Revamp the authentication setup (#7419)

* feat: Add email pass authentication provider package * feat: Revamp auth module and remove concept of scope * feat: Revamp the auth module to be more standardized in how providers are loaded * feat: Switch from scope to actor type for authentication * feat: Add support for per-actor auth methods * feat: Add emailpass auth provider by default * fix: Add back app_metadata in auth module
2024-05-23 20:56:40 +02:00
parent 7b0cfe3b77
commit 8a070d5d85
100 changed files with 991 additions and 1005 deletions
--- a/packages/modules/auth/src/services/auth-identity.ts
+++ b/packages/modules/auth/src/services/auth-identity.ts
@@ -1,65 +0,0 @@
-import {
-  AuthTypes,
-  Context,
-  DAL,
-  FindConfig,
-  RepositoryService,
-} from "@medusajs/types"
-import {
-  InjectManager,
-  MedusaContext,
-  MedusaError,
-  ModulesSdkUtils,
-} from "@medusajs/utils"
-import { AuthIdentity } from "@models"
-
-type InjectedDependencies = {
-  baseRepository: DAL.RepositoryService
-  authIdentityRepository: DAL.RepositoryService
-}
-
-export default class AuthIdentityService<
-  TEntity extends AuthIdentity = AuthIdentity
-> extends ModulesSdkUtils.internalModuleServiceFactory<InjectedDependencies>(
-  AuthIdentity
-)<TEntity> {
-  protected readonly authIdentityRepository_: RepositoryService<TEntity>
-  protected baseRepository_: DAL.RepositoryService
-
-  constructor(container: InjectedDependencies) {
-    // @ts-ignore
-    super(...arguments)
-    this.authIdentityRepository_ = container.authIdentityRepository
-    this.baseRepository_ = container.baseRepository
-  }
-
-  @InjectManager("authIdentityRepository_")
-  async retrieveByProviderAndEntityId<
-    TEntityMethod = AuthTypes.AuthIdentityDTO
-  >(
-    entityId: string,
-    provider: string,
-    config: FindConfig<TEntityMethod> = {},
-    @MedusaContext() sharedContext: Context = {}
-  ): Promise<AuthTypes.AuthIdentityDTO> {
-    const queryConfig = ModulesSdkUtils.buildQuery<TEntity>(
-      { entity_id: entityId, provider },
-      { ...config, take: 1 }
-    )
-    const [result] = await this.authIdentityRepository_.find(
-      queryConfig,
-      sharedContext
-    )
-
-    if (!result) {
-      throw new MedusaError(
-        MedusaError.Types.NOT_FOUND,
-        `AuthIdentity with entity_id: "${entityId}" and provider: "${provider}" not found`
-      )
-    }
-
-    return await this.baseRepository_.serialize<AuthTypes.AuthIdentityDTO>(
-      result
-    )
-  }
-}
--- a/packages/modules/auth/src/services/auth-module.ts
+++ b/packages/modules/auth/src/services/auth-module.ts
@@ -1,6 +1,7 @@
 import {
  AuthenticationInput,
  AuthenticationResponse,
+  AuthIdentityProviderService,
  AuthTypes,
  Context,
  DAL,
@@ -14,16 +15,17 @@ import { AuthIdentity } from "@models"
 import { entityNameToLinkableKeysMap, joinerConfig } from "../joiner-config"

 import {
-  AbstractAuthModuleProvider,
  InjectManager,
  MedusaContext,
  MedusaError,
  ModulesSdkUtils,
 } from "@medusajs/utils"
+import AuthProviderService from "./auth-provider"

 type InjectedDependencies = {
  baseRepository: DAL.RepositoryService
  authIdentityService: ModulesSdkTypes.InternalModuleService<any>
+  authProviderService: AuthProviderService
 }

 const generateMethodForModels = [AuthIdentity]
@@ -42,9 +44,14 @@ export default class AuthModuleService<
 {
  protected baseRepository_: DAL.RepositoryService
  protected authIdentityService_: ModulesSdkTypes.InternalModuleService<TAuthIdentity>
+  protected readonly authProviderService_: AuthProviderService

  constructor(
-    { authIdentityService, baseRepository }: InjectedDependencies,
+    {
+      authIdentityService,
+      authProviderService,
+      baseRepository,
+    }: InjectedDependencies,
    protected readonly moduleDeclaration: InternalModuleDeclaration
  ) {
    // @ts-ignore
@@ -52,6 +59,7 @@ export default class AuthModuleService<

    this.baseRepository_ = baseRepository
    this.authIdentityService_ = authIdentityService
+    this.authProviderService_ = authProviderService
  }

  __joinerConfig(): ModuleJoinerConfig {
@@ -116,34 +124,16 @@ export default class AuthModuleService<
    return Array.isArray(data) ? serializedUsers : serializedUsers[0]
  }

-  protected getRegisteredAuthenticationProvider(
-    provider: string,
-    { authScope }: AuthenticationInput
-  ): AbstractAuthModuleProvider {
-    let containerProvider: AbstractAuthModuleProvider
-    try {
-      containerProvider = this.__container__[`auth_provider_${provider}`]
-    } catch (error) {
-      throw new MedusaError(
-        MedusaError.Types.NOT_FOUND,
-        `AuthenticationProvider: ${provider} wasn't registered in the module. Have you configured your options correctly?`
-      )
-    }
-
-    return containerProvider.withScope(authScope)
-  }
-
  async authenticate(
    provider: string,
    authenticationData: AuthenticationInput
  ): Promise<AuthenticationResponse> {
    try {
-      const registeredProvider = this.getRegisteredAuthenticationProvider(
+      return await this.authProviderService_.authenticate(
        provider,
-        authenticationData
+        authenticationData,
+        this.getAuthIdentityProviderService()
      )
-
-      return await registeredProvider.authenticate(authenticationData)
    } catch (error) {
      return { success: false, error: error.message }
    }
@@ -154,14 +144,49 @@ export default class AuthModuleService<
    authenticationData: AuthenticationInput
  ): Promise<AuthenticationResponse> {
    try {
-      const registeredProvider = this.getRegisteredAuthenticationProvider(
+      return await this.authProviderService_.validateCallback(
        provider,
-        authenticationData
+        authenticationData,
+        this.getAuthIdentityProviderService()
      )
-
-      return await registeredProvider.validateCallback(authenticationData)
    } catch (error) {
      return { success: false, error: error.message }
    }
  }
+
+  getAuthIdentityProviderService(): AuthIdentityProviderService {
+    return {
+      retrieve: async ({ entity_id, provider }) => {
+        const authIdentities = await this.authIdentityService_.list({
+          entity_id,
+          provider,
+        })
+
+        if (!authIdentities.length) {
+          throw new MedusaError(
+            MedusaError.Types.NOT_FOUND,
+            `AuthIdentity with entity_id "${entity_id}" not found`
+          )
+        }
+
+        if (authIdentities.length > 1) {
+          throw new MedusaError(
+            MedusaError.Types.INVALID_DATA,
+            `Multiple authIdentities found for entity_id "${entity_id}"`
+          )
+        }
+
+        return await this.baseRepository_.serialize<AuthTypes.AuthIdentityDTO>(
+          authIdentities[0]
+        )
+      },
+      create: async (data: AuthTypes.CreateAuthIdentityDTO) => {
+        const createdAuthIdentity = await this.authIdentityService_.create(data)
+
+        return await this.baseRepository_.serialize<AuthTypes.AuthIdentityDTO>(
+          createdAuthIdentity
+        )
+      },
+    }
+  }
 }
--- a/packages/modules/auth/src/services/auth-provider.ts
+++ b/packages/modules/auth/src/services/auth-provider.ts
@@ -0,0 +1,56 @@
+import {
+  AuthTypes,
+  AuthenticationInput,
+  AuthIdentityProviderService,
+  AuthenticationResponse,
+} from "@medusajs/types"
+import { MedusaError } from "medusa-core-utils"
+import { AuthProviderRegistrationPrefix } from "@types"
+
+type InjectedDependencies = {
+  [
+    key: `${typeof AuthProviderRegistrationPrefix}${string}`
+  ]: AuthTypes.IAuthProvider
+}
+
+export default class AuthProviderService {
+  protected dependencies: InjectedDependencies
+
+  constructor(container: InjectedDependencies) {
+    this.dependencies = container
+  }
+
+  protected retrieveProviderRegistration(
+    providerId: string
+  ): AuthTypes.IAuthProvider {
+    try {
+      return this.dependencies[`${AuthProviderRegistrationPrefix}${providerId}`]
+    } catch (err) {
+      throw new MedusaError(
+        MedusaError.Types.NOT_FOUND,
+        `Could not find a auth provider with id: ${providerId}`
+      )
+    }
+  }
+
+  async authenticate(
+    provider: string,
+    auth: AuthenticationInput,
+    authIdentityProviderService: AuthIdentityProviderService
+  ): Promise<AuthenticationResponse> {
+    const providerHandler = this.retrieveProviderRegistration(provider)
+    return await providerHandler.authenticate(auth, authIdentityProviderService)
+  }
+
+  async validateCallback(
+    provider: string,
+    auth: AuthenticationInput,
+    authIdentityProviderService: AuthIdentityProviderService
+  ): Promise<AuthenticationResponse> {
+    const providerHandler = this.retrieveProviderRegistration(provider)
+    return await providerHandler.validateCallback(
+      auth,
+      authIdentityProviderService
+    )
+  }
+}
--- a/packages/modules/auth/src/services/index.ts
+++ b/packages/modules/auth/src/services/index.ts
@@ -1,2 +1,2 @@
 export { default as AuthModuleService } from "./auth-module"
-export { default as AuthIdentityService } from "./auth-identity"
+export { default as AuthProviderService } from "./auth-provider"