accounts-frontend/packages/app/services/api/oauth.ts

/* eslint-disable @typescript-eslint/camelcase */
import { ApplicationType } from 'app/components/dev/apps';
import request from 'app/services/request';

export type Scope =
  | 'minecraft_server_session'
  | 'offline_access'
  | 'account_info'
  | 'account_email';

export type Client = {
  id: string;
  name: string;
  description: string;
};

export type OauthAppResponse = {
  clientId: string;
  clientSecret: string;
  type: ApplicationType;
  name: string;
  websiteUrl: string;
  createdAt: number;
  // fields for 'application' type
  countUsers?: number;
  description?: string;
  redirectUri?: string;
  // fields for 'minecraft-server' type
  minecraftServerIp?: string;
};

type OauthRequestData = {
  client_id: string;
  redirect_uri: string;
  response_type: string;
  description?: string;
  scope: string;
  prompt: string;
  login_hint?: string;
  state?: string;
};

export type OauthData = {
  clientId: string;
  redirectUrl: string;
  responseType: string;
  description?: string;
  scope: string;
  prompt: string; // comma separated list of 'none' | 'consent' | 'select_account';
  loginHint?: string;
  state?: string;
};

type FormPayloads = {
  name?: string;
  description?: string;
  websiteUrl?: string;
  redirectUri?: string;
  minecraftServerIp?: string;
};

const api = {
  validate(oauthData: OauthData) {
    return request
      .get<{
        session: {
          scopes: Scope[];
        };
        client: Client;
        oAuth: {};
      }>('/api/oauth2/v1/validate', getOAuthRequest(oauthData))
      .catch(handleOauthParamsValidation);
  },

  complete(
    oauthData: OauthData,
    params: { accept?: boolean } = {},
  ): Promise<{
    success: boolean;
    redirectUri: string;
  }> {
    const query = request.buildQuery(getOAuthRequest(oauthData));

    return request
      .post<{
        success: boolean;
        redirectUri: string;
      }>(
        `/api/oauth2/v1/complete?${query}`,
        typeof params.accept === 'undefined' ? {} : { accept: params.accept },
      )
      .catch((resp = {}) => {
        if (resp.statusCode === 401 && resp.error === 'access_denied') {
          // user declined permissions
          return {
            success: false,
            redirectUri: resp.redirectUri,
            originalResponse: resp.originalResponse,
          };
        }

        if (resp.status === 401 && resp.name === 'Unauthorized') {
          const error: { [key: string]: any } = new Error('Unauthorized');
          error.unauthorized = true;
          throw error;
        }

        if (resp.statusCode === 401 && resp.error === 'accept_required') {
          const error: { [key: string]: any } = new Error(
            'Permissions accept required',
          );
          error.acceptRequired = true;
          throw error;
        }

        return handleOauthParamsValidation(resp);
      });
  },

  create(type: string, formParams: FormPayloads) {
    return request.post<{ success: boolean; data: OauthAppResponse }>(
      `/api/v1/oauth2/${type}`,
      formParams,
    );
  },

  update(clientId: string, formParams: FormPayloads) {
    return request.put<{ success: boolean; data: OauthAppResponse }>(
      `/api/v1/oauth2/${clientId}`,
      formParams,
    );
  },

  getApp(clientId: string) {
    return request.get<OauthAppResponse>(`/api/v1/oauth2/${clientId}`);
  },

  getAppsByUser(userId: number): Promise<OauthAppResponse[]> {
    return request.get(`/api/v1/accounts/${userId}/oauth2/clients`);
  },

  reset(clientId: string, regenerateSecret: boolean = false) {
    return request.post<{ success: boolean; data: OauthAppResponse }>(
      `/api/v1/oauth2/${clientId}/reset${
        regenerateSecret ? '?regenerateSecret' : ''
      }`,
    );
  },

  delete(clientId: string) {
    return request.delete<{ success: boolean }>(`/api/v1/oauth2/${clientId}`);
  },
};

if ('Cypress' in window) {
  (window as any).oauthApi = api;
}

export default api;

/**
 * @param {object} oauthData
 * @param {string} oauthData.clientId
 * @param {string} oauthData.redirectUrl
 * @param {string} oauthData.responseType
 * @param {string} oauthData.description
 * @param {string} oauthData.scope
 * @param {string} oauthData.state
 *
 * @returns {object}
 */
function getOAuthRequest(oauthData: OauthData): OauthRequestData {
  return {
    client_id: oauthData.clientId,
    redirect_uri: oauthData.redirectUrl,
    response_type: oauthData.responseType,
    description: oauthData.description,
    scope: oauthData.scope,
    prompt: oauthData.prompt,
    login_hint: oauthData.loginHint,
    state: oauthData.state,
  };
}

function handleOauthParamsValidation(resp: { [key: string]: any } = {}) {
  if (resp.statusCode === 400 && resp.error === 'invalid_request') {
    resp.userMessage = `Invalid request (${resp.parameter} required).`;
  } else if (
    resp.statusCode === 400 &&
    resp.error === 'unsupported_response_type'
  ) {
    resp.userMessage = `Invalid response type '${resp.parameter}'.`;
  } else if (resp.statusCode === 400 && resp.error === 'invalid_scope') {
    resp.userMessage = `Invalid scope '${resp.parameter}'.`;
  } else if (resp.statusCode === 401 && resp.error === 'invalid_client') {
    resp.userMessage = 'Can not find application you are trying to authorize.';
  }

  return Promise.reject(resp);
}
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`/* eslint-disable @typescript-eslint/camelcase */`
Create app namespace for all absolute requires of app modules. Move all packages under packages yarn workspace 2019-12-08 00:32:00 +05:30			`import { ApplicationType } from 'app/components/dev/apps';`
			`import request from 'app/services/request';`
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30
Major deps updates: router, redux, intl, react-transition-group, flow-type, testing deps 2019-06-30 19:02:50 +05:30			`export type Scope =`
Add prettier and re-configure lint according to current best practises 2019-11-27 14:33:32 +05:30			`\| 'minecraft_server_session'`
			`\| 'offline_access'`
			`\| 'account_info'`
			`\| 'account_email';`
Major deps updates: router, redux, intl, react-transition-group, flow-type, testing deps 2019-06-30 19:02:50 +05:30
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`export type Client = {`
			`id: string;`
			`name: string;`
			`description: string;`
			`};`
Major deps updates: router, redux, intl, react-transition-group, flow-type, testing deps 2019-06-30 19:02:50 +05:30
Implemented UI for Accounts applications management. Introduced copy service and injected it usage into auth finish page. Introduced Collapse component. Introduced Radio component. Generalized Checkbox component to share Radio component styles. Improved Textarea component: it now has auto height functionality. Improved profile/BackButton component: now you can pass custom url. BSOD is no longer displayed on 404 response. 2018-03-26 00:46:45 +05:30			`export type OauthAppResponse = {`
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`clientId: string;`
			`clientSecret: string;`
			`type: ApplicationType;`
			`name: string;`
			`websiteUrl: string;`
			`createdAt: number;`
Add prettier and re-configure lint according to current best practises 2019-11-27 14:33:32 +05:30			`// fields for 'application' type`
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`countUsers?: number;`
			`description?: string;`
			`redirectUri?: string;`
Add prettier and re-configure lint according to current best practises 2019-11-27 14:33:32 +05:30			`// fields for 'minecraft-server' type`
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`minecraftServerIp?: string;`
Implemented UI for Accounts applications management. Introduced copy service and injected it usage into auth finish page. Introduced Collapse component. Introduced Radio component. Generalized Checkbox component to share Radio component styles. Improved Textarea component: it now has auto height functionality. Improved profile/BackButton component: now you can pass custom url. BSOD is no longer displayed on 404 response. 2018-03-26 00:46:45 +05:30			`};`

Fix some flow errors 2018-05-03 10:45:09 +05:30			`type OauthRequestData = {`
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`client_id: string;`
			`redirect_uri: string;`
			`response_type: string;`
Move App into shell dir. Decouple ContextProviders. Improved type coverage for reducers 2019-12-09 12:37:07 +05:30			`description?: string;`
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`scope: string;`
			`prompt: string;`
			`login_hint?: string;`
			`state?: string;`
Fix some flow errors 2018-05-03 10:45:09 +05:30			`};`

			`export type OauthData = {`
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`clientId: string;`
			`redirectUrl: string;`
			`responseType: string;`
Move App into shell dir. Decouple ContextProviders. Improved type coverage for reducers 2019-12-09 12:37:07 +05:30			`description?: string;`
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`scope: string;`
			`prompt: string; // comma separated list of 'none' \| 'consent' \| 'select_account';`
			`loginHint?: string;`
			`state?: string;`
Fix some flow errors 2018-05-03 10:45:09 +05:30			`};`

Implemented UI for Accounts applications management. Introduced copy service and injected it usage into auth finish page. Introduced Collapse component. Introduced Radio component. Generalized Checkbox component to share Radio component styles. Improved Textarea component: it now has auto height functionality. Improved profile/BackButton component: now you can pass custom url. BSOD is no longer displayed on 404 response. 2018-03-26 00:46:45 +05:30			`type FormPayloads = {`
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`name?: string;`
			`description?: string;`
			`websiteUrl?: string;`
			`redirectUri?: string;`
			`minecraftServerIp?: string;`
Implemented UI for Accounts applications management. Introduced copy service and injected it usage into auth finish page. Introduced Collapse component. Introduced Radio component. Generalized Checkbox component to share Radio component styles. Improved Textarea component: it now has auto height functionality. Improved profile/BackButton component: now you can pass custom url. BSOD is no longer displayed on 404 response. 2018-03-26 00:46:45 +05:30			`};`

Some minor fixes and e2e tests for creating of website app 2018-11-10 14:33:47 +05:30			`const api = {`
Add prettier and re-configure lint according to current best practises 2019-11-27 14:33:32 +05:30			`validate(oauthData: OauthData) {`
			`return request`
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`.get<{`
			`session: {`
			`scopes: Scope[];`
			`};`
			`client: Client;`
			`oAuth: {};`
			`}>('/api/oauth2/v1/validate', getOAuthRequest(oauthData))`
Add prettier and re-configure lint according to current best practises 2019-11-27 14:33:32 +05:30			`.catch(handleOauthParamsValidation);`
			`},`

			`complete(`
			`oauthData: OauthData,`
			`params: { accept?: boolean } = {},`
			`): Promise<{`
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`success: boolean;`
			`redirectUri: string;`
Add prettier and re-configure lint according to current best practises 2019-11-27 14:33:32 +05:30			`}> {`
			`const query = request.buildQuery(getOAuthRequest(oauthData));`

			`return request`
			`.post<{`
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`success: boolean;`
			`redirectUri: string;`
Add prettier and re-configure lint according to current best practises 2019-11-27 14:33:32 +05:30			`}>(`
			`/api/oauth2/v1/complete?${query}`,
			`typeof params.accept === 'undefined' ? {} : { accept: params.accept },`
			`)`
			`.catch((resp = {}) => {`
			`if (resp.statusCode === 401 && resp.error === 'access_denied') {`
			`// user declined permissions`
			`return {`
			`success: false,`
			`redirectUri: resp.redirectUri,`
			`originalResponse: resp.originalResponse,`
			`};`
			`}`

			`if (resp.status === 401 && resp.name === 'Unauthorized') {`
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`const error: { [key: string]: any } = new Error('Unauthorized');`
Add prettier and re-configure lint according to current best practises 2019-11-27 14:33:32 +05:30			`error.unauthorized = true;`
			`throw error;`
			`}`

			`if (resp.statusCode === 401 && resp.error === 'accept_required') {`
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`const error: { [key: string]: any } = new Error(`
			`'Permissions accept required',`
			`);`
Add prettier and re-configure lint according to current best practises 2019-11-27 14:33:32 +05:30			`error.acceptRequired = true;`
			`throw error;`
			`}`

			`return handleOauthParamsValidation(resp);`
			`});`
			`},`

			`create(type: string, formParams: FormPayloads) {`
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`return request.post<{ success: boolean; data: OauthAppResponse }>(`
Add prettier and re-configure lint according to current best practises 2019-11-27 14:33:32 +05:30			`/api/v1/oauth2/${type}`,
			`formParams,`
			`);`
			`},`

			`update(clientId: string, formParams: FormPayloads) {`
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`return request.put<{ success: boolean; data: OauthAppResponse }>(`
Add prettier and re-configure lint according to current best practises 2019-11-27 14:33:32 +05:30			`/api/v1/oauth2/${clientId}`,
			`formParams,`
			`);`
			`},`

			`getApp(clientId: string) {`
			return request.get<OauthAppResponse>(`/api/v1/oauth2/${clientId}`);
			`},`

			`getAppsByUser(userId: number): Promise<OauthAppResponse[]> {`
			return request.get(`/api/v1/accounts/${userId}/oauth2/clients`);
			`},`

			`reset(clientId: string, regenerateSecret: boolean = false) {`
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`return request.post<{ success: boolean; data: OauthAppResponse }>(`
Add prettier and re-configure lint according to current best practises 2019-11-27 14:33:32 +05:30			`/api/v1/oauth2/${clientId}/reset${
			`regenerateSecret ? '?regenerateSecret' : ''`
			}`,
			`);`
			`},`

			`delete(clientId: string) {`
			return request.delete<{ success: boolean }>(`/api/v1/oauth2/${clientId}`);
			`},`
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`};`
Some minor fixes and e2e tests for creating of website app 2018-11-10 14:33:47 +05:30
Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`if ('Cypress' in window) {`
			`(window as any).oauthApi = api;`
Some minor fixes and e2e tests for creating of website app 2018-11-10 14:33:47 +05:30			`}`

			`export default api;`

#195: add custom description support for oauth 2016-08-23 10:00:06 +05:30			`/**`
			`* @param {object} oauthData`
			`* @param {string} oauthData.clientId`
			`* @param {string} oauthData.redirectUrl`
			`* @param {string} oauthData.responseType`
			`* @param {string} oauthData.description`
			`* @param {string} oauthData.scope`
			`* @param {string} oauthData.state`
			`*`
Add prettier and re-configure lint according to current best practises 2019-11-27 14:33:32 +05:30			`* @returns {object}`
#195: add custom description support for oauth 2016-08-23 10:00:06 +05:30			`*/`
Fix some flow errors 2018-05-03 10:45:09 +05:30			`function getOAuthRequest(oauthData: OauthData): OauthRequestData {`
Add prettier and re-configure lint according to current best practises 2019-11-27 14:33:32 +05:30			`return {`
			`client_id: oauthData.clientId,`
			`redirect_uri: oauthData.redirectUrl,`
			`response_type: oauthData.responseType,`
			`description: oauthData.description,`
			`scope: oauthData.scope,`
			`prompt: oauthData.prompt,`
			`login_hint: oauthData.loginHint,`
			`state: oauthData.state,`
			`};`
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`}`

Migrate from flow to typescript 2019-12-07 16:58:52 +05:30			`function handleOauthParamsValidation(resp: { [key: string]: any } = {}) {`
Add prettier and re-configure lint according to current best practises 2019-11-27 14:33:32 +05:30			`if (resp.statusCode === 400 && resp.error === 'invalid_request') {`
			resp.userMessage = `Invalid request (${resp.parameter} required).`;
			`} else if (`
			`resp.statusCode === 400 &&`
			`resp.error === 'unsupported_response_type'`
			`) {`
			resp.userMessage = `Invalid response type '${resp.parameter}'.`;
			`} else if (resp.statusCode === 400 && resp.error === 'invalid_scope') {`
			resp.userMessage = `Invalid scope '${resp.parameter}'.`;
			`} else if (resp.statusCode === 401 && resp.error === 'invalid_client') {`
			`resp.userMessage = 'Can not find application you are trying to authorize.';`
			`}`

			`return Promise.reject(resp);`
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`}`