(href="/welcome/login").uk-button.dtp-button-secondary.uk-border-rounded Sign In
+            .uk-text-small Log in with your local account
--- a/config/site.js
+++ b/config/site.js
@ -10,4 +10,8 @@ module.exports = {
  domain: process.env.DTP_SITE_DOMAIN,
  domainKey: process.env.DTP_SITE_DOMAIN_KEY,
  company: process.env.DTP_SITE_COMPANY || 'Digital Telepresence, LLC',
+  coreAuth: {
+    scopes: ['account-read', 'event-write'],
+    redirectUri: '/auth/core/callback',
+  },
 };