chore(): Reorganize modules (#7210)

**What** Move all modules to the modules directory
2024-05-02 17:33:34 +02:00
parent 7a351eef09
commit 4eae25e1ef
870 changed files with 91 additions and 62 deletions
--- a/packages/modules/auth/src/providers/email-password.ts
+++ b/packages/modules/auth/src/providers/email-password.ts
@@ -0,0 +1,106 @@
+import { AuthenticationInput, AuthenticationResponse } from "@medusajs/types"
+import {
+  AbstractAuthModuleProvider,
+  MedusaError,
+  isString,
+} from "@medusajs/utils"
+
+import { AuthUserService } from "@services"
+import Scrypt from "scrypt-kdf"
+
+class EmailPasswordProvider extends AbstractAuthModuleProvider {
+  public static PROVIDER = "emailpass"
+  public static DISPLAY_NAME = "Email/Password Authentication"
+
+  protected readonly authUserSerivce_: AuthUserService
+
+  constructor({ authUserService }: { authUserService: AuthUserService }) {
+    super(arguments[0], {
+      provider: EmailPasswordProvider.PROVIDER,
+      displayName: EmailPasswordProvider.DISPLAY_NAME,
+    })
+
+    this.authUserSerivce_ = authUserService
+  }
+
+  private getHashConfig() {
+    const scopeConfig = this.scopeConfig_.hashConfig as
+      | Scrypt.ScryptParams
+      | undefined
+
+    const defaultHashConfig = { logN: 15, r: 8, p: 1 }
+
+    // Return custom defined hash config or default hash parameters
+    return scopeConfig ?? defaultHashConfig
+  }
+
+  async authenticate(
+    userData: AuthenticationInput
+  ): Promise<AuthenticationResponse> {
+    const { email, password } = userData.body
+
+    if (!password || !isString(password)) {
+      return {
+        success: false,
+        error: "Password should be a string",
+      }
+    }
+
+    if (!email || !isString(email)) {
+      return {
+        success: false,
+        error: "Email should be a string",
+      }
+    }
+    let authUser
+
+    try {
+      authUser = await this.authUserSerivce_.retrieveByProviderAndEntityId(
+        email,
+        EmailPasswordProvider.PROVIDER
+      )
+    } catch (error) {
+      if (error.type === MedusaError.Types.NOT_FOUND) {
+        const password_hash = await Scrypt.kdf(password, this.getHashConfig())
+
+        const [createdAuthUser] = await this.authUserSerivce_.create([
+          {
+            entity_id: email,
+            provider: EmailPasswordProvider.PROVIDER,
+            scope: this.scope_,
+            provider_metadata: {
+              password: password_hash.toString("base64"),
+            },
+          },
+        ])
+
+        return {
+          success: true,
+          authUser: JSON.parse(JSON.stringify(createdAuthUser)),
+        }
+      }
+      return { success: false, error: error.message }
+    }
+
+    const password_hash = authUser.provider_metadata?.password
+
+    if (isString(password_hash)) {
+      const buf = Buffer.from(password_hash as string, "base64")
+
+      const success = await Scrypt.verify(buf, password)
+
+      if (success) {
+        delete authUser.provider_metadata!.password
+
+        return { success, authUser: JSON.parse(JSON.stringify(authUser)) }
+      }
+    }
+
+    return {
+      success: false,
+      error: "Invalid email or password",
+    }
+  }
+}
+
+export default EmailPasswordProvider
--- a/packages/modules/auth/src/providers/google.ts
+++ b/packages/modules/auth/src/providers/google.ts
@@ -0,0 +1,223 @@
+import { AuthenticationInput, AuthenticationResponse } from "@medusajs/types"
+import { AbstractAuthModuleProvider, MedusaError } from "@medusajs/utils"
+import { AuthUserService } from "@services"
+import jwt, { JwtPayload } from "jsonwebtoken"
+
+import { AuthorizationCode } from "simple-oauth2"
+import url from "url"
+
+type InjectedDependencies = {
+  authUserService: AuthUserService
+}
+
+type ProviderConfig = {
+  clientID: string
+  clientSecret: string
+  callbackURL: string
+  successRedirectUrl?: string
+}
+
+class GoogleProvider extends AbstractAuthModuleProvider {
+  public static PROVIDER = "google"
+  public static DISPLAY_NAME = "Google Authentication"
+
+  protected readonly authUserService_: AuthUserService
+
+  constructor({ authUserService }: InjectedDependencies) {
+    super(arguments[0], {
+      provider: GoogleProvider.PROVIDER,
+      displayName: GoogleProvider.DISPLAY_NAME,
+    })
+
+    this.authUserService_ = authUserService
+  }
+
+  async authenticate(
+    req: AuthenticationInput
+  ): Promise<AuthenticationResponse> {
+    if (req.query?.error) {
+      return {
+        success: false,
+        error: `${req.query.error_description}, read more at: ${req.query.error_uri}`,
+      }
+    }
+
+    let config: ProviderConfig
+
+    try {
+      config = await this.getProviderConfig(req)
+    } catch (error) {
+      return { success: false, error: error.message }
+    }
+
+    return this.getRedirect(config)
+  }
+
+  async validateCallback(
+    req: AuthenticationInput
+  ): Promise<AuthenticationResponse> {
+    if (req.query && req.query.error) {
+      return {
+        success: false,
+        error: `${req.query.error_description}, read more at: ${req.query.error_uri}`,
+      }
+    }
+
+    let config: ProviderConfig
+
+    try {
+      config = await this.getProviderConfig(req)
+    } catch (error) {
+      return { success: false, error: error.message }
+    }
+
+    const code = req.query?.code ?? req.body?.code
+
+    return await this.validateCallbackToken(code, config)
+  }
+
+  // abstractable
+  async verify_(refreshToken: string) {
+    const jwtData = jwt.decode(refreshToken, {
+      complete: true,
+    }) as JwtPayload
+    const entity_id = jwtData.payload.email
+
+    let authUser
+
+    try {
+      authUser = await this.authUserService_.retrieveByProviderAndEntityId(
+        entity_id,
+        GoogleProvider.PROVIDER
+      )
+    } catch (error) {
+      if (error.type === MedusaError.Types.NOT_FOUND) {
+        const [createdAuthUser] = await this.authUserService_.create([
+          {
+            entity_id,
+            provider: GoogleProvider.PROVIDER,
+            user_metadata: jwtData!.payload,
+            scope: this.scope_,
+          },
+        ])
+        authUser = createdAuthUser
+      } else {
+        return { success: false, error: error.message }
+      }
+    }
+
+    return {
+      success: true,
+      authUser,
+    }
+  }
+
+  // abstractable
+  private async validateCallbackToken(
+    code: string,
+    { clientID, callbackURL, clientSecret }: ProviderConfig
+  ) {
+    const client = this.getAuthorizationCodeHandler({ clientID, clientSecret })
+
+    const tokenParams = {
+      code,
+      redirect_uri: callbackURL,
+    }
+
+    try {
+      const accessToken = await client.getToken(tokenParams)
+
+      const { authUser, success } = await this.verify_(
+        accessToken.token.id_token
+      )
+
+      const { successRedirectUrl } = this.getConfigFromScope()
+
+      return {
+        success,
+        authUser,
+        successRedirectUrl,
+      }
+    } catch (error) {
+      return { success: false, error: error.message }
+    }
+  }
+
+  private getConfigFromScope(): ProviderConfig {
+    const config: Partial<ProviderConfig> = { ...this.scopeConfig_ }
+
+    if (!config.clientID) {
+      throw new Error("Google clientID is required")
+    }
+
+    if (!config.clientSecret) {
+      throw new Error("Google clientSecret is required")
+    }
+
+    if (!config.callbackURL) {
+      throw new Error("Google callbackUrl is required")
+    }
+
+    return config as ProviderConfig
+  }
+
+  private originalURL(req: AuthenticationInput) {
+    const host = req.headers.host
+    const protocol = req.protocol
+    const path = req.url || ""
+
+    return protocol + "://" + host + path
+  }
+
+  private async getProviderConfig(
+    req: AuthenticationInput
+  ): Promise<ProviderConfig> {
+    const config = this.getConfigFromScope()
+
+    const callbackURL = config.callbackURL
+
+    const parsedCallbackUrl = !url.parse(callbackURL).protocol
+      ? url.resolve(this.originalURL(req), callbackURL)
+      : callbackURL
+
+    return { ...config, callbackURL: parsedCallbackUrl }
+  }
+
+  // Abstractable
+  private getRedirect({ clientID, callbackURL, clientSecret }: ProviderConfig) {
+    const client = this.getAuthorizationCodeHandler({ clientID, clientSecret })
+
+    const location = client.authorizeURL({
+      redirect_uri: callbackURL,
+      scope: "email profile",
+    })
+
+    return { success: true, location }
+  }
+
+  private getAuthorizationCodeHandler({
+    clientID,
+    clientSecret,
+  }: {
+    clientID: string
+    clientSecret: string
+  }) {
+    const config = {
+      client: {
+        id: clientID,
+        secret: clientSecret,
+      },
+      auth: {
+        // TODO: abstract to not be google specific
+        authorizeHost: "https://accounts.google.com",
+        authorizePath: "/o/oauth2/v2/auth",
+        tokenHost: "https://www.googleapis.com",
+        tokenPath: "/oauth2/v4/token",
+      },
+    }
+
+    return new AuthorizationCode(config)
+  }
+}
+
+export default GoogleProvider
--- a/packages/modules/auth/src/providers/index.ts
+++ b/packages/modules/auth/src/providers/index.ts
@@ -0,0 +1,2 @@
+export { default as EmailPasswordProvider } from "./email-password"
+export { default as GoogleProvider } from "./google"