begin scaffolding for lerna

This commit is contained in:
Shawn Erquhart
2018-07-03 15:47:15 -04:00
parent 26f7c38a9f
commit 768fcbaa1d
320 changed files with 50292 additions and 464 deletions

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,27 @@
{
"name": "netlify-cms-lib-auth",
"description": "Shared authentication functionality for Netlify CMS.",
"version": "2.0.0-alpha.0",
"license": "MIT",
"main": "src/index.js",
"files": [
"src/",
"dist/"
],
"keywords": [
"netlify-cms"
],
"scripts": {
"build": "parcel build src --out-dir ."
},
"dependencies": {
"immutable": "^3.7.6",
"lodash": "^4.13.1",
"uuid": "^3.1.0"
},
"devDependencies": {
"babel-cli": "^6.26.0",
"babel-core": "^6.26.3",
"parcel-bundler": "^1.9.4"
}
}

View File

@ -0,0 +1,75 @@
import { Map } from 'immutable';
import trim from 'lodash/trim';
import trimEnd from 'lodash/trimEnd';
import uuid from 'uuid/v4';
function createNonce() {
const nonce = uuid();
window.sessionStorage.setItem("netlify-cms-auth", JSON.stringify({ nonce }));
return nonce;
}
function validateNonce(check) {
const auth = window.sessionStorage.getItem("netlify-cms-auth");
const valid = auth && JSON.parse(auth).nonce;
window.localStorage.removeItem("netlify-cms-auth");
return (check === valid);
}
export default class ImplicitAuthenticator {
constructor(config = {}) {
const baseURL = trimEnd(config.base_url, '/');
const authEndpoint = trim(config.auth_endpoint, '/');
this.auth_url = `${ baseURL }/${ authEndpoint }`;
this.appID = config.app_id;
this.clearHash = config.clearHash;
}
authenticate(options, cb) {
if (
document.location.protocol !== "https:"
// TODO: Is insecure localhost a bad idea as well? I don't think it is, since you are not actually
// sending the token over the internet in this case, assuming the auth URL is secure.
&& (document.location.hostname !== "localhost" && document.location.hostname !== "127.0.0.1")
) {
return cb(new Error("Cannot authenticate over insecure protocol!"));
}
const authURL = new URL(this.auth_url);
authURL.searchParams.set('client_id', this.appID);
authURL.searchParams.set('redirect_uri', document.location.origin + document.location.pathname);
authURL.searchParams.set('response_type', 'token');
authURL.searchParams.set('scope', options.scope);
authURL.searchParams.set('state', createNonce());
document.location.assign(authURL.href);
}
/**
* Complete authentication if we were redirected back to from the provider.
*/
completeAuth(cb) {
const hashParams = new URLSearchParams(document.location.hash.replace(/^#?\/?/, ''));
if (!hashParams.has("access_token") && !hashParams.has("error")) {
return;
}
// Remove tokens from hash so that token does not remain in browser history.
this.clearHash();
const params = Map(hashParams.entries());
const validNonce = validateNonce(params.get('state'));
if (!validNonce) {
return cb(new Error("Invalid nonce"));
}
if (params.has('error')) {
return cb(new Error(`${ params.get('error') }: ${ params.get('error_description') }`));
}
if (params.has('access_token')) {
const { access_token: token, ...data } = params.toJS();
cb(null, { token, ...data });
}
}
}

View File

@ -0,0 +1,4 @@
import implicitOauth from './implicit-oauth';
import netlifyAuth from './netlify-auth';
export { implicitOauth, netlifyAuth };

View File

@ -0,0 +1,151 @@
import trim from 'lodash/trim';
import trimEnd from 'lodash/trim';
const NETLIFY_API = 'https://api.netlify.com';
const AUTH_ENDPOINT = 'auth';
class NetlifyError {
constructor(err) {
this.err = err;
}
toString() {
return this.err && this.err.message;
}
}
const PROVIDERS = {
github: {
width: 960,
height: 600
},
gitlab: {
width: 960,
height: 600
},
bitbucket: {
width: 960,
height: 500
},
email: {
width: 500,
height: 400
}
};
class Authenticator {
constructor(config = {}) {
this.site_id = config.site_id || null;
this.base_url = trimEnd(config.base_url, '/') || NETLIFY_API;
this.auth_endpoint = trim(config.auth_endpoint, '/') || AUTH_ENDPOINT;
}
handshakeCallback(options, cb) {
const fn = (e) => {
if (e.data === ('authorizing:' + options.provider) && e.origin === this.base_url) {
window.removeEventListener('message', fn, false);
window.addEventListener('message', this.authorizeCallback(options, cb), false);
return this.authWindow.postMessage(e.data, e.origin);
}
};
return fn;
}
authorizeCallback(options, cb) {
const fn = (e) => {
if (e.origin !== this.base_url) { return; }
if (e.data.indexOf('authorization:' + options.provider + ':success:') === 0) {
const data = JSON.parse(e.data.match(new RegExp('^authorization:' + options.provider + ':success:(.+)$'))[1]);
window.removeEventListener('message', fn, false);
this.authWindow.close();
cb(null, data);
}
if (e.data.indexOf('authorization:' + options.provider + ':error:') === 0) {
console.log('Got authorization error');
const err = JSON.parse(e.data.match(new RegExp('^authorization:' + options.provider + ':error:(.+)$'))[1]);
window.removeEventListener('message', fn, false);
this.authWindow.close();
cb(new NetlifyError(err));
}
};
return fn;
}
getSiteID() {
if (this.site_id) {
return this.site_id;
}
const host = document.location.host.split(':')[0];
return host === 'localhost' ? 'cms.netlify.com' : host;
}
authenticate(options, cb) {
const { provider } = options;
const siteID = this.getSiteID();
if (!provider) {
return cb(new NetlifyError({
message: 'You must specify a provider when calling netlify.authenticate',
}));
}
if (!siteID) {
return cb(new NetlifyError({
message: 'You must set a site_id with netlify.configure({site_id: \'your-site-id\'}) to make authentication work from localhost',
}));
}
const conf = PROVIDERS[provider] || PROVIDERS.github;
const left = (screen.width / 2) - (conf.width / 2);
const top = (screen.height / 2) - (conf.height / 2);
window.addEventListener('message', this.handshakeCallback(options, cb), false);
let url = `${ this.base_url }/${ this.auth_endpoint }?provider=${ options.provider }&site_id=${ siteID }`;
if (options.scope) {
url += '&scope=' + options.scope;
}
if (options.login === true) {
url += '&login=true';
}
if (options.beta_invite) {
url += '&beta_invite=' + options.beta_invite;
}
if (options.invite_code) {
url += '&invite_code=' + options.invite_code;
}
this.authWindow = window.open(
url,
'Netlify Authorization',
'toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=no, resizable=no, copyhistory=no, ' +
('width=' + conf.width + ', height=' + conf.height + ', top=' + top + ', left=' + left + ');')
);
this.authWindow.focus();
}
refresh(options, cb) {
const { provider, refresh_token } = options;
const siteID = this.getSiteID();
const onError = cb || Promise.reject.bind(Promise);
if (!provider || !refresh_token) {
return onError(new NetlifyError({
message: 'You must specify a provider and refresh token when calling netlify.refresh',
}));
}
if (!siteID) {
return onError(new NetlifyError({
message: 'You must set a site_id with netlify.configure({site_id: \'your-site-id\'}) to make token refresh work from localhost',
}));
}
const url = `${ this.base_url }/${ this.auth_endpoint }/refresh?provider=${ provider }&site_id=${ siteID }&refresh_token=${ refresh_token }`;
const refreshPromise = fetch(url, { method: "POST", body: "" }).then(res => res.json());
// Return a promise if a callback wasn't provided
if (!cb) {
return refreshPromise;
}
// Otherwise, use the provided callback.
refreshPromise.then(data => cb(null, data)).catch(cb);
}
}
export default Authenticator;