accounts-frontend/src/services/api/oauth.js

// @flow
/* eslint camelcase: off */
import request from 'services/request';

export type OauthAppResponse = {
    clientId: string,
    clientSecret: string,
    type: string,
    name: string,
    websiteUrl: string,
    createdAt: number,
    // fields for 'application' type
    countUsers?: number,
    description?: string,
    redirectUri?: string,
    // fields for 'minecraft-server' type
    minecraftServerIp?: string,
};

type FormPayloads = {
    name?: string,
    description?: string,
    websiteUrl?: string,
    redirectUri?: string,
    minecraftServerIp?: string,
};

export default {
    validate(oauthData: Object) {
        return request.get(
            '/api/oauth2/v1/validate',
            getOAuthRequest(oauthData)
        ).catch(handleOauthParamsValidation);
    },

    complete(oauthData: Object, params: Object = {}) {
        const query = request.buildQuery(getOAuthRequest(oauthData));

        return request.post(
            `/api/oauth2/v1/complete?${query}`,
            typeof params.accept === 'undefined' ? {} : {accept: params.accept}
        ).catch((resp = {}) => {
            if (resp.statusCode === 401 && resp.error === 'access_denied') {
                // user declined permissions
                return {
                    success: false,
                    redirectUri: resp.redirectUri
                };
            }

            if (resp.status === 401 && resp.name === 'Unauthorized') {
                const error: Object = new Error('Unauthorized');
                error.unauthorized = true;
                throw error;
            }

            if (resp.statusCode === 401 && resp.error === 'accept_required') {
                const error: Object = new Error('Permissions accept required');
                error.acceptRequired = true;
                throw error;
            }

            return handleOauthParamsValidation(resp);
        });
    },

    create(type: string, formParams: FormPayloads): Promise<{success: bool, data: OauthAppResponse}> {
        return request.post(`/api/v1/oauth2/${type}`, formParams);
    },

    update(clientId: string, formParams: FormPayloads): Promise<{success: bool, data: OauthAppResponse}> {
        return request.put(`/api/v1/oauth2/${clientId}`, formParams);
    },

    getApp(clientId: string): Promise<OauthAppResponse> {
        return request.get(`/api/v1/oauth2/${clientId}`);
    },

    getAppsByUser(userId: number): Promise<Array<OauthAppResponse>> {
        return request.get(`/api/v1/accounts/${userId}/oauth2/clients`);
    },

    reset(clientId: string, regenerateSecret: bool = false): Promise<{success: bool, data: OauthAppResponse}> {
        return request.post(`/api/v1/oauth2/${clientId}/reset${regenerateSecret ? '?regenerateSecret' : ''}`);
    },

    delete(clientId: string): Promise<{success: bool}> {
        return request.delete(`/api/v1/oauth2/${clientId}`);
    },
};
/**
 * @param {object} oauthData
 * @param {string} oauthData.clientId
 * @param {string} oauthData.redirectUrl
 * @param {string} oauthData.responseType
 * @param {string} oauthData.description
 * @param {string} oauthData.scope
 * @param {string} oauthData.state
 *
 * @return {object}
 */
function getOAuthRequest(oauthData) {
    return {
        client_id: oauthData.clientId,
        redirect_uri: oauthData.redirectUrl,
        response_type: oauthData.responseType,
        description: oauthData.description,
        scope: oauthData.scope,
        prompt: oauthData.prompt,
        login_hint: oauthData.loginHint,
        state: oauthData.state
    };
}

function handleOauthParamsValidation(resp = {}) {
    if (resp.statusCode === 400 && resp.error === 'invalid_request') {
        resp.userMessage = `Invalid request (${resp.parameter} required).`;
    } else if (resp.statusCode === 400 && resp.error === 'unsupported_response_type') {
        resp.userMessage = `Invalid response type '${resp.parameter}'.`;
    } else if (resp.statusCode === 400 && resp.error === 'invalid_scope') {
        resp.userMessage = `Invalid scope '${resp.parameter}'.`;
    } else if (resp.statusCode === 401 && resp.error === 'invalid_client') {
        resp.userMessage = 'Can not find application you are trying to authorize.';
    }

    return Promise.reject(resp);
}
Implemented UI for Accounts applications management. Introduced copy service and injected it usage into auth finish page. Introduced Collapse component. Introduced Radio component. Generalized Checkbox component to share Radio component styles. Improved Textarea component: it now has auto height functionality. Improved profile/BackButton component: now you can pass custom url. BSOD is no longer displayed on 404 response. 2018-03-26 00:46:45 +05:30			`// @flow`
#85: fix linting errors and setup eslint to support source related test files 2017-06-08 00:10:44 +05:30			`/* eslint camelcase: off */`
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`import request from 'services/request';`

Implemented UI for Accounts applications management. Introduced copy service and injected it usage into auth finish page. Introduced Collapse component. Introduced Radio component. Generalized Checkbox component to share Radio component styles. Improved Textarea component: it now has auto height functionality. Improved profile/BackButton component: now you can pass custom url. BSOD is no longer displayed on 404 response. 2018-03-26 00:46:45 +05:30			`export type OauthAppResponse = {`
			`clientId: string,`
			`clientSecret: string,`
			`type: string,`
			`name: string,`
			`websiteUrl: string,`
			`createdAt: number,`
			`// fields for 'application' type`
			`countUsers?: number,`
			`description?: string,`
			`redirectUri?: string,`
			`// fields for 'minecraft-server' type`
			`minecraftServerIp?: string,`
			`};`

			`type FormPayloads = {`
			`name?: string,`
			`description?: string,`
			`websiteUrl?: string,`
			`redirectUri?: string,`
			`minecraftServerIp?: string,`
			`};`

Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`export default {`
Implemented UI for Accounts applications management. Introduced copy service and injected it usage into auth finish page. Introduced Collapse component. Introduced Radio component. Generalized Checkbox component to share Radio component styles. Improved Textarea component: it now has auto height functionality. Improved profile/BackButton component: now you can pass custom url. BSOD is no longer displayed on 404 response. 2018-03-26 00:46:45 +05:30			`validate(oauthData: Object) {`
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`return request.get(`
#21: support /oauth2/v1 on frontend 2016-07-28 01:15:50 +05:30			`'/api/oauth2/v1/validate',`
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`getOAuthRequest(oauthData)`
			`).catch(handleOauthParamsValidation);`
			`},`

Implemented UI for Accounts applications management. Introduced copy service and injected it usage into auth finish page. Introduced Collapse component. Introduced Radio component. Generalized Checkbox component to share Radio component styles. Improved Textarea component: it now has auto height functionality. Improved profile/BackButton component: now you can pass custom url. BSOD is no longer displayed on 404 response. 2018-03-26 00:46:45 +05:30			`complete(oauthData: Object, params: Object = {}) {`
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`const query = request.buildQuery(getOAuthRequest(oauthData));`

			`return request.post(`
#21: support /oauth2/v1 on frontend 2016-07-28 01:15:50 +05:30			`/api/oauth2/v1/complete?${query}`,
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`typeof params.accept === 'undefined' ? {} : {accept: params.accept}`
			`).catch((resp = {}) => {`
			`if (resp.statusCode === 401 && resp.error === 'access_denied') {`
			`// user declined permissions`
			`return {`
			`success: false,`
			`redirectUri: resp.redirectUri`
			`};`
			`}`

			`if (resp.status === 401 && resp.name === 'Unauthorized') {`
Implemented UI for Accounts applications management. Introduced copy service and injected it usage into auth finish page. Introduced Collapse component. Introduced Radio component. Generalized Checkbox component to share Radio component styles. Improved Textarea component: it now has auto height functionality. Improved profile/BackButton component: now you can pass custom url. BSOD is no longer displayed on 404 response. 2018-03-26 00:46:45 +05:30			`const error: Object = new Error('Unauthorized');`
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`error.unauthorized = true;`
			`throw error;`
			`}`

			`if (resp.statusCode === 401 && resp.error === 'accept_required') {`
Implemented UI for Accounts applications management. Introduced copy service and injected it usage into auth finish page. Introduced Collapse component. Introduced Radio component. Generalized Checkbox component to share Radio component styles. Improved Textarea component: it now has auto height functionality. Improved profile/BackButton component: now you can pass custom url. BSOD is no longer displayed on 404 response. 2018-03-26 00:46:45 +05:30			`const error: Object = new Error('Permissions accept required');`
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`error.acceptRequired = true;`
			`throw error;`
			`}`

			`return handleOauthParamsValidation(resp);`
			`});`
Implemented UI for Accounts applications management. Introduced copy service and injected it usage into auth finish page. Introduced Collapse component. Introduced Radio component. Generalized Checkbox component to share Radio component styles. Improved Textarea component: it now has auto height functionality. Improved profile/BackButton component: now you can pass custom url. BSOD is no longer displayed on 404 response. 2018-03-26 00:46:45 +05:30			`},`

			`create(type: string, formParams: FormPayloads): Promise<{success: bool, data: OauthAppResponse}> {`
			return request.post(`/api/v1/oauth2/${type}`, formParams);
			`},`

			`update(clientId: string, formParams: FormPayloads): Promise<{success: bool, data: OauthAppResponse}> {`
			return request.put(`/api/v1/oauth2/${clientId}`, formParams);
			`},`

			`getApp(clientId: string): Promise<OauthAppResponse> {`
			return request.get(`/api/v1/oauth2/${clientId}`);
			`},`

			`getAppsByUser(userId: number): Promise<Array<OauthAppResponse>> {`
			return request.get(`/api/v1/accounts/${userId}/oauth2/clients`);
			`},`

			`reset(clientId: string, regenerateSecret: bool = false): Promise<{success: bool, data: OauthAppResponse}> {`
			return request.post(`/api/v1/oauth2/${clientId}/reset${regenerateSecret ? '?regenerateSecret' : ''}`);
			`},`

			`delete(clientId: string): Promise<{success: bool}> {`
			return request.delete(`/api/v1/oauth2/${clientId}`);
			`},`
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`};`
#195: add custom description support for oauth 2016-08-23 10:00:06 +05:30			`/**`
			`* @param {object} oauthData`
			`* @param {string} oauthData.clientId`
			`* @param {string} oauthData.redirectUrl`
			`* @param {string} oauthData.responseType`
			`* @param {string} oauthData.description`
			`* @param {string} oauthData.scope`
			`* @param {string} oauthData.state`
			`*`
			`* @return {object}`
			`*/`
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`function getOAuthRequest(oauthData) {`
			`return {`
			`client_id: oauthData.clientId,`
			`redirect_uri: oauthData.redirectUrl,`
			`response_type: oauthData.responseType,`
#195: add custom description support for oauth 2016-08-23 10:00:06 +05:30			`description: oauthData.description,`
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`scope: oauthData.scope,`
#48: add support for prompt and login_hint oauth params 2016-11-19 20:11:15 +05:30			`prompt: oauthData.prompt,`
			`login_hint: oauthData.loginHint,`
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`state: oauthData.state`
			`};`
			`}`

			`function handleOauthParamsValidation(resp = {}) {`
			`if (resp.statusCode === 400 && resp.error === 'invalid_request') {`
Display bsod for failed oauth requests 2016-08-07 20:20:00 +05:30			resp.userMessage = `Invalid request (${resp.parameter} required).`;
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`} else if (resp.statusCode === 400 && resp.error === 'unsupported_response_type') {`
Display bsod for failed oauth requests 2016-08-07 20:20:00 +05:30			resp.userMessage = `Invalid response type '${resp.parameter}'.`;
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`} else if (resp.statusCode === 400 && resp.error === 'invalid_scope') {`
Display bsod for failed oauth requests 2016-08-07 20:20:00 +05:30			resp.userMessage = `Invalid scope '${resp.parameter}'.`;
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`} else if (resp.statusCode === 401 && resp.error === 'invalid_client') {`
Display bsod for failed oauth requests 2016-08-07 20:20:00 +05:30			`resp.userMessage = 'Can not find application you are trying to authorize.';`
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`}`

Display bsod for failed oauth requests 2016-08-07 20:20:00 +05:30			`return Promise.reject(resp);`
Decouple oauth api calls into separate module. Simple tests for oauth actions 2016-07-27 23:57:21 +05:30			`}`